Your InfoStructure magazine
No. 1/03
SIS Systems AG
TURNING OLD INTO NEW Virus attack
HOW TO CONTROL THE DATA TRAFFIC Gartner Group
CREATE A NEW IT STRATEGY!
BUSINESS RESTORE Make the best of what you already have
1
annons legato
2
THERE IS NOTHING IN THE IT INDUSTRY
that is as certain as that the amounts
“
Information – that has created
information will increase very rapidly, at the same time as security requirements
the knowledge capital and the
mount. Having continuous access to the information is mission-critical for most
intellectual property – will in the future
businesses and can in many cases be altogether crucial for results and survival.
be the foremost asset in all types of
ProAct’s aggregate competence, methods and products are adapted specifically for
business. Companies and organizations
this challenge and it is our type of specialist role that is increasingly in demand today
that are able to handle their
as IT use increases in society.
Editorial
information will be the winners of the
Business in every industry generates and requires
information age.”
increasing amounts of information. Access to the right
information at the right time is crucial to the success of business. ProAct has coined the term InfoStructure to describe the infrastructure used to handle this information. Different companies have different needs depending on the nature of their business. What the customers need is support and security in their InfoStructure. It is a strength to be able to offer services and integrated solutions that include both data storage and security in customer network environments. We now have more than 1,000 active corporate customers and many of them have several systems installations, services as well as products. We will also in the future have a very focused specialist role where competence is at the forefront, or as it was once expressed by someone at a technical department: “We want to be the best at what we know and not be involved with what we don’t know.” Henrik Holm, Group CEO ProAct IT Group
Ericsson creates stable solutions for restore of backups.
Contents Major restructuring at SIS Systems AG in Olten
4–5
Virus protection
6–8
New recovery solution for Veritas
9
Fast return of cash at Ericsson Intelligent networking
11–13 15
Gartner Group: An Alternative Approach to Creating an IT Strategy
17–20
Tailor made training at ProAct Local pages
21 22–23
Cronicle
24
4 Page
Turning Old into New is the motto when SIS Systems AG makes major restructuring.
ProAct is a specialist and independent integrator with know-how, methods and products in the field of infrastructure for securing mission-critical information. The company, which is active in Denmark, Finland, Norway, Sweden and Switzerland, focuses on large and medium-sized companies and organisations in need of secure and efficient handling of mission-critical information. Business is conducted in Copenhagen, Aarhus, Helsinki, Uleåborg, Oslo, Bergen, Hamar, Stavanger, Trondheim, Stockholm, Gothenburg, Linköping, Lund, Sundsvall and Zurich with a staff of around 320, most of whom are technically oriented. What sets ProAct apart is the technical expertise and competence of its personnel.
11 Page
Circulation: 11 000. Publisher: Per Ernedal Editor: Hanna Köllerström, +46-8-410 666 25. Repro/Print: Mediett. Photo cover: Bengt Alm Produced by: www.pladera.com TO ADVERTISE in Proactuellt is, as you can see, perfectly possible. Please contact Hanna Köllerström, +46-8-410 666 25. hanna.kollerstrom@proact.se
ProAct IT Group AB is listed on the O-list of Stockholmsbörsen (the Stockholm Stock
IF YOU WANT TO CONTACT PROACT:
Exchange).
+46-8-410 666 00 3
Shareholders' ledgers, security deposits and settlements are secured by Reto Rickenbach, SIS Systems AG in Olten.
NO MORE BLANK SCREENS, EVER! Major restructuring at SIS Systems AG in Olten, Switzerland: Turning Old into New is the motto of Reto Rickenbach, Business Unit Manager Client and Server Systems. In collaboration with several partner firms the entire IT infrastructure has been updated to meet the latest requirements. SIS picked ProAct Datasystems AG as its partner in implementing a SAN storage solution. switzerland
S
IS Systems AG is a subsidiary of the SIS Group, which provides securities-related services such as shareholders’ ledgers, security deposits and settlements. SIS Systems AG is responsible for the entire information infrastructure in the locations at Olten, Oerlikon and Zürich, Switzerland. From PCs and telephone systems to postal services and the Internet, SIS Systems ensures flawless processing of the daily torrent of data for some 700 employees, 1000 PCs and 110 servers. A big responsibility for Business Unit Manager Reto Rickenbach: “You can’t imagine what blank screens would mean around here. Business would be dead. Nothing would work anymore. It’s our job to prevent that.” And now the job also includes the current restructuring, subdivided into six concurrent subprojects – without interfering with daily business. The mission was clearly defined: The entire storage structure 4
must be centralized in Olten, rather than distributed among the three locations as in the past. And the security and reliability requirements were specified just as clearly: access security and failsafe reliability, both indispensable for banks. To ensure all of these, two completely redundant storage subsystems were installed in two buildings that face each other. Intelligent, redundant dual pathing
Both systems are 100% productive. All services are installed on clusters that are likewise divided between the two buildings. And the individual cluster nodes are of course interconnected by intelligent, redundant dual pathing that even supports load sharing. “We’re not going to have a problem unless both buildings turn into rubble,” asserts Reto Rickenbach. The new storage solution was delivered and implemented
within just two weeks, the system has been up and running since late September 2002. But there was more to the project than meets the eye. It all started with a development response specification by SIS Systems AG. Beyond the scope of the project
This specification was sent to several suppliers with a request for quotation. “The winning one was a very professional proposal,” recalls Rickenbach. “It included considerations that looked well beyond the scope of the project, it very specifically addressed our baseline situation and pointed out opportunities for scalability. Even potential downtime situations were discussed.” A gut feeling
The offices of SIS Systems AG symbolizes the importance of a solid IT infrastructure.
RSA, RSA Security, RSA Cleartrust and RSA Keon are registered trademarks of RSA Security Inc. © 2003 RSA Security Inc. All rights reserved.
“What made the difference between the different proposals wasn’t the price but the performance – and a gut feeling that’s kind of hard to define: that we had found the right partner,” notes Rickenbach. “We did set very high expectations during the evaluation phase but ProAct really knew how to meet them! Excellent support during the planning phase, rapid implementation of what had been decided plus wonderful responsiveness anytime we needed help. And great initiative,” Rickenbach summarizes. Managing the system, he reports, has become a great deal simpler, and with the data back-up now centralized at Olten, the importance of this location as the main office is also getting a boost – entirely in
accordance with the plans of the SIS Group. “Our rigorous requirements were fully met, and so was our need for an expandable storage system.” And that was not all: Data processing speed is much faster now across the board than even a year ago. SIS Systems AG intends to expand in the future and market the know-how it’s provided to SIS also to external customers in the financial sector. The new IT information structure is a first, important step in that direction. by Tom Schmidlin, photos Stephan Schneider
Get connected, but do it safely Techniques such as xml and soap have in a short time made it simple and flexible to integrate applications. The benefit is that the information exchange can now take place over open protocols and networks. Unfortunately this could involve major security risks which often are forgotten.
