CENTRE OF ATTENTION
Exploring the advantages of the SDDC p.14
QUICK AS A FLASH
The case for flash-based storage p.10
September/ October 2014 VOLUME 5 NUMBER 4
INSIGHT FOR TECHNOLOGY PROFESSIONALS
Publication Mail Registration Number: 42169527
THE PASSWORD PROBLEM www.itincanadaonline.ca
& s& bs ub e pu ve op tiiv to ut et cu se ec os xe lo e c ex cl
S RESTO
ES SUI T
e he th ot to st ns miin 2 2m
WAY ENS E U Q
ind beh ly ngs n o eeti m was left !
Howntowoncks away e
d l wb A fe
THE
SURPRISING DOWNTOWN OTTAWA HOTEL YOU MIGHT HAVE MISSED.
377 O'CONNOR STREET, OTTAWA, ONTARIO
1-800-465-7275 WWW.VICTORIAPARK.COM
Really,
ReallyBig Hotel Suites.
The moment.You know it. It happens any time you stay at a new hotel, right after you swipe your room key. The moment before you open the door. Will the room be big, or small? Light, or dark? Nice, or not?
and feature real bedrooms, real kitchens and real living rooms. And they don’t cost any more than those of our competitors. Really, why would you stay any place else?
Here’s what you’ll find the moment you open your door at Albert at Bay—space, and lots of it. Our suites are the biggest in Ottawa
DOWNTOWN OTTAWA
435 ALBERT STREET
613.238.8858
RESERVATIONS 800.267.6644 ALBERTATBAY.COM
Contents
www.itincanadaonline.ca
Vol 5 No 4 September/October 2014
Features 8 Toshiba takes on the business market A closer look at some of Toshiba’s new business-focused products 10 Quick as a flash HP’s Craig Nunes discusses the rise of flash-based storage 14 Centre of attention Rishi Bhargava of Intel Security makes a case for the software-defined data centre 18 Open source networking on the rise, says ONF Open source software is quickly gaining traction, says ONF’s Dan Pitt
20 Cover Story: Eric Jacksch explores the issues with passwords, and why the authentication process is due for a change Departments 4 Editorial 6 News Our roundup of news stories 8
Online Extras: www.itincanadaonline.ca
10
Missed an issue? Misplaced an article? Visit www.itincanadaonline.ca for a full archive of past IT in Canada Online issues, as well as online extras from our many contributors. September/October 2014 IT in Canada Online / 3
Editorial Insight for technology professionals
Editorial Acting editor: Mark David
905-727-4091x230 mark.david@iticonline.ca
Staff Writer: Raj Ebenezar contributing WRITERs: Eric Jacksch, Rachel Levy Sarfin sales VP, Business Media Strategy: Marcello Sukhdeo
905-727-4091 x224 marcello.sukhdeo@iticonline.ca
Director, Content Marketing & Demand Gen.: Laskey Hart
905-503-1376 laskey.hart@iticonline.ca
Account Manager: Donna Crossley
905-503-1377 donna.crossley@iticonline.ca
Events
Falling into good habits
Events manager: Sandra Service
sandra.service@iticonline.ca
art & production Art Director: Elena Pankova
circulation@iticonline.ca
Subscriptions and Address Changes CIRCULATION DIRECTOR: James Watson
circulation@iticonline.ca
Circulation Coordinator
circulation@iticonline.ca
General Inquiries
24-4 Vata Court, Aurora, ON, L4G 4B6 Phone 905-727 4091 Fax 905-727-4428 corporate COO AND GROUP PUBLISHER: John Jones
publisher@iticonline.ca www.itincanadaonline.ca
Publisher’s Mail Agreement: 42169527 IT in Canada Online magazine is published six times per year. All opinions expressed herein are those of the contributors and do not necessarily reflect the views of the publisher or any person or organization associated with the magazine. Letters, submissions, comments and suggested topics are welcome, and should be sent to publisher@iticonline.ca
www.itincanadaonline.ca Reprint Information
High quality reprints of articles and additional copies of the magazine are available through circulation@iticonline.ca or by phone: 905-727-4091 One year subscription rates
Canada: $50/year; USA $60/year; International $100/year. All rights reserved. No part of this publication may be reproduced without written consent. All inquiries should be addressed to circulation@iticonline.ca
4 / IT in Canada Online September/October 2014
As temperatures drop and greenery gradually fades away, we realize that fall is in the air. That’s right, folks. It’s time to get your coats out of the closet again. Don’t worry, I feel your pain. While ensuring that we’re protected against the colder temperatures is important for us, protecting our data against unsavoury characters is important for our businesses. Not having the proper security measures in place can cause problems across the board for enterprises, in addition to having a negative effect on your bottom line. Thankfully, help is always available. Regular columnist Eric Jacksch explains that passwords aren’t the only issue affecting authentication processes. Find out what he has to say on page 20. Storage is a topic on everyone’s minds these days. With tried-and-true methods gradually being phased out, many businesses are migrating to the flash-based model. HP has been paying close attention to the data storage needs of their enterprise customers, and has made a significant investment into flash-based storage. Check out our exclusive interview with them on page 10. The data centre is rapidly evolving, as are the needs of the people who rely on them most. Many companies are leaning towards the software-defined model to suit their storage needs. Intel has some big things brewing, and they go in-depth about the advantages of the SDDC and their plans for it on page 14. Speaking of big things, Toshiba is primed to tackle the business-optimized laptop market with their relaunched Z-series models. Although the heaviest Z-unit weighs in at only 4 pounds, these machines are no lightweights. On page 8, we talk to Toshiba about their products, and why they might just be the best fit for your business. Whatever your choices, we hope you keep your data out of harm’s way. Don’t forget to bundle up as well!
