Wednesday, March 31, 2010

F5 BIG-IP Edge Gateway Performance Demo

Watch how F5 has solved the security plus acceleration challenge for remote users.  Demo shows how BIG-IP Edge Gateway is twice as fast as the competition at downloading a 5MB Microsoft SharePoint file.  A powerful example of optimization technology for superior end user experience. Erik Giesa, VP Product Management and Nojan Moshiri, Product Management Engineer host.

ps

Technorati Tags: F5, security, application security, network security, business, banks, education, technology, social networking, webinar, video

Digg This

Monday, March 29, 2010

4 out of 5 Folks Not Quite Sure What the Cloud Is

Well, maybe not that bad but in the wake of Cloud Connect, IDC Directions and a couple other gatherings, I’ve been looking into overall cloud understanding in the market/industry.  We all know that there is still significant confusion surrounding cloud computing driven by vendor claims, lack of standards and it being a *relatively* new technology tool for business.  I’ll let the links do most of the talking  but it is interesting to watch the videos and hear all the different opinions on what is cloud computing over the years.  And it’s not just trade show attendees – the Proofpoint & Osterman Research conducted in August of 2009 showed that, ‘40 percent of the IT professionals surveyed said they were still confused by the term.’  From the 2009 Version One research, ‘two-thirds of senior business executives and 41% of senior IT professionals admit that they "don’t know" what cloud computing is.’  And the Chadwick Martin Bailey survey from earlier this year indicates ‘24 percent of polled IT decision-makers were not able to define cloud computing.’  At least the percentages are getting better as time passes but there’s still a good chunk of uncertainty even amongst IT pros and decision makers. 

The Links:

Solution?  Time.  With anything new (even if it’s just a new term to describe something old) it takes time for the dust to settle, for people to fully grasp and for the industry to clearly communicate what it all means.

ps

Technorati Tags: F5, infrastructure 2.0, integration, collaboration, standards, cloud connect, Pete Silva, F5, security, application security, network security, business, education, technology, application delivery, intercloud, cloudinfrastructure 2.0, context, web, internet, blog, cloud hosting, cloud computing

Digg This

Tuesday, March 23, 2010

The Inter-Cloud: Will MAE become a MAC?

600_cloud_over_beach If public, private, hybrid, cumulus, stratus wasn’t enough, the ‘Inter-Cloud’ concept came up again at the Cloud Connect gathering in San Jose last week.  According to the Wikipedia entry, it was first introduced in 2007 by Kevin Kelly, both Lori MacVittie and Greg Ness wrote about the Intercloud last June and many reference James Urquhart in bringing it to everyone’s attention.  Since there is no real interoperability between clouds, what happens when one cloud instance wants to reference a service in another cloud?  Enter the Inter-Cloud.  As with most things related to cloud computing, there has been lots of debate about exactly what it is, what it’s supposed to do and when it’s time will come

In the Infrastructure Interoperability in a Cloudy World’ session at Cloud Connect, the Inter-Cloud was referenced as the ‘transition point’ when applications in a particular cloud need to move.  Application mobility comes into play with Cloud Balancing, Cloud Bursting, disaster recovery, sensitive data in private/application in public and any other scenario where application fluidity is desired and/or required.  An Inter-Cloud is, in essence, a mesh of different cloud infrastructures governed by standards that allow them to interoperate.  As ISPs were building out their own private backbones in the 1990’s, the Internet needed a way to connect all the autonomous systems to exchange traffic.  The Network Access Points (NAPs) and Metropolitan Area Ethernets (now Exchange – MAE East/MAE West/etc) became today’s Internet Exchange Points (IXP).  Granted, the agreed standard for interoperability, TCP/IP and specifically BGP, made that possible and we’re still waiting on something like that for the cloud; plus we’re now dealing with huge chunks of data (images, systems, etc) rather than simple email or light web browsing.  I would imagine that the major cloud providers already have connections the major peering points and someday there just might be the Metro Area Clouds (MAC West, MAC East, MAC Central) and other cloud peering locations for application mobility.  Maybe cloud providers with similar infrastructures (running a particular hypervisor on certain hardware with specific services) will start with private peering, like the ISPs of yore. 