Although Web Services are in great focus, only a few are aware of the security RSA Security has complete solutions to ensure a secure information exchange between applications in an open network. RSA ClearTrust and RSA Keon provide a powerful solution for web access management/authorisation and digital certificates. An important condition for secure communication between applications. To download more information, go to: www.rsasecurity.com/go/webservices or call us at +46 8 725 09 00 A U T H E N T I C AT I O N
A U T H O R I S AT I O N
SIGNING
E N C RY P T I O N
5
San Francisco Computer Security Institute and the FBI published a report in April 2002 stating that 90% of around 500 interviewed IT managers used some form of firewall and virus protection within their companies. Around 60% employed a higher level of security in the form of a monitoring system. Despite these precautions, a staggering 90% were exposed to virus attacks during 2001. Why is this?
The traffic control that nobody escapes W
hat makes the Internet so interesting is its contents. The information is stored on and distributed from web servers, which in consequence are gaining in importance within company operations. The problem is that in terms of security, web server protection has deteriorated. The requirements on accessibility and performance have created a situation whereby security for web server applications can’t keep up with risk developments or, in the worst case, is nonexistent. During recent months, Niklas Dahl, security expert at ProAct in Gothenburg, Sweden, has increasingly focused on web servers since these are at the centre of a worrying grey zone in the world of computers.
Why the focus on web servers?
“In the last three years, the importance of interactive communication has increased significantly. The Internet used to be a media through which relatively static information was transferred. Today, the emphasis is on dynamics and performance 6
An ordinary system with antivirus protection, encryption and firewalls does not protect against cross-site scripting or invisble commands.
since e-commerce has taken over and the number of users is on the increase.” Wherein lies the problem?
“In the upsurge in interactivity and the new demands on accessibility and security that this leads to. More and more busi-
ness-unique information is channelled via web servers and the requirements on dynamics and accessibility are increasing. We have to look at the security aspects in a new light since the tools for security and protection haven’t developed at the same pace as tools used for traditional company
networks.” But what about the ordinary firewalls and virus protection programs? These usually just protect the actual servers and not the web applications. Virus protection looks for damaging coding and a firewall lets through most surf traffic since the aim is to make the web servers accessible. In other words, there are no built-in monitoring functions in firewalls that check on the actual information contained in the traffic.” Cracking the SSL code...
An article in the Swedish net-based version of PC för alla (PC for everyone) from 21 February 2003 stated that a Swiss research team had cracked the SSL code (Secure Socket Layer) in less than an hour without difficulty! And we have been taught that SSL coding offer a higher level of security than is usually incorporated into most web servers? An application firewall may be the solution, in combination with a change in strategy and monitoring routines. An application firewall checks on the different types of information flowing through the channels allowed access by a traditional firewall. The fact that an ordinary firewall allows traffic through to the web servers means that a big hole is created in the firewall. A hole that an ordinary firewall cannot control. Let us show an example. A firewall lets through a request for a computer at the price x $. An ordinary firewall does not have the capacity to control that the returned price from the user corresponds to the original price. The user manipulates the price, returns a lower price to the web server which executes the order immediately. Today many companies have no control over this process, as one of the greatest advantages of e-commerce is the minimal amount of administrative work (because the user does that). The problem occurs
Application firewalls control the information, verifies each individual call before allowing the user through.
when there are a lot of people out there who don’t mind taking advantage of the opportunity to earn some extra money. An application firewall, on the other hand, controls the price, to make sure it corresponds to the original price. Thus attempts to use the system on other people’s behalf become much more compli-
Ten examples of what a hacker can get up to today using a fairly new web browser and some creative thinking Goal Forms: gather info Client account E-commerce Faulty code Text field: gather information
Method Data flow Corrupt cookies Hidden fields Back doors, debug options Cross-site scripting
Database parameters Back-end applications Web server Front-end applications Web server
Manipulation Invisible commands Vulnerability Third-party configuration Overloading
Outcome Server crash, site close-down Identity theft, illegal transactions Theft, fraud Access to database E-hijacking, obtaining account information Fraud Changing the design and function Site crash Administrative access Access to sensitive information
cated. Security levels are created dynamically in real time when users/visitors on a website request various pages. To manage this, the application firewall is installed in front of the web server. Access to pages is controlled by coding and the task of the application firewall is to verify each individual call before allowing the user through. What happens when web servers and site pages are under attack?
Below follows ten examples of what a hacker can get up to today using a fairly new web browser and some creative thinking. How do they do it?
“I won’t tell you because I might get sued! But I did try something that speaks for itself. I instructed an acquaintance who 7
V
This sounds like a good idea for the future. “Yes and no. As I said, we “...THE PRIMARY ISSUE NOW IS TO have solutions that haven’t been cracked and installing MAKE COMPANIES THAT ARE ACTIVE such a solution is a one-off investment. But it’s probably ON THE INTERNET AWARE OF HOW only a question of time before VULNERABLE THEY ARE.” NIKLAS DAHL some creative hacker manages to get through, which means that we have to implement a new solution. However, the isn’t very familiar with computers how to applications are the most vulnerable links, primary issue now is to make companies that are active on the Internet aware of tamper with a site and left that person to it which should place the responsibility for how vulnerable they are.” for five minutes. That’s all it took to security in the lap of the developers. In After having talked to Niklas Dahl I change the price on a product, which is all reality the problem gets shifted between realise that the Internet is a channel with the proof I need.” the two departments, with the result that a Are there any other ways of damaging serious security problem has been created. large security deficiencies, or that most companies who are active on the web the web site? Any company with a presence on the have major security leaks. However, fore“Basically there are three different sceInternet should be aware of this, specially warned is forearmed. It’s a good thing that narios. The first is changing the content of their management groups!” there is a service whereby you can have a page, such as the price on goods and “We have solutions that haven’t been your web server checked for vulnerabiliservices. The second is stealing company cracked - yet - and that fill the requireties in a controlled manner than having to information, customer details and other ments for security and accessibility. The find out courtesy of a hacker or two. intellectual capital. And the third scenario level of security that these can offer is Thomas Gustavsson involves changing a site and its applicatheir attraction. However, it is difficult to tions so that the contents work against its make the companies aware of the probowner or, worse, shuts you down by going lem, despite the fact that we at present are Answers these questions to determine offline.” undertaking research of various company how secure your company is. Hopefully, “All that is needed is a blip in the code, web servers and have managed to crack you will be able to tick all the Yes a web browser and some creative thinkthem all without much effort.” boxes. ing. Those that are on the receiving end of Which means...? Yes No My company has a firewall or other such attacks are not aware of how easy “That the web server infrastructures solution for accessibility and security they are to bring about.” within these companies need to be overControlled accessibility to company We must be able to do something? hauled! This requires a service than can be information is the rule Our presence on the Internet is valuable “Of course, companies need to include compared to a backup analysis, but with Business-critical information is stored on their web servers in their IT strategies. an entirely different focus. The task is to our web servers This may sound a bit obvious, so let me survey, audit, implement and create new Our web servers have the same level explain. The web server is usually the reprerequisites for maintaining performance of security as our other servers Our web applications are secure and we sponsibility of the department for netwhile increasing the protection against are protected against intrusion works and security. However, nowadays intrusion and other interactive attacks.”