Mark David Acting Editor
media:scape™
furniture and technology merged to help teams access and share information www.steelcase.com/cometogether
expect more
Contact us to learn more
·media:scape™ creates a collaborative destination ·Everyone can share their digital information instantly ·Information is visible by all participants
POI Business Interiors has more than 50 years of experience in providing knowledge, products and services that help people work more effectively. We understand the issues facing organizations today. T 888 296 9967, F 905 479 6941 www.poi.ca info@poi.ca
in the news
Study finds shift in teens’ online sharing habits
A
n old adage states that “time changes everything.” This held true in an online Harris Poll sponsored by Camp Mobile. The survey shows that four in five young Americans assume their friends share too much information online. The results, collected from 812 teenagers and young adults between the ages of 13 and 22, indicate the different patterns of social media interaction of this age group and their thoughts on their social media sharing habits of their peers. While it is a fact that today’s teens are known to share their lives online, the study shows the younger generation is becoming increasingly frustrated with their peers’ lack of authenticity online. According to the findings, 73 per cent of the mentioned age group own a laptop, while 72 per cent own smartphones. As a result, 81 per cent of youths aged 13-22 admitted that people their age share too much information online. Additionally, 69 per cent agreed that most of them online were “being themselves” some of the time, and 63 per cent had a hard time reading friends’ “fluff” posts. Fifty-seven per cent of respondents said
6 / IT in Canada Online September/October 2014
they wish their friends’ posts were more authentic. Recent trends indicate that college students are more likely to de-friend “fake” people than their high school counterparts. Girls (10 per cent) seem less likely to share what they do versus boys (17 per cent), on social media. “This new research survey supports our theory that there’s a cultural shift underway, being driven by Generation Z,” Doyon Kim, GM of Camp Mobile Inc. and BAND, said in a press release. “It shows a preference for online authenticity and more private group spaces to selectively share different information with various subsets of their diverse work and personal lives. The moving trend away from auditorium-style social networks to more private group spaces shows there is a real need for more a different type of social network and messaging platform.” The study also found that this age group wants to be more realistic online, but often has difficulty doing so. Thirty-nine per cent of respondents said they don’t feel like they can be their real self on social media. The older crowd felt there was a negative
effect on time spent online, with 37 per cent agreeing that they spend less time on social media because their relatives are on it. Moreover, 44 per cent said they don’t post because they don’t want their posts to be seen by older relatives, and 31 per cent curtail their posts because they thought a potential job recruiter might see them. In addition, 39 per cent of those surveyed stated that they spend about the same amount of time online now as compared to last year, while 35 per cent said they spend more. Furthermore, 66 per cent said don’t share as much information online as they used to. “These statistics point to the increasing need for private networks in which people can communicate and share with select groups of people,” added Kim. “This change in the way the younger generation share information with their peers will affect the popularity and continued use of a variety of social media networks. It will be interesting to see how technology offerings respond to this shift. We’ll be paying close attention (to those trends) as we continue to adapt BAND to the U.S. market needs.”
in the news Generation X and the rise of the Supertasker A new study from Cisco shows that companies are changing their policies to adapt to the changing mindset of Generation X. According to the 2014 Cisco Connected World Technology Report (CCWTR), by 2020, the majority of employees will be connected via wearable devices, although the laptop prevails as the top priority for workplace connectivity, at least for now. The working preferences of this generation are paving way for the future, and this includes the emergence of the “Supertasker,” an individual who uses four devices with expertise. Although many workers are shifting towards working remotely, 44 per cent of respondents maintain that working in office is more productive. The mindset of recruiters has shifted as well, with 50 per cent hiring new employees through video interviews. More than half of Canadian Gen X and Gen Y workers see themselves as a Supertasker. Human resource directors believe Supertaskers increase productivity and feel that are better
off with a management position because they inflate a high performer’s expectations. There is a strong indication that 70 per cent (85 per cent in Canada) of Gen X professionals mix work and personal activities successfully to become Supertaskers. In addition, more than half of Gen X and Y workers do not see themselves as typical 9-to-5 workers. Flexible work schedules are becoming more common, and more businesses are allowing their labour force to work from home. Furthermore, the three-hour lunch is the latest trend compensated by working additional hours in return.
Connecting Canadians reinforces Canada’s digital economy Internet access is everything today. This is true for Canadians who are integrating more digital elements into their lives. Despite that, there are still some Canadians living in rural and northern regions who do not have Internet access. Mike Lake, parliamentary secretary to the minister of industry, addressed this issue at the annual Canadian ISP Summit in Toronto. Lake discussed the government’s digital economy plan, and several projects will be announced in spring 2015. Connecting Canadians, a federal program, will provide Internet access to 280,000 homes in the remote regions of the country. Additionally, the government will partner with service vendors to expand service and reach these rural areas. “The call for applications under Connecting Canadians marks an important phase in our plan to bring the benefits of high-speed Internet to more than a quarter-million Canadian households, some for the first time,” Lake said. “Providing Canadians with access to broadband Internet for learning, business opportunities and so much more is key to a more connected digital Canada. I encourage ISPs to consider this program, to extend services and to create new opportunities for Canadians.” The program also offers incentives for the private sector to extend digital infrastructure in these regions. This venture will pave way for new economic opportunities and new jobs, products and services. It delivers on the government’s commitment in Economic Action Plan 2014 and in October 2014 opened the application period opened for Internet service providers (ISP). Applications are open until January 12, 2015.