Shared responsibility...but by whom? One or two companies are usually behind a web site and several employees are responsible for the services. But who is responsible for the various functions, and where can they be found? One thing is for sure, there are many chefs involved and the soup is made from a complex recipe. In a perfect world without cutbacks and staff shortages, the division of responsibilities could look like this: Design
Web server
Front-end appl. Basic appl.
Data base
Market Resp. for appl. Appl. developer Database admin. Database developer Support Network admin. System admin. Supplier Customer To further complicate the picture, complex web services offer many different layers that together have to function in a fast and clear way. And we’re not even mentioning the issues of maintenance and updating of source codes here.
8
Information
ProAct is launching a new version of FRC, ProAct Fast Restore Cache.
NEW RECOVERY SOLUTION FOR VERITAS NETBACKUP FRC, which was introduced on the Legato platform around 18 months ago, has met with great success with over 100 installations in the Nordic countries and in Switzerland. The new version now incorporates Veritas NetBackup. FRC is ProAct’s solution for faster and more efficient backup and recovery of information. FRC allows for intermediate storage of information for backup. The specially developed software automatically undertakes intermediate storage in a fast disk system which is then transferred to tape. This means that recovery of information can be done in minutes instead of hours, as is usually the case. “Many IT organizations haven’t tested their routines for recovery, so recovery times often don’t match the business requirements. This solution provides support for securing and speeding up the process of backup and recovery of information”, says Per Ernedal, VP of Marketing at ProAct IT Sweden. With FRC for NetBackup, NetBackup’s own functions for copying and recovery are used. FRC is stated as the source instead of the tape station. Up to 32 simultaneous copies can be run and FRC manages parallel backups and recoveries in order to minimize the risks for operation disturbances. When a backup has been made to the FRC, log-on information is written to both the FRC and NetBackup’s own log files. FRC shortens recovery time by up to 10–15 times. The FRC package contains software and hardware with an initial capacity of 0.5 TB alternatively 2.5 TB with further in-
Many IT organizations haven’t tested their routines for recovery, so recovery times often don’t match the business requirements.
crease possible. The administration is managed via a web interface for which the web server Apache with support for Perl is needed. Both are included in FRC. FACTS: Fast Restore Cache
Fast Restore Cache (FRC) is a disk-based cache memory that undertakes intermediate storage of backup flows from various servers and then writes the data in sequence and at high speed to a tape robot. FRC has a basic capacity of 500 GB or 2.5 TB and can be extended to incorporate more TB. Supported NetBackup platforms, Veritas NetBackup 4.5, 4.5 SP1 and 4.5 SP2. Supported OS platforms, Solaris 2.6, Solaris 7, Solaris 8, Solaris 9, and Win2000 in Q2 2003 Features
FRC s/w bundled with ATA-based storage system
“THIS SOLUTION PROVIDES SUPPORT FOR SECURING AND SPEEDING UP THE PROCESS OF BACKUP AND RECOVERY OF INFORMATION” PER ERNEDAL
SAN support with FC support in storage system 32 simultaneous backups can be sent to the FRC Several storage systems can be added to one backup server Staging, backup and restore can be done simultaneously WEB GUI (Graphical User Interface) Backup advantages
Fast backup Longer useful life of media and machinery Fewer tape drives needed per robot Backup duplications rendered more efficient due to: More simultaneous data flows Fewer tape drives start-ups/stops Virtual tape drives on disk Restore advantages Almost as fast restore as backup owing to unfragmented data on tape Direct access to user files as long as they remain on the FRC No changes in NetBackup restore methods Restore of backups managed much quicker (all backup data on the FRC disk becomes a primary restore source) 9
annons storagetek
10
IT departments all over the world are under pressure to create stable solutions for restore of backups. And it has to be a solution that is easy to administrate, fast, scalable and, of course, affordable. Impossible? No, not if you know how to make the best of what you already have. And that’s called sweden
FRC Fast
E
Return
ricsson may be a giant of a company, but its needs and problems are the same as in its average small or medium-sized counterparts. When you lose information, all that counts is how quickly that information can be recreated. Nobody can afford long restore times. Ericsson has a lot of information at stake within the development work on its mobile system. At the heart of these operations in Kista, the company previously had seven backup sites, each with its own backup manager, backup file and restore testing. Managing these sites took time, cost money and didn’t contribute to increasing the efficiency of the development work. It became clear that the best thing to do was to consolidate the seven into one. Ingemar Wrangel, IT strategist and project manager, describes the starting
of
point for the work. “The goal was to create a consolidated solution where we as far as possible could utilise the existing equipment and improve restore performance. We wanted to consolidate to reduce the administration involved in backups and restoring.” The first option presented was a SANbased solution, one that Dan Danielsson, senior specialist in UNIX environments, is still rather fond of. “It was based on a Silo tape robot with 6 000 tapes. This provided a capacity of 600TB uncompressed data when fully developed. In addition, the largest file servers, which today are connected to a SAN, were to be backed up via the existing SAN direct to the robot, i.e. in the form of LAN Free Backup. The idea was for the other servers to be backed up via the LAN to a
Cash
central backup server in the traditional way. We chose this design for its favourable capacity, scalability and performance. We had almost taken the decision to invest in it when financial restrictions put a stop to our plans and we were forced to start all over again.” One software had to be prioritised
The financial aspect cannot be ignored in today’s climate and Ingemar freely admits that it had the final say. “Considering that we are going to be outsourced, it wouldn’t feel right to invest four million SEK (¤ 440 000) in a new backup solution. But if this hadn’t been the case and we had had more money to dispose of, we would have gone for it. As it was, we started over with new prerequisites. We had four types of backup soft11
V
House B
House A LAN
LAN
SAN nodes
SAN nodes
“We already had everything, so the only extra cost incurred was some brainwork and disk capacity. Also, we haven’t had to spend a lot of time on installation or on problem-solving. It’s all worked incredibly well. The development and implementation of the solution took only 20 days.” “Admittedly, the solution is not hightech, but it is 90% percent cheaper than the alternatives, and still has the same, if not even greater, capacity and scalability.” Level 5 backup
House C
Acsls Backup server
Backup server Robot L5500 10xLTO
Alternative 1- The first option presented was a SAN-based solution, based on a Silo tape robot with mounting for 6 000 tapes. This provided a capacity of 600TB uncompressed data when fully developed.
House B
House A LAN
LAN
SAN B SAN A
House C FRC 1.6TB WS 10 Index db 10x36GB disk
LAN 2x Gbit
LAN 2x Gbit
Backup server
Storage node
Storage node
FRC 1.6TB STK9740 DLT7000
LAN 2x Gbit
FRC 1.6TB STK9740 DLT7000
STK9740 DLT7000
Alternative 2 - The FRC takes care of intermediate storage of backup flows from various servers and then writes them in sequence and at high speed to a tape robot. The idea is for all backups to be LAN-based and backed up via the FRC.
ware and we decided to survey which type we were most familiar with and felt like keeping. In other words, we determined which software we wanted to prioritise, and it turned out to be Legato.” As a technician, Dan wanted a solution that was technically challenging and interesting. What he got was an extremely simple solution for which no new investments were required. A disc based cache solution was chosen
Instead of constructing restore capacity around LAN Free Backup, as in the first 12
solution, a disc based cache solution was chosen. With the use of intermediate storage of backup streams from various servers and sequential and fast writing of the data to tape robots, the speed has been increased both for restore and backup. The solution also cuts back on the administration involved. And with the increase in channelled data, the wear and tear of tapes and robots is minimised, something that Dan has already noticed. Ingemar is happy since the solution has resulted in extremely low costs in combination with supreme efficiency.
Backups of 12 TB are done in full dumps once per month and server. The rest of the time, incremental backups are undertaken once a day. In addition, a so-called level 5 backup is undertaken, i.e. a backup done every seven days covering all incremental backups taken during the period. This system allows for an even workload on the backup server since the full backups are divided between all the days of the month. A number of conflicting issues have to be considered such as tape usage vs. restore times, restore times vs. multiplexing, and multiplexing vs. backup windows. According to Ingemar, these issues are underestimated far too often. “You have to arrive at a solution providing a balance between the requirements you have in these areas, how they affect each other and which limitations they may involve.” The LAN-based solution incorporates a backup server and two storage nodes. Each server has a locally connected scsiaccessible robot equipped with six DLT7000 tapes and an FRC disk. All data flows are stored for the night on the FRC disk and then moved to tape the next day. Compression is done on the client side in order to reduce the workload on the LAN and to decrease the storage needs on the FRC disks. Ended up with 36 GB/h
“Our requirements on restore per individual file system were 25 GB/h, but we actually ended up with 36 GB/h. When restoring five file systems to a single file server in one go, we can achieve 72 GB/h, which is remarkable! Not least considering the fact that the restore is done from a DLT7000! We used to have a restore capacity of 35 GB/h, which is probably common for many companies today. With a file system of around 100 GB, or even 400 GB, which
is sometimes the case, it takes a good many hours to work through the system. Since we have built our file and application servers with several file systems, restoring can be done at a minimum of 65 GB/h.” How to improve the perfect solution
Is it possible to improve what seems to be the perfect solution? “Of course. Performance can be enhanced further by switching to faster tapes. The SAN can be connected directly to the tape robot. By summer, we will probably need to expand the system with another 1 000 tapes. We already have the robots, so it won’t cost us anything extra. We have even made use of robots that other Ericsson companies have discarded.” The old backup system has been re-
“BY SUMMER, WE WILL PROBABLY NEED TO EXPAND THE SYSTEM WITH ANOTHER 1 000 TAPES. WE ALREADY HAVE THE ROBOTS, SO IT WON’T COST US ANYTHING EXTRA. WE HAVE EVEN MADE USE OF ROBOTS THAT OTHER ERICSSON COMPANIES HAVE DISCARDED.” INGEMAR WRANGEL
tained and all old indexes have been gathered together. Before there were no formal requirements regarding storage times, but with restructuring in the company, it has been decided that all data should be stored for a period of 10 years. “We believe that we now have the fastest restore times in Sweden, which is fun
considering that it was the last thing on our minds when we were studying the first sketch. We now have a solution that is unbelievably easy, inexpensive and efficient!” By Hanna Köllerström Photo Bengt Alm
13
annons trend micro
14
A INTELLIGENT WAY TO DISTRIBUTE SERVICES Intelligent networking is an old telephony concept referring to a method allowing for telephone switchboards to communicate with each other. Nowadays, however, it refers to intelligence within a network.
IT
used to be that nobody needed intelligent networks since workloads were so small that only one server was needed to take care of a service. Times have changed and despite redundancy within a system, several servers are required to take care of an increasing workload from a growing number of users. The network has to be able to handle more and more requests and distribute them between the servers. However, a network often reacts faster than its servers since the servers have to work against several units while the network can process the work directly in the hardware. And despite the development of intelligent machinery, servers continue to work at a slower pace since they are required to do most of the intelligent processing. Requirements on systems further complicate the situation – a high level of accessibility, security and scalability is the rule. All three factors have to be managed both individually and in combination with each other. The challenge is to build in intelligence while keeping things simple. Traditionally, calls are distributed by turns as they come in, irrespective of the servers’ capacity and workload. Random distribution occurs when there are more than two servers and does not take the servers differences in capacity and workload into account either. Today it is possible to construct a virtual server which in reality comprises one or more Layer 7 Switches. This has several advantages. It can manage several different services and distribute calls between several different servers. It is a redundant system that balances the workload between the servers and ensures continuity by allowing calls from a specific sender to always be distributed to a predetermined server. In addition, the system can be complemented with a proxy function for more efficient communication. However, while the function is easy to explain, configuration, allowing for the optimization of accessibility, security and scalability while keeping the system simple, is tricky.
By constructing a virtual server, security is improved directly since the network layout is protected by the virtual solution. If you then divide the servers into various function layers, you can create firewall functionality between the layers.