September/October 2014 IT in Canada Online / 7
ProduCt showCasE
By Mark david
toshiBa
takes on the business market
As the need for business-focused computing grows, so does the need for cost-effective devices that combine portability with ease of use, collaboration capabilities and enhanced mobility. Toshiba has given careful consideration to the demands of the market, and has crafted a product line that can help businesses satisfy these needs.
t
he company’s new Z-series laptops are fully optimized for enterprise use, are simple to use, and are among the most lightweight products available on the market today. The Z30 model features a 13-inch screen, while the newlyredesigned Z40 and Z50 are equipped with 14- and 15-inch screens, respectively. All three devices also feature backlit, spillresistant keyboards. “We have a full range of notebooks that our customers can choose from, depending on what they want,” says Yuji Wakabayashi, commercial notebook product manager for Toshiba Canada’s Digital Products Group. “With the 15-inch (model), we have a builtin keypad, which is great for accounting firms and other industries that work with numbers.” Since last year’s release of the Z40 and Z50
the success of the z30 Model was a MaJoR factoR in toshiba’s decision to Re-launch the z40 and z50. 8 / IT in Canada Online September/October 2014
models, Toshiba has been hard at work making adjustments to provide their customers with an improved user experience. One key modification was the elimination of the optical drive, a feature that is gradually being phased out by many computer developers due to increased reliance on email, USB drives or the cloud for file transferring. “Last year, the 14- and 15-inch (models) were more traditional workhorse computers that relied on their optical disk drives,” says Wakabayashi. “But now that we’re seeing a trend in the marketplace where no one is really using optical disk drives anymore, we decided to (eliminate) it and create a line of ultra-portable notebooks.” Most of the new changes to the largerscreened units were the result of research and feedback from the smaller Z30 series. The success of that model was a major factor in Toshiba’s decision to re-launch the Z40 and Z50. “For the past few years, we’ve always had an ultra-thin kind of notebook,” says Wakabayashi. “We decided to take what we learned from the 13-inch platform and expand that into the 14- and 15-inch range.” While many assume that the larger the size of a laptop, the more it will weigh, that is not the case with Toshiba’s Z-series units. Despite the three different screen sizes, the devices are very lightweight, making it easier for employees to carry with them as they go about their business. In addition, the integration of Haswell processors has also helped to make them more energy efficient. “What makes these notebooks great is now that we’re using the Haswell processor, we’re
able to make them thinner and lighter,” Wakabayashi explains. “Because they’re using the Haswell technology, they’re going to be more energy efficient, which means that we don’t need to have thick units with thick batteries.” The Z30 weighs in at just 2½ pounds, keeping in line with Toshiba’s mandate to create a lighter notebook. The Z40 and Z50 are equally lightweight, weighing 3½ and 4 pounds, respectively. Also being introduced by Toshiba is a new mobile workstation. Designed with enterprises in mind, the Tecra W50 mobile workstation is larger than its Z-series counterparts and combines the capabilities of a desktop with the portability of a laptop. “We’ve taken the standard desktop workstation and put it into the mobile format,” says Wakabayashi. “What classifies it as a workstation is the i7 Quad Core CPU, the full HD screen, and the nVIDIA 2 GB video card.” The Tecra W50 can handle various types of larger-scale projects, making it able to adapt to the needs of virtually any industry, profession or workplace environment. It also has built-in storage capacity of up to 32 GB of RAM. “It’s AutoCAD and Solidworks certified, so it’s designed for engineers and anyone working with AutoCAD,” Wakabayashi says. “It’s also very good for graphic designers, and it has the processing power for them to use Adobe Photoshop, and other Adobe Suite programs.” “For graphic design, you have to look at the resolution as well because the screen has full HD capabilities,” adds Mini Saluja, director of product marketing for Toshiba
t
Product Showcase Canada’s Digital Products Group. “If a customer is interested, we can provide a 4K panel, which is especially effective if you’re doing photography work.” Toshiba’s business suite also includes the Z10t Portégé hybrid device, whose screen can be easily detached from its keyboard, transforming it into a tablet. Equipped with a built-in stylus, the Z10t’s specs include a fourth-generation Intel Core i5-4210Y processor, up to 128 GB of storage, and Widi compatibility with Toshiba’s line of plasma screen televisions. “Most of our TVs have an Intel chip inside of them, so you can pair the two, and whatever is displaying on the (device) will also be displayed on the TV,” says Wakabayashi. “(The Z10t) is designed to compete with Microsoft’s Surface tablet, so it’s definitely not a low-power device,” Saluja adds. “It has the same regular-sized CPU found in our Zseries products, and it won’t be comparable to retail products you can find on the shelves in most stores.” Rounding out Toshiba’s business suite is the new Satellite Pro R50. This device, designed for use by SMB customers, features a fourth-generation Intel Core i3-4005U processor with hyper-threading technology and enhanced SpeedStep technology, HDMI capabilities, and a 500GB Serial-ATA hard disk drive. “We just introduced this product this month, and it is meant to be targeted toward our SMB customers, in terms of price point,” Wakabayashi says. “SMB customers who don’t have the budget to move up to our higher-end products will have something just as capable as the Z-series notebooks.” The Satellite Pro R50 “has a docking unit on the bottom. It’s a one-click dock that
Rounding out Toshiba’s business suite is the new Satellite Pro R50. This device, designed for use by SMB customers, features a fourth-generation Intel Core i3-4005U processor allows you to use a port replicator to help get all of your ports expanded,” says Wakabayashi. “When you’re sitting in an office or home office environment, you have all of your peripherals connected to that dock,” Saluja adds. “Every time you leave and return, you don’t want to have to reconnect multiple peripherals. With this device, all you have to do is disconnect your laptop, and when you return, you don’t have to reconnect everything.” The inclusion of the port replicator makes work easier for IT professionals because there is less to manage. It also provides a financial benefit, as its design allows companies to save money on extra peripherals for port-reading purposes. The Satellite Pro, says Saluja, integrates several of the elements of the higher-end models into a package that is more affordable, making it more attractive to smaller
businesses that require fewer units for daily work functions. As many workplaces weave collaborative methods into their activities, the desire to have technology that promotes collaboration and makes it accessible increases significantly. Toshiba has designed its business-focused products to assist with collaboration while simplifying connectivity at the same time. “Regardless of where you are, you will always need to have a wireless connection, and our products certainly have those capabilities,” Saluja says. “We have also equipped our entire line with various types of ports, which makes it easier to upload and transfer data to the server, cloud, or virtually any other location.” With mobility becoming a key component of an increasing number of workplaces, the need to ensure the security of mobile workstations becomes vital. In response to that, Toshiba’s family of products are equipped with EasyGuard Technology. EasyGuard provides users with security features that make it easier to go mobile, including shock-absorbing design, hard drive protection, fingerprint reader capabilities, and multiple-level password utilities. Given that businesses often have limited budgets for new technology, Toshiba’s products are also engineered to provide them with cost savings over time. “In the consumer space, you often see users replacing their notebooks every year or two,” says Wakabayashi. “We found that the majority of our customers are replacing their notebooks within three to five years. As a result, the cost of ownership will be much lower over the long term because of the reliability of our units, the technology behind them, and our very low failure rate.”