The goal is to, as far as possible, eliminate the human factor yet maintain the simplicity needed to allow for human intervention when needed. The system should be easy to administer and difficult to fault. Monitoring the virtual solution is easy, providing monitoring routines are in place. Redundancy without monitoring does not lead to redundancy. Introducing intelligence into the network facilitates monitoring, and also provides a more detailed overview of more parts of the system. By classifying the servers by capacity (in case of capacity difference), the network becomes more intelligent, which also allows the system to work with larger volumes without giving rise to bottlenecks. A system can also be rendered more efficient by storing static information on a cache that is directly connected to the virtual server, thus creating more space for mobile components. Intelligent networks have been used in the IT world for about four years. Anyone offering a service that requires accessibility, security and/or scalability will benefit
from intelligent network solutions. Security is improved directly since the network layout is protected by the virtual solution. If you then divide the servers into various function layers (web servers/application servers/database servers, etc.), you can create firewall functionality between the layers. At present, it is difficult to pinpoint who uses intelligent networks, but a great many banks, insurance companies and e-commerce enterprises have certainly grown wise to the advantages. If you are getting curious, start by checking if your operational needs could benefit from an intelligent network and how much capacity you need now and will need in the future. At the moment we can only see the advantages of intelligent networks, but it cannot be denied that some issues need to be resolved. Redundancy places high demands on monitoring, and if you don’t prioritize this, it could lead to security risks. Or you could become overenthusiastic and pack too much into the solution. You can’t disregard the human factor continued on page 21
15
Annons qualstar
16
gartner group
IT strategies have traditionally been based on senior management’s vision for the enterprise. However, the frequent absence of a long-term business plan calls for a fresh approach to creating an IT strategy.
An Alternative Approach to Creating an IT Strategy Introduction
Strategy is one of the most abused and misunderstood terms used by those working in business, as well as by investors and observers. A recent PricewaterhouseCoopers CEO survey asked 1,160 CEOs what factors best determine an enterprise’s value from an internal and external viewpoint. The top three answers were the same from both perspectives: Earnings Cash flow Corporate strategy The first two answers are financial and retrospective, but the third is about the future and the enterprise’s ability to survive. Before launching into a deeper look at IT strategy, a working definition of “strategy” must be established. A strategy takes a vision or objective (they are the same) and bounds the options for attaining it. Without a strategy, all roads lead to the future. With a strategy, a selected set of roads is designated for travel. The value of a clear strategy is that all middle and firstline management, as well as employees, can see where they are expected to go and can focus on the options that are available. Without a clear strategy, enterprises are
perceived as being unfocused; employees see inconsistency in the actions taken by management; and a new plan is tried every year. If a strategy is so important, CEOs should be expected to talk about it with employees and shareholders – for example, in the letter to shareholders section of the annual report. However, a random sample of 100 Fortune 1000 companies showed that this is not always the case. The top strategic idea for 31 percent of respondents was to improve products. That strategy doesn’t set clear guidelines for options - employees could go in any direction to accomplish that goal. The next response, at 30 percent, was no discussion of strategy at all. Corporate growth through acquisition came in at 24 percent. When facing growth through a merger or acquisition, the enterprise is continually in a “react mode,” attempting to absorb and integrate what is being bought. That often overwhelms efforts to create new, strategic business models. Customer focus came in at 22 percent. Shareholders must wonder why this issue is strategic, because customers are the sole reason the enterprise is in business.
Cost reduction came in at 15 percent. From a shareholder perspective, that must mean that the enterprise has been wasting money all along, which is not very strategic. Using Gartner’s definition of “strategy,” those are not helpful as strategy statements. Gartner provides a more thorough look into the issues of strategy failure and why strategies are important in a December 2002 Strategic Analysis Report, “Six Building Blocks for Creating Real IT Strategies” (R-17-3607). An IT Strategy – Actually, There Are Two
With so few usable enterprise strategies, what is the IS organization to do? To start, one must look at what the IS group delivers and recognize that it engages in two distinct activities that, although linked, have very different objectives. Gartner has created a model for constructing an IT strategy (see Figure 2), which contains the following six building blocks: Business strategy Applications Operations Architecture Financial tools People 17
V
A business strategy must be the starting point for developing an IT strategy, regardless of whether one already exists or must be created. The IS group is involved in two “businesses” – applications (delivering and maintaining) and operations. That is what the business sees, but all too often the picture is blurred. By creating a distinct strategy for each component of the IS group, the business can clearly discern each component’s value propositions.
Application portfolio change: This element concerns how legacy applications will change. Business process integration: With the emergence of virtual business models and the use of external sourcing, the need to tie together a diverse set of applications has become more important. Sourcing: This element addresses securing the resources necessary to handle strategy execution and management.
Two support tools are key for developing a strategy – architectural and financial.
To determine the nature of how business strategy or operation affects the IT strategy, examine the seven business strategy factors: Geographic: What is the enterprise saying about how it will be physically structured? This will affect how the infrastructure will be deployed and how it will best provide service. Application change and integration take on different levels of complexity as the geographic parameters expand. Governance: This is at the core of defining the enterprise culture. How decisions are made will affect how all five IT components are implemented. Future: How clear is senior management in talking about the future? A longer-term vision makes it easier to evolve a set of options. Existing IT: What is the business saying about its core business processes, and how much change is being contemplated?
Architecture sets the boundaries for IT decision-making options, while financial tools are used to choose the appropriate option - that is, how to go about planning and executing the strategy. Both tools are exposed to the business and form an essential part of the language for discourse. The last component of the strategy model is people. The people component which is internal to the IS group – is concerned with delivering sufficient resources to perform the work. A key aspect of this IT strategy model is that it frames the discussion of IT with the business in strictly business terms, making it clear how the business side’s decisions can affect its own operations and underlying costs. Once the business understands the value proposition and how it can control it, its support of IS strategies will become more solid. A discussion follows of the six building blocks that comprise the IT strategy model. Business Strategy
Gartner will examine business strategy by asking two questions: What are the essential components of all IT strategies? Where should one look in real or derived business strategies for specific answers to how to structure these strategic components for your enterprise? The five necessary elements for all IT strategies are: IT infrastructure: This represents all of the IT components (hardware, software operating system/components and networks) necessary to deliver an operating environment for all enterprise processes. Service: This is how the IS group delivers on the operating environment, what the business units (BUs) are buying on a daily operational basis. The common definition for delivery is a service-level agreement. 18
A balance must be struck between breaking new ground and sustaining legacy applications. Virtual: It’s clear that business models will become more “virtual” in the long term. Yet, there will be problems along the way. The extent to which the business model becomes virtualized will determine how IT architecture evolves and which applications remain internal and which are outsourced. Customer: This is about the customer interface and how integrated the applications will become with the customer. Just saying “we will pay attention to our customers” is not sufficient. Funding: This is where the enterprise truly shows its commitment to change. The Two IT Strategies: Application Change and Operations
The elements for creating the two IT strategies will be determined by an analysis of the intersections of the five IT components and the seven business strategy sources. The IT components of infrastruc-
ture, service and sourcing serve the operations strategy. Applications, integration and sourcing serve the application-change strategy. Application-change The application-change strategy focuses on how the enterprise sees itself in the future. If the enterprise has developed a picture of how it wants to evolve, building an IT strategy to match that vision is rather straightforward, and the value of
“DISCUSSING ARCHITECTURE WITH SENIOR MANAGEMENT CAN BE ENHANCED BY USING TWO READILY UNDERSTOOD CONCEPTS: COMPLEXITY AND COST.”