September/October 2014 IT in Canada Online / 9
data storaGE and ManaGEMEnt
By Mark david
QuiCk as a Flash data stoRage and ManageMent
D
ata storage and management is a key area of focus for many enterprises today, with many options available. While traditional storage methods are always the first choice, new developments from HP will soon have companies doing the “flash dance.” HP believes that flash-based storage is the way of the future, and its new projects are designed to help companies make the transition from mechanical hard drives to the flash-based model, which can be up to 100 times faster than other forms of data storage. It also consumes far less power and combines the capacity of several storage units into a single device, making it more cost-effective. In an exclusive interview with IT in Canada, Craig Nunes, VP of worldwide marketing for HP Storage, discusses the 10 / IT in Canada Online September/October 2014
advantages of flash-based storage, and why many businesses are giving heavy consideration to making the switch.
Q: what might prevent an organization from adopting flash storage?
nunes: There are three major barriers to flash storage. I think everyone understands the performance of flash, and if you are an optimized flash platform, you’re going to deliver very low latency. But what might prevent an enterprise from going there? I think the first issue is cost. I’ve stood in front of many users and asked, “If you could get flash (storage) at the same cost as spinning disk, who here would buy flash?” Every single hand in the room goes up. But the issue has been affordability. The milestone we achieved in June with the
Craig nunes, VP of worldwide marketing for HP Storage
Data Storage and Management
management headaches increase, and you end up creating a real silo across your data centre, and one of the things we’ve invested in is delivering a level of scalability that allows a customer to deploy this. We have an all-flash platform that is scaled to about 460 TB of raw storage capacity, and after duplication, there is 1.4 PB available. We think that’s a great alternative between the affordability at $2 per usable gigabyte, built-in Tier 1 HA features, and the scale that a data centre needs.
costs, which are often the majority of your database deployment costs, can come down significantly. We’ve seen as much as a 30 per cent reduction in Oracle licenses by deploying high-performance infrastructure with servers and flash together. Depending on where the customer is in terms of what they’re deploying within their data centre, there are a number of ways they can take advantage of flash and reduce operating costs.
Q: How can flash storage help
have over traditional storage formats?
businesses reduce operating costs?
Q: What advantages does flash storage CN: From a performance perspective, you’re
CN: For your IO-intensive workloads that require a large number of IOPS, you can think of it this way: A disk drive is going to contribute a few hundred IOPS to the performance that you need, and you keep adding those, assuming that there are no other bottlenecks. You just add enough disk drives to get to whatever performance level you need. You can actually replace a whole load of disk drives with a single all-flash array, and now across a platform, a customer can buy usable flash capacity for the same cost as a 15,000 RPM spinning disk drive. The second issue revolves around Tier 1 capabilities. A lot of people want flash to accelerate critical transactions to drive revenue or highly virtualized environments where they’ve done a high amount of consolidation, and a problem with flash would severely impact the business. Flash platforms don’t have the enterprise flash data services replication and single-system resiliency to handle component failure gracefully without a loss of performance. Because of that, people believe that the platforms are not ready for their data. The last issue is part of the Tier 1 discussion. If I’m going to use flash instead of mid-range and high-end arrays, a midrange are is often configured with 140 TB of disk capacity, and a high-end array might have over 400 TB of capacity, the average flash array today has about 30 or 40 TB of capacity. To really match up, you wind up having to deploy many of these things, your
going to pack many more IOPS into a single flash drive. The disk industry has been very focused on adding capacity to an individual disk drive, but it’s been very challenging with the rotational latencies of a disk to really do much about the IOPS per disk over the years. We can look back as much as 20 years ago, and the size of disks has grown dramatically, from a capacity perspective. IOPS performance hasn’t really changed,
We’ve been so successful with that approach that we are now offering five-year warranties on our flash drives, even on our commercial MLC drive technology, which is our most affordable (product). flash disk, so in your data centre, which will translate into a large reduction in floor space, power and cooling requirements. That alone is going to provide you with great benefits. It’s a great opportunity for consolidation, and this will also help you from a management perspective. The final (element) is software licensing, which many businesses classify as an operating cost. This might be a bit surprising. In large Oracle environments, Oracle licenses are priced per CPU. If you can deploy infrastructure that is more powerful or robust, you will accelerate your database workload, and you’ll actually be able to do that using less server resources. Because your Oracle licenses are tied to those server CPUs, your Oracle licensing
and the game-changer with flash is a huge improvement in IOPS in a very small form factor. Flash also has a nice power profile, especially since it’s replacing so many drives, which is also a nice benefit. For as great as flash can be in terms of performance, power and density, one of the concerns with flash is the wear-out of flash drives. What happens with a flash drive if you write the same part of the drive many times, eventually, that part of the drive wears out. There is a lot of concern over how people manage that within their infrastructure; would they start losing a number of flash disks (as a result)? We’ve invested a lot in this area, and have an approach which we call system-wide September/October 2014 IT in Canada Online / 11
Technospective Data Storage and Management “From an efficiency perspective, I think there is a tremendous focus on flash specifically as a concept of data compaction.” — Craig Nunes
striping and Adaptive Sparing, and what that effectively allows us to do is do a really sophisticated amount of wear leveling so that the drive wears very evenly, and you don’t have hot spots on your drive that fail and ultimately lead to a drive failure. We’ve been so successful with that approach that we are now offering five-year warranties on our flash drives, even on our commercial MLC drive technology, which is our most affordable (product). What a customer now gets with flash media is performance density, and they don’t need to worry about a trade-off in reliability.
Q: How easy is it for businesses to implement flash storage?
CN: There are a few ways to go. You can go out, buy a new platform, and bring that into your shop. You might need to learn storage operating system. All of the storage platforms in the industry, with the exception of 3PAR, were a net new operating system within the data centre. Even from other large storage vendors, their flash platform is a fundamentally different architecture. You have to learn a new way to manage the system and integrate it into your environment. One of the things we’ve done differently here is because we have an optimized, allflash array that runs precisely the same architecture and operating system as the rest of our primary storage portfolio, customers familiar with a high-end or entry 3PAR system will be very familiar with that 3PAR all-flash platform when they deploy
it. From that perspective, it’s going to be very easy for them to take advantage. We take that one step further with (today’s) announcement. Let’s say you’re tight on space or you’ve just made an investment in a 3PAR platform that isn’t the all-flash platform. In effect, what the announcement is allowing that customer to do is simply add a few SSD drives. You don’t need to go out and buy a new 3PAR array. In fact, if you already bought an array that has an existing SSD drive, what the announcement effectively brings to customers is full hardwareaccelerated in-line block de-duplication. Think of it as data compression on the hardware you’ve already acquired. You can begin to take advantage of flash in bitesized chunks as your applications need, and add flash a couple of terabytes at a time, if you desire. It’s a very easy, low-risk way to hop on that flash on-ramp and take advantage of the value of flash, and that’s what you have going on across your data centre or enterprise.
Q: How can flash storage help
enterprises to improve their efficiency?
CN: From an efficiency perspective, I think there is a tremendous focus on flash specifically as a concept of data compaction. We have various different technologies that allow you to run a lot of different application data on a very small amount of flash disks. That, fundamentally, is going to drive a load of efficiency, not just on the disk itself, but in terms of the number of drives and arrays that a customer has to procure.
The approach we’ve taken with our deduplication technology is going to allow you to land a great deal of application data in a very small footprint. That’s going to make your flash investment more affordable, and will also save a whole lot of data centre space. As an example, there a number of our customers who are considering replacing a traditional high-end monolithic storage array with flash. They were running autotiering to try and accelerate things as much as possible. With the affordability of flash and the Tier 1 features on 3PAR, they’ve realized that they can actually advantage of all-flash instead of buying a new high-end storage array. We found not only is there a upwards of 75 per cent in cost savings in that new array, but also in the footprint. We have seen three racks of gear come down to just four rack units in a rack. This equates to about seven inches in a rack and a shelf or two. Suddenly, you’re bringing out a tremendous amount of data centre space, and taking care of equipment that has such a streamlines form factor is easier than managing a big, traditional monolith.
Q: What are HP’s future plans for flash storage?
CN: A big priority for us is to continue to drive down the cost per useable gigabyte. It’s not just been through our de-duplication and thin technologies. We have had multiple generations of hardware that we’ve rolled into the platform, and our latest is a nearly 2 TB commercial MLC drive that brings great economics to the disk array. We’re the only platform in the industry right not to offer this 1.9 TB commercial MLC drive. You can expect HP continuing to drive the cost down below $2 per usable gigabyte. You’re also going to see more capabilities as we build on our quality of service and Tier 1 feature set, and a great deal of investment around the management and orchestration of vis-à-vis OpenStack around HP’s OpenStack Helion, thereby really delivering more customers a terrific hybrid cloud experience with their 3PAR flash platform. There a lot of exciting things coming, and we’re certainly hopeful about them.
12 / IT in Canada Online September/October 2014
4FMV_PRIN
01001001 01100110 00100000 01111001 01101111 01110101 00100000 01100011 01100001 01101110 00100000 01110010 01100101 01100001 01100100 00100000 01110100 01101000 01101001 01110011 00101100 00100000 01101111 01110101 01110010 00100000 01100011 01101100 01101001 01100101 01101110 01110100 01110011 00100000 01100001 01110010 01100101 00100000 01110011 01100101 01100001 01110010 01100011 01101000 01101001 01101110 01100111 00100000 01100110 01101111 01110010 00100000 01111001 01101111 01110101 00101110 If you can’t read this, we’ll connect you to the people who can.
4fmv.ca
The right candidates. The right opportunities.