Operational-level service Gartner recommends that an operations strategy be based on a service model. At the heart of an operational-level service model is the simple premise that approximately six core service processes define everything that the operations group does. The BU manager sees those services and understands their necessity to his or her own operation. The dialogue between the IS organization and the BU is all about the services that the BU needs - that are priced at service levels that they can afford. The operational-level service model opens up competition with outside organizations that also provide such services.
measuring and multiplying all the underlying probabilities that go into ensuring smooth IT delivery. With so many variables, obtaining a probability of more than 99 percent becomes very costly. The cost to operate an infrastructure is directly proportional to the level and complexity of architectural decisions being made. To determine the cost for your IS organization, you can develop several scenarios that posit an environment, which then is simply “costed out.” An alternative example was developed using the Gartner Total Cost of Ownership Manager for Distributed Computing tool. Using the tool, one can define alternative operating environments and derive the costs for each. The cost differentials for a sample midsize and large enterprise conservatively amounted to 20 percent and 12 percent, respectively. Gartner budget surveys place operating expenses at 60 percent to 70 percent of IT annual budgets – that is a material amount that is bound to get a CFO’s attention. Financial Tools
IT Architecture
that strategy will match what the business sees as IT’s value proposition. With little or no IT strategy, the resulting portfolio of application changes will still satisfy the business’s needs, but will be very inefficient from an IT perspective. The BUs will be paying a premium IT expense compared to competitors that have developed sound IT strategies. The dialogue is to make sure the BU sees the cost of that inefficiency as a byproduct of its decisionmaking.
Architecture is too technical for many business executives to understand. Most executives equate the level of IT needed to operate a complex enterprise with the ease of PC use. Such misunderstanding historically has resulted in dysfunction for many enterprises. Discussing architecture with senior management can be enhanced by using two readily understood concepts: complexity and cost. Complexity gains added relevance through the concept of reliability. To determine the reliability of IT infrastructure, one must calculate a final probability by
Creating and managing a strategy requires a consistent methodology and a set of tools. Those tools range from simple, decision-making tools like payback period to advanced ones like real option valuation. There is no single best tool; each one serves a subset of problems. It is essential to make sure that the tool matches the decision or uncertainty needing resolution. Using the Building Blocks to Create Strategies
The following is a brief introduction to nine steps for creating your strategies: Understand the business strategy: Understand where the business wants to go. Establish a governance process and 19
V
People Business Strategy
Business
Actual or Derived
IT Strategy Applications Change, Prove Effective
Operations Services, Prove Efficient
Architecture Building Blocks
Financial Tools Decisions
Two IS Units
Business/IS
People Maximize Potential
IS Internal
Support Elements Manage Internal/External
Source: Gartner Research
Figure 2 IT Strategy Model: Six Building Blocks
• Architecture • Tools • People
Develop Strategy Operation/Change • Update
• Balanced Scorecard
Manage Strategy
• Financial Tools
Budget
• Services
Operations
• Chargeback
Source: Gartner Research, Kaplan and Norton
Figure 3. Integrated Strategy Management Model.
financial toolset: Establish how decisions will be made. Define what enterprise architecture must look like: Develop a picture of the IT infrastructure’s future. Understand the boundaries that the current infrastructure architecture applies: Establish a base for starting and its meaning. Define the application change strategy: Apply what was learned in previous steps. Define the IT operations strategy: Gartner recommends the internal service company (ISCo) model. Define the people strategy: This involves all who execute the strategy - internal and external. Develop an IT strategy document: This captures the strategy and gives a platform for formal discussion. Create a management framework to keep your strategies alive: Gartner provides a high-level view of how all of those concepts are put to work (see Figure 3). 20
No strategy discussion is complete without a consideration of the people involved. Successful organizations inevitably have the right people in the right jobs at the right time. For the IS group, this historically has meant managing a skills inventory. Although skills are usually employed to define what it takes to execute tasks, an additional dimension is necessary – talent. That concept is spelled out by Marcus Buckingham and Curt Coffman in their book, “First, Break All the Rules.” According to Buckingham and Coffman, each person has basic abilities, or talents, that drive how one instinctively acts or reacts, and these cannot be changed. Reaching the highest capacity levels requires more than skills, it requires these natural, unlearned capabilities to act instinctively and see things that are not obvious to others.
Moving down Figure 3 from the top left-hand side, the two strategies of operations and change are developed using the tools and concepts discussed previously. A management tool such as a balanced scorecard ensures that the strategy continues to be effective. The budget reduces the planning horizon to 12 months, using the financial tools to make the appropriate decisions. The services established for both of the IT strategies form the basis for operation. Working from the bottom up on the right-hand side, the chargeback that is incurred during operations feeds the budget and the process management too, such as the balanced scorecard. The impact of these on managing a strategy is then used to make the appropriate adjustments in strategy, before the cycle starts all over again.
Bottom Line
Most enterprises claim to have an effective business strategy in place, but many don’t really possess one. That is probably the single biggest problem facing IS organizations in their quest to manage enterprise IT expectations. Nevertheless, regardless of whether an effective business strategy exists – one that states a clear vision and objectives, and bounds the options for attaining them – the IS organization must identify one to guide its application change and operational support efforts. By following the model provided Gartner, IS organizations can develop an IT strategy that serves their enterprises’ actual or implied business strategies - that simultaneously provides effective, efficient IT operations, while developing new applications to power the business processes needed to ensure enterprise competitiveness and growth. Strategies provide everyone in the enterprise with a road map for future direction and the boundaries for creating options. An organized model for developing an IT strategy serves the dual purpose of focusing the business and IS organizations on what is appropriate for the enterprise and providing a common language to discuss what must be done. By E Younker, Research Products Analytical source: R Mack, Gartner Research
STRENGTHEN YOUR INFOSTRUCTURE COMPETENCE! Are you about to change your InfoStructure? Does today’s competence
Microsoft to help teach Hacking 101 In a move that seems akin to teaching a fox how to guard a henhouse, Microsoft -- the most vulnerable IT henhouse of all -- is teaming up with several universities to teach students how to break Windows. As part of the computer course, undergrads will have to hack into software and fix any security bugs they find. They'll also have to deal with security vulnerabilities and learn how to write secure code. The University of Leeds in England will offer the course next year, with the help of Microsoft's money. MS may want to make sure that every one of the male students in the class has a girlfriend; according to a leading security expert, most virus writers don't. Source: IDG Intelligent networking....from page 15
altogether and one little mistake can ruin everything. However, such risks can be minimized with the help of redundancy and well thought through manuals. Also, it’s a good idea to create a development environment within a large system in which you can test new concepts before installation. So what do people really make of it? Technicians tend to focus on the switches trying to figure out how it can be done. Through own experience I have learned that you need to undertake a couple of installations with someone experienced before attempting anything on your own. Purchasers and managers, on the other hand, skip the technical jargon since the solution seems to offer a more cost-effective function that is easy to monitor. In all probability, they end up wondering why on earth they hadn’t installed it earlier. Jonas Stenmarck
correspond to tomorrow’s requirements and needs? Is it time to invest in new training to create prerequisites for rational and effective operation? We can offer you tailor made training based on your needs and requirements, that is carried out either on your or our premises. Your requirements decide direction, focus, time limits as well as the number of participants. Tailor made training is time as well as cost effective and adjusted to your specific requirements. The training comprises everything from methodology and structure to an advanced technical level.