4FMV_PRINT.indd 1
12-09-14 12:44 PM
Technospective Software-defned data centre
Centre of attention
By Mark David
It’s no secret that many businesses are considering the implementation of the software-defined data centre (SDDC) for their storage needs. In fact, recent statistics suggest that the SDDC market will undergo significant expansion by 2016.
A
Rishi Bhargava, VP and GM of SDDC security for Intel’s security solutions division 14 / IT in Canada Online September/October 2014
ccording to a report from CRN, the SDCC market was valued at $360 million in 2013. However, that figure is expected to skyrocket to $3.7 billion by 2016 as more companies get on board, especially as the SDCC becomes more costeffective. But, as is the case with every new IT infrastructure development, proper security measures need to be introduced. Given that the SDCC is responsible for storing and managing sensitive data for organizations, ensuring that it’s armed to the teeth is vital. Additionally, the SDCC will soon reach a new plateau as Infrastructure as a Service (IaaS) begins to take off. Securing the SDCC was one of many hot topics at McAfee’s FOCUS14 event in Las Vegas. IT in Canada sat down with Rishi Bhargava, VP and GM of SDDC security for Intel’s security solutions division to discuss all things SDDC.
Technospective
Software-defned data centre
Imagine today, when you’ve got to store a large amount of particle data or some other database, you’re going to point to a storage device and say, “Store it there.” What you can do with software-defined storage is create a pool of storage. It doesn’t matter where it resides; all that happens is the application says “I need 2 TB of storage. You optimize it for me, and optimize it for performance or capacity.”
Q: What is the history of Intel’s involvement with the SDDC?
Bhargava: If you look at Intel’s involvement, there has been a very strong history with the SDDC. In fact, Intel calls it softwaredefined infrastructure. Intel’s investment (in the SDDC) is not only on the hardware side of the data; we also have a very large team which enables partners like VMware and a lot of open-source contributions for OpenStack and other environments for the SDDC. From the Intel Security perspective, our engagement with the SDDC has been pretty heavy over the last four years. We launched our first product focusing on that space, McAfee Move, which was a virtualization security product optimized (for) anti-virus. I was the product manager for that product a few years ago. In addition, we have always had a large number of our IPS and firewall appliances deployed on the perimeter in data centres. From 2012 onwards, we stated focusing more intensely on the data centre space. We created a data centre service security group within our endpoint business, and lot of products, including our data centre connectors, which connect to vCenter, OpenStack, Amazon AWS, HP Cloud, RackSpace, and so on. We have connectors for all of these cloud environments to be able to discover assets and pull them back into the environment.
In April of this year, we created a new division, SDDC Security, which is what I am running. The point (of creating it) was there was a lot of work happening in SDDC specifically. For us, the question was how do we look at security in the SDDC space, and what can we do there? We had a lot of research items which we had been (developing) with the Intel team because Intel has a very large SDDC investment. Based on some of that research work, we are bringing out our first product, the Intel Security Controller, to the market in December.
Q: Why are more enterprises considering SDDC adoption?
RB: Simply put, there are three benefits we see that our enterprise customers are claiming for the SDCC. The first one is agility. They can get flexibility and agility for what they need in terms of capacity on demand. The second is cost. Now that you can grow and expand on an as-needed basis, your costs to invest upfront come down. The third is security. Some of the SDDC architectures make security possible in a way that didn’t exist before. They are way more secure from the get-go.
Q: Various reports indicate that the
SDDC model is poised to expand faster than any other storage market. What is the primary reason for this?
RB: Software-defined storage is one aspect of the SDDC infrastructure. The reason why software-defined storage is getting that traction for its adoption is because when you virtualize your server, you’re dealing with the hard ware from the application that comes with it. If you start to do that for storage, it gets you very similar benefits. Imagine today, when you’ve got to store a large amount of particle data or some other database, you’re going to point to a storage device and say, “Store it there.” What you can do with software-defined storage is create a pool of storage. It doesn’t matter where it resides; all that happens is the application says “I need 2 TB of storage. You optimize it for me, and optimize it for performance or capacity.” Horizontal scaling can also happen. People can keep adding storage independent of the application changing so that the application can be de-linked to the hardware.
Q: Why are more enterprises interested in achieving Infrastructure as a Service through the SDDC?
RB: Infrastructure as a Service, in my mind, is the next step in cost savings and agility. If you were to build a private cloud, in that case, you still need to invest some hardware cost over time and then horizontally scale over time. In a pure IaaS model, you don’t even do that. What you’re able to say is,
September/October 2014 IT in Canada Online / 15
Technospective
Software-defned data centre
RB: Intel offers a lot of solutions from a hardware perspective to scale out the storage pieces. At Intel Security, we have mostly focused on software-defined networks and software-defined computing. Storage, from our perspective, becomes part of computing because eventually, an application will be accessing it. When we think of the security model, we are focusing on how you leverage SDN and software-defined computer virtualization to create more secure environments to deploy firewalls dynamically. For example, what software-defined infrastructure enables us to do is deploy our security controls with ease on an ondemand basis and make them scalable. What we can do with SDI and our security integration is say, “I want two firewalls at these two locations. These VMs go to this firewall, and these VMs go to the other firewall for security.” Everything can be automated, from the routing of the network and deployment of the firewall virtual machines to the sub-policy mapping, and that’s the benefit. True software-defined security is what we’re calling it, and just like having SDI, you need software-defined security so you can deploy it faster, and with ease.
Q: What are Intel’s future plans for the SDDC?
“I’m going to pick a cloud provider, and I’m going to use the computers needed.” It is both development- and cost-friendly, which makes it attractive to enterprises. The challenge with the IaaS start-up case is how they can implement the same security policies that they implement on an onpremise infrastructure for IaaS.
RB: I think it depends on what application it is. If you start to take your SAP or your on-site CRM and put it on IaaS, it will not be easy at all. On the other hand, if you’re starting to take your Web application or the new application that your team is developing and build and scale it faster, that’s the way to go. IaaS offers you a much easier path to do that.
Q: How easy is it for enterprises to
Q: What solutions does Intel offer for
implement IaaS?
16 / IT in Canada Online September/October 2014
software-defined data storage?
RB: Intel is heavily invested in making sure that the customers get the benefits of the software-defined infrastructure. There will also be a lot of investments in SDI to enable OpenSource and OpenStack environments, and working with strong partners like vmWare in order to enable SDDCs. Finally, Intel Security’s focus is you cannot have the next-generation architecture like SDI without security. Specifically, it involves how you leverage the power of SDI to create more secure environments and how you make sure you secure the data centre environments without certain technologies in place.
NA
OR
AD
CI
CO
http://www.itincanadaonline.ca
ARE YOU MISSING OUT? Please supply us the following information to allow us to provide another year of Free Subscriptions to IT in Canada Online.
SUBSCRIBE
NOW!
Fax: 905-727-4428 Mail: 24-4 Vata Court, Aurora, ON, L4G 4B6 Email: circulation@iticonline.ca
NAME:
TITLE:
ORGANIZATION:
ADDRESS:
CITY:
COUNTRY:
PROVINCE:
POSTAL CODE:
E-MAIL ADDRESS:
PHONE:
WHICH FORMAT WOULD YOU LIKE TO RECEIVE YOUR COPIES?
SUBSCRIBE TO FREE WEEKLY E-NEWSLETTER?
Privacy Policy: we do not share or sell our mailing list
YES, PLEASE
DIGITAL
NO, THANKS
Network Spotlight
By Rachel Levy Sarfin
Open source networking on the rise,
says ONF
O
pen source software will become a driving force in developing industry network standards, predicts Dan Pitt, Open Networking Foundation (ONF) executive director, at a recent industry event. Pitt also believes that open softwaredefined networking (SDN) will be a requirement for network operators, emerging OpenFlow products will become a standard 18 / IT in Canada Online September/October 2014
of choice and that the demand for SDN skills training will be in high demand in the coming year. The executive director of ONF shared his insights into his predictions for open SDN in 2015 and beyond. “Even in the best of circumstances, opensource software makes sense only in certain places,” Pitt notes. “Commonly used protocol stacks, for example, do not make any vendor unique, so these might as well be
commonly developed using open-source software. It is in roles like these that opensource software will become the norm.” Pitt expressed optimism about the adoption of open SDN. “Even as such, there are not so much barriers as challenges to its being used successfully,” he comments. “When an open-source project produces a complete, freely available product, network operators still need either a third party to service and support it, or skilled programmers of their own to do so. When an opensource project serves only to save vendors from duplicating efforts, and they then embed pieces of the software into proprietary products, the open-source software needs to be sufficiently modular and have the right external interfaces. Defining just where multivendor interfaces make sense is an ongoing challenge for the industry. The ideal interfaces in networking are immediately above and immediately below a networking function that represents a common building block, so that vendors can innovate and compete with differentiated products above and below these interfaces, respectively. If these interfaces are in the wrong place, innovation gets stifled or development efforts are unnecessarily duplicated.” These obstacles are not insurmountable, though. “The main method of overcoming these challenges is by experience and continued software innovation,” Pitt explained. “The great thing about open-source software is that if you don’t like it, you can change it. When many parties contribute to its evolution, a piece of open-source software evolves rapidly as experiences guide developers on what best meets customer needs. Perhaps the most direct way of making an open-source software project successful is for
Network Spotlight
Dan Pitt, executive director, Open Networking Foundation (ONF)
the network operators, more than the vendors, to contribute to it. That will certainly assure that it meets operator needs.” While open source networking might seem as though it would hurt vendors, Pitt sees business opportunities available. “As opensource SDN is adopted, we will see new game-changing players emerge, and the fact that their solutions are open will give them a definite advantage,” he remarks. “We’re already seeing incredible innovation come from many SDN startup companies, and we expect this to continue as the movement evolves. And as even more open-source solutions become available, we will see the benefits trickle down to end users and ultimately their customers. With open software, anyone can play, so competition is greater than it is when hardware is bundled with software.” Even vendors are experiencing gains from open source networking. “As for the benefits of open-source software for incumbent vendors, they are already finding that they can share development efforts and costs with other contributors to open-source projects, for networking components that do not require much differentiation between vendors,” Pitt says. “This speeds development and allows them to innovate in areas that bring unique value to their products.” As a result of the high demand for open source networking, the need for skilled professionals will also grow. “Generally speaking, an engineer should acquire technical and engineering-level knowledge of SDN technologies, architectures, deployment solutions, and software skills for internal development,” Pitt says. “Indeed, the most valuable jobs in networking will be for software developers that, unlike application developers, have an understanding of distributed network systems. But an entry-
level IT professional will only need a basic understanding of SDN technologies, at least to begin with. Regardless, having that foundational knowledge of open SDN will be essential at all levels.” The ONF offers a way for companies to find qualified candidates. “To help with this, ONF is in the process of developing a skills certification program - the ONFCertified SDN Professional Program - that will provide practitioners with a recognized standard to evaluate individuals’ SDN knowledge and skills,” Pitt notes. “This program is vendor-neutral and will focus on providing foundational credentials in open SDN.” “The advancement of the open SDN movement depends on there being enough professionals skilled in SDN technologies to move their employers to successful adoption and deployment of SDN technologies, so employers are keen on finding skilled staff,” Pitt concludes. “Networking engineers, meanwhile, will find their legacy skills such as command-line interface configuration to be of decreasing value in the marketplace, so to stay in demand they are wanting to upgrade their skills.”