Scheduled/On demand Duration
Finland NetWorker Administration for Windows/UNIX NetApp Administration (former 101)
Scheduled Scheduled/On demand
3 days 2 days
Denmark NetWorker Administration for Windows/UNIX NetWorker Advanced Administration for Windows/UNIX NetWorker Administration/Advanced Administration, customized NetWorker Recovery Module for SQL NetWorker Recovery Module for Exchange NetWorker Recovery Module for Oracle NetApp Administration, customized (Workshops only) Veritas NetBackup Administration/Advanced Adm., customized Veritas NetBackup On-line Agent for SQL Veritas NetBackup On-line Agent for Exchange Veritas NetBackup On-line Agent for Oracle
On demand On demand Scheduled On demand On demand On demand On demand Scheduled On demand On demand On demand
4 days 3 days 3-6 days 1 day 1 day 1-2 days 3-4 days 2-3 days 1 day 1 day 1 day
Scheduled Scheduled Scheduled Scheduled Scheduled Scheduled On demand On demand
4 days 3 days 3 days 2 days 3 days 3 days 1 day
Norway Networker Administration for UNIX/Windows NetWorker Advanced Administration for Windows/UNIX NetApp System Administration NetApp Advanced System Administration Veritas Netbackup Basic Veritas Netbackup Advanced DR of Windows AD and Exchange 2000 using NetBackup 4.5 Workshops
Sweden NetWorker Administration for Windows/UNIX NetWorker Advanced Administration for Windows/UNIX NetWorker Administration, customized NetWorker Recovery Module for SQL NetWorker Recovery Module for Exchange NetWorker Recovery Module for Lotus Notes NetWorker Recovery Module for Oracle NetApp Administration & Advanced Administration NetApp Administration, customized Veritas NetBackup SAM-FS System Administration Training
Scheduled 4 days Scheduled 3 days On demand 1, 2 or 3 days On demand 1 day On demand 1 day On demand 1 day On demand 1-2 days Scheduled/On demand 4 days On demand 1-4 days On demand 2-3 days On demand 1-3 days
21
Happenings in Switzerland We, ProAct in Switzerland, have plenty of activities for you to participate in this year. How about this: May, 14: Lunch & Learn Roundtable in Bale. Theme: High Availability with Libelle Informatik, Germany May, 15: Storage Information Days in Zurich September, 24–27: Orbit Comdex Exhibition in Bale There will also be a ProAct User Group Switzerland, in June, September and December, as well as ProAct Car-Driver Training. Further information will soon be on hand. We look forward to meeting you at one or more of these events!
ProAct User Group, Sweden The first week of September, we open up the doors to ProAct User Group 2003, ProAct’s annual user meeting presenting several major technology partners. Last year you could listen to and speak to representatives from Legato, Network Appliance, StorageTek/LSI Logic, Qualstar and StoreAge. This year it will be even better! The event will this year include security and network as well as storage and recovery. We also include Prenet, our function that makes all sorts of information, (illustrations, pictures, texts and documents) easily available with high efficiency. We give you our vision on these areas and how you obtain a solid infrastructure. We arrange ProAct User Group all over Sweden with the latest in infrastructure and technology. On our break-out sessions you choose what technology partners you want to listen to. You get the opportunity to meet a series of interesting companies who present their latest products, how innovations and technology are developed and their visions. Here you can discuss products and technology, get answers to your questions. The meeting with colleagues also give you the opportunity to exchange experience. Also, you get the opportunity to listen to other customers, how they solved their problems and challenges. Further information will soon be on hand, so book it now, ProAct User Group 2003!
User Group meetings in Denmark ProAct in Denmark plans a chain of User Group meetings where technical specialists from our leading suppliers will inform about product news, technical details and the visions behind these. At the meetings you will have the possibility to exchange experiences, have dialogues with our suppliers as well as other end-users and to get hands-on with the newest technologies. Planned seminars (many more are on the way): Veritas
13.05.2003, 9.00 a.m. – On-line Database Backup 09.09.2003, 9.00 a.m. – Mail systems 04.11.2003, 9.00 a.m. - Systems monitoring Legato:
20.05.2003, 9.00 a.m. – On-line Database Backup 19.09.2003, 9.00 a.m. – Mail systems 11.11.2003, 9.00 a.m. – Systems monitoring The meetings will take place at ProAct System’s premises, Blokken 86-88, 3460 Birkerød. Contact person: Susanne Dencker, phone no. +45 70 10 11 32 Please notify your participation now if you want to be updated on the newest technical details. Welcome! 22
THE FAIR CITY OF HELSINKI ProAct participated in TecIt Forum 2003 at the end of January. The event gathered several thousand IT professionals under the same roof for two days, to listen to seminars and presentations. ProAct presented some major solutions as well and was accompanied by BMC Software at the stand.
AUTOMATION OF E-MAIL ARCHIVING
E-mail Archiving and administration are made so much easier by using MMA100.
Gartner Group reports that the volume of email attachments will grow by 40% over the next 5 years. During the same period the amount of e-mails sent will increase by 29%. IDC found out that an employee needs an average of 49 minutes daily to organize a single mailbox. With the ever growing volume of mails and the related work, cost will increase drastically. ProAct Datasystems presents an archiving system for economic and simple e-mail archiving and management. The product bears the rather lengthy name Messaging Management & Archive MMA 100 and is aimed at companies with a maximum of 100 users and 2,000 emails per day. Critical documents can be kept for different periods of time which means that different legal requirements can be met as needed. In case of a disaster the user has the possibility of retrieving individual mails or directories from the archive which again reduces the administrator’s workload. The software is easy to use and is available since the end of February.