“As for the benefits of open-source software for incumbent vendors, they are already finding that they can share development efforts and costs with other contributors to open-source projects, for networking components that do not require much differentiation between vendors”
September/October 2014 IT in Canada Online / 19
Security Shelf
By Eric Jacksch
The password problem
Passwords are only part of the problem. The approach to authenticating users must change. Conventional security wisdom advises using a different password for each system and changing it regularly. Most system password policies enforce minimum password lengths, require the use of complex passwords, and force users to change their passwords on a regular basis. The underlying theory is that the best passwords are random to resist brute force and dictionary attacks, not re-used across accounts in case one system is compromised, and changed regularly to reduce their lifetime in the event that they are compromised. However, this fails to take into account that humans simply can’t remember that many complex passwords.
Passwords are only part of the problem. The approach to authenticating users must change. 20 / IT in Canada Online September/October 2014

Technospective
Do your sales reps spend more time looking for special pricing approvals than talking to customers? Is your purchasing team struggling to keep up with requests to validate pricing and discounts?
Is your sales team aware of all your customers’ upcoming maintenance, support and warranty renewals? Are your client entitlements lapsing, leaving your customers exposed and your accounts vulnerable to your competitors?
We Can Help
September/October 2014 IT in Canada Online / 21
Security Shelf
Two obvious attack vectors would be stealing keys from mobile devices and man-in-the-middle attacks. Simply replacing passwords with a “better” method won’t work. Microsoft researchers Dinei Florencio and Cormac Herley and Carleton University Professor Paul van Oorschot concluded in their August 2014 paper, “Password Portfolios and the Finite-Effort User: Sustainably Managing Large Numbers of Accounts,” that “any strategy that rules out weak passwords or re-use will be sub-optimal.” Their paper suggests an “optimal solution for how to group accounts for re-use.” Researchers are correct to take human limitations into account. The use of individual strong passwords doesn’t work and it is obvious to anyone who has tried. That strategy is only possible if users write them down, use password management software, or do a lot of password resets. In some situations writing down passwords might be the lowest risk approach, 22 / IT in Canada Online September/October 2014
as long as it is not a post-it-note stuck to a monitor. While paper can be stolen or surreptitiously copied, it is generally immune to malware attacks. Password management software is also very popular. On one hand, there is no paper to be lost, stolen, or copied by an evil insider. Some password management applications synchronize passwords across multiple devices and will enter them for the user. However, these applications create a single point of failure. If the user forgets the master password, or the user’s endpoint is compromised by malware, it’s game over. Considering the multitude of problems, perhaps the best solution is to abandon passwords altogether? Many security practitioners promote replacing passwords with token-based authentication devices. Software-based solutions like Google Authenticator are available for free; leading service providers such as Amazon, Digital Ocean, and Microsoft have adopted it. However, it requires a separate set-up procedure for each site and the user interface quickly becomes unwieldy. Biometrics are often suggested as a good option because they make credentials difficult to counterfeit. While they will become the authentication of choice for physical security applications, biometrics simply are not suited for authenticating to systems across the Internet.
Digital certificates have the potential to significantly strengthen authentication systems. While users must procure and install a certificate on their devices, the advantage of certificates is that they are already designed for authentication to multiple web sites. Site owners need only trust the Certification Authority that issued the certificate. None of these solutions even remotely approach the implementation ease, low cost, and universality of passwords. While implementing a good password system is much more difficult than it appears — as proven by the plethora of mass password disclosures — it requires no specialized hardware and works for virtually any type of application. Solving the password problem requires taking a different approach to authentication. Passwords, authentication devices, and biometrics all have weaknesses. For example, if every web site adopted Google Authenticator, criminals would shift their focus to attacking it. Two obvious attack vectors would be stealing keys from mobile devices and man-in-the-middle attacks. Simply replacing passwords with a “better” method won’t work. Instead of focusing on specific authentication methods, a more flexible risk-based authentication framework is required. Individual applications should offload authentication to a centralized service designed specifically for that purpose. Authentication services, in turn, must employ a variety of authentication techniques that take into account the level of risk involved, capability of the endpoint, and authentication preferences of the user. For applications with low-risk profiles, a user authenticating with a previously known digital certificate may be acceptable. High-risk applications such as online banking should require multi-factor authentication combined with anti-fraud techniques; centralized authentication services are in a strong position to use factors such as user history, IP addresses, and geolocation to spot intruders. A strong, flexible, multi-application authentication framework must be created with a business model that is attractive to consumers, service providers, and application developers.
THE PORTABLE
P-215II SCANNER • COMPACT AND CONVENIENT • SINGLE SUB POWERED (USB 3.0 READY) • MAX SPEED 15 PPM • BUILT-IN CARD READER • 20 SHEET DOCUMENT FEEDER • BUNDLED SOFTWARE FOR MAC AND WINDOWS • SCAN TO CLOUD APPLICATIONS • INCLUDES ISIS/TWAIN DRIVERS
• USB 3.0 ready • Mac and PC compatible • Only 2.2 lbs. • Card scanning
. RD . A T H KS MAR E. R S R WO RKS HE W WO ANY S RK O W
Canon is a registered trademark of Canon Inc. imageFORMULA is a trademark of Canon Inc. © 2014 Canon Canada Inc. Contact your Authorized Canon Distributor to see it today or visit www.canon.ca/contactus to request a demo.
www.canon.ca