Joint success for Rosenborg Ballklub and ProAct Systems AS
Over the last five years ProAct Systems AS has supported Rosenborg Ballklub as a sponsor of the team and a keen supporter of the offensive style of football that Rosenborg has been an exponent for in Norway. Tom-Eirik Jensen, our sales manager for Norway’s coastal towns, has created an atmosphere and a programme around Rosenborg’s games that have been enjoyed by IT managers from all over Norway. Even people who don’t usually find football very interesting freely admit that a visit to the main norway
city in the Trøndelag region, the joy of fine food, drink and stories followed by the experience of watching a Champions League match is something quite special. Anyone who has only seen such a game from the comfort of his or her own armchair definitely has something to look forward to. Why does ProAct support Rosenborg? First and foremost, we support them because they are a good football team. Rosenborg is the pride of Trondheim, and it represents qualities with which
ProAct is more than willing to identify itself: a winning culture, high-quality performance, focus, good organisation and continuous success. During the same period ProAct has won major contracts with the country’s largest enterprises in competition with the world’s elite. We have developed a quality system in respect of our supplies that ensures our customers the right delivery at the right time. Our focus on data storage and backup/restore solutions means that we can proudly claim to be the country’s leading enterprise within these areas…and steady and profitable growth gives us the security we need to overcome market fluctuations. Can companies inspire one another? Employees in different companies learn from each another, but can one company inspire another? Definitely. The image created around an enterprise (club) emerges as a consequence of a series of actions. When all these actions point in one direction, they will reinforce one another and finally permeate everything and everyone. Anyone in contact with that enterprise will be aware of the power that drives the enterprise forward. We can learn which conditions are required for such a power to emerge and how this can be maintained over time. ProAct Systems wishes Rosenborg every success in the 2003 season.
Do you want your own copy? Begging won’t get you anywere. If you want to change your address, get a free subscription, or receive more information, please visit our website www.proact.dk/fi/no/se or www.proact-it.ch and click proactuellt. You can also subscribe to our digital newsletter, FYI, as well as read back issues of Proactuellt. FYI is a monthly newsletter presenting international news from the world of storage, backup/restore, network and security. It gives you the opportunity to upgrade your knowledge on what is happening without having to look through all those mails tou get every month. We do that for you! Welcome!
23
B TLOD – Totally Lights Out Datacenter
T
his is a true story dying to be told, even though it does include a great deal of embarrassment for the people involved. It revolves around a friendly but rather flaky person we can call Hubbe. Back in the 1980’s, Hubbe did his military service at VKÖ, the drafting office, which is the part of the military who manages the task of listing, drafting, evaluating and placing young men (and women these days) into the military forces. Most men who did their military service at VKÖ handled intelligence tests, medical tests, manned the security guard. Their only highlight was the one day when female recruits was to be evaluated and the guys in the medical chain had semi-naked women running around them all day. But Hubbe belonged to the happy few who knew something others didn’t - computers. He should, since he’d bought an illegal copy of the main key for the school he attended and spent the nights programming rather than doing his homework. After having spent a month shouting “bang, bang - you are dead” (the military was a bit short on ammunition just then), Hubbe and another few computer whiz kids were put into uniforms and transferred to the IT facility where they spent a year as systems operators, basically handling the endless output of conscript notices, labeling tapes and running batches. One late Friday, Hubbe was by himself on the premises - but he didn’t mind. He just loved the wheezing sound of the air conditioning, the rattling noises of the removable hard disk packs and tape stations hooked up to the Honeywell Bull mainframe. And the lights! There was a wall of lights flickering in green, yellow and red much better then StarTrek any day. The backup tapes were running smoothly and it was just minutes before he could leave the night batches running on their own. The last item of the checklist was to switch on the alarm system. He punched in the code and then had one 24
minute to leave the hall and shut the door. He had just finished buttoning up his coat and shut the heavy metal door when he realized that the lights where still on. With only a few seconds until the alarm was activated he stretched his hand inside the door and punched the light switch.
T
his is where the night went horribly wrong. The lights did go out - together with the air conditioning, the disks, the tape stations, the great Honeywell Bull and all the other equipment. The few centimeters between the light switch and the emergency stop button made Hubbe’s fairly uneventful life replay before his eyes. He had just unintentionally shut down a major military computer site. Was there any tomorrow? This is where his friendship with a quite odd and extremely talented young man came into play. This young man, who I will call Johannes, had the ability to see some complex combination of instructions performed once, and then to be able to repeat it all. Hubbe, picked up the phone and called Johannes. H: - Hi Johannes, it’s me, Hubbe, how are things? J: - Okey... H: - Hey, listen; I’ve had a little misshap out here. I confused the light switch for the main circuit breaker and now everything is down. J: - ...this is a joke, right? H: - Oh, well it had to happen sometime, didn’t it? J: - Not really... H: - So...I was just thinking...are you doing anything special tonight? J: - I can’t do anything tonight. I’ll see you there tomorrow morning.
F
ollowing day, Saturday morning, Hubbe and Johannes took the back entrance into the military area. They switched off the alarm and entered
the dark and very silent premises. For those of you who did not work with mainframes back in the 80’s, I should mention that starting up a machine included setting wheels with hexadecimal codes to determine start-up parameters and other witchcraft thingies that Johannes seemed to have memorized. And, needless to mention, Hubbe had absolutely no clue about. A couple of hours later the system was up and running, the batches running smoothly again and Hubbe and Johannes left the site. Problem solved, matters settled. But of course, they didn’t count on Captain Andersson’s habit of carefully reading through the system log every morning... - Hubbe, did something happen last Friday when you closed the place? This was one of those rare moments in life when you have to make a choice; either you cowardly stick your head in the sand and pray for a miracle. Or you stand up and claim responsibility for ones actions - simply looking danger in the eye. Once again, Hubbe’s dull life started replaying itself but this time with the interesting twist of having shut down a top security classed IT facility. So he said: - Oh...no, I don’t think so...not really...why do you ask?
O
f course, Captain Andersson could read in the log that there had been a power failure Friday night, that the system came up again on 9 am the morning after and that the batches then completed successfully by themselves. From there on it should have been quite easy to find out who had logged on during the Saturday morning (except everybody used the same identity) or check the log file print-out at the guard to see who swiped their cards at the gate (except the paper was probably out in the matrix printer that wrote down all movements on the premises). Whatever the reason, Hubbe and Johannes were never again asked about the strange happenings that night, so they could leave the military service with top marks and pursue their careers in IT. Fänrik R. Ståhl (The names have been changed to protect the guilty)