The reality is that it probably won’t happen that way since clouds are already part of the internet, the needs of the cloud are different and an agreed method is far from completion.  It is still interesting to envision though.  I also must admit, I had completely forgotten about the Inter-Cloud and you hear me calling it the ‘Intra-Cloud’ in this interview with Lori at Cloud Connect.  Incidentally, it’s fun to read articles from 1999 talking about the Internet’s ‘early days’ of ISP Peering and those from today on how it has changed over the years. 

ps

Related:

Technorati Tags: MacVittie, F5, infrastructure 2.0, integration, collaboration, standards, cloud connect, Pete Silva, F5, security, application security, network security, business, education, technology, application delivery, intercloud, cloud, greg Ness, context-aware, infrastructure 2.0, automation, context, web, internet, blog

Digg This

Friday, March 19, 2010

Lori MacVittie Interview at Cloud Connect

I got a chance to sit down with another member of the Technical Marketing Team at F5, Lori MacVittie at the Cloud Connect conference in Santa Clara this week.  We chat about Web 2.0, Infrastructure 2.0, dynamic networks, cloud interoperability standards, what 3.0 looks like and a few other things.  Thanks Lori!
ps
Technorati Tags: MacVittie, F5, infrastructure 2.0, integration, collaboration, standards, cloud connect, Pete Silva,F5,security,application security,network security, business, education, technology
Digg This

Smart Cities – From IDC Directions 2010

ATT showed up at my door yesterday explaining that they are pulling all the copper (as he pointed up at the telephone pole) and replacing it with fiber to the home.  It’s fun watching these young sales guys go for the immediate assumptive close with, ‘You’re one of the lucky ones and now your phone, internet and cable will be going over fiber – which package best suits you?’  I’m not one of those ‘triple-play’ fans but the whole ‘fiber to the home’ reminded me of a presentation I saw last week at the IDC Directions 2010 in San Jose: Smart Cities: Proving Ground for the Intelligent Economy from Rick Nicholson, VP Research, IDC Energy Insights.  There are two big mega trends, as he put it, to the Smart City: Urbanization and Intelligent Technologies.

Urbanization.  As Wellington E. Webb, the former Mayor of Denver put it, ‘19th century had Empires, 20th century had Nation States and the 21st Century will be a century of Cities.  The percent of people moving to cities is on the rise.

Intelligent Technologies.  There are many Intelligent Devices like smart meters, sensors, camera, smartcards, cell phones and all the other devices that capture and send data. There are also pervasive Broadband networks to connect all the devices and there are Analytics and Social Media to process all the real time information.  Devices plus Technology drives Smart Cities.

Why are people moving toward a Smart City? There is Sustainability. Things like going green, conserving water, power and resources is not only smart for the planet but to our overall survival. There is a business reason - economic development is occurring in these cities and there is Stimulus Funding to jump start these ventures.  A Smart City infrastructure needs to support Energy, Network Communications, Water, Transportation, Buildings, City Services and it’s technology that ties these all together.  There are also many IT opportunities in the Smart City.  Energy is one.  Rick explained that electric use has doubled from 1973 and continues to grow. Cities must meet that demand with clean, efficient energy while managing energy costs.  With the Smart Grid, there are opportunities for hardware, software, devices and communications.  There are smart meters and grid sensors, there are electric vehicles and their networks - and all these need software and analytics to help manage use. He talked about Transportation as a Service, Car 2.0 or Mobility on Demand.  For a fee (which includes everything – gas, maintenance, insurance), you can pick up a ‘TaaS’ car where ever it may be parked, use a special smartcard to unlock & start it and leave it at certain approved locations (with the smartcard capturing time/mileage/etc) for the next customer to drive.  You need routing and sharing information, charging stations, back office CRM and Asset Management software along with consumer services to make it all work.  A Daimler venture called Car2Go is in a pilot trial in Austin, TX.

In Health Care, the aging population, costs, chronic disease all bump up against the quality of life expectations we all have.  Both for better care and controlling costs we now have telemedicine, remote patient monitoring, intelligent devices, electronic health records, patient portals and so forth.  All these need to communicate, coordinate and collaborate for proper end user care.

In Retail, there is a battle between the small urban shop and the large suburban warehouses.  It costs more money to deliver goods to cities so shelf space and understanding what the consumer wants/needs is very critical.  In-store technology includes things like, self service check out, mobile Personal Shopping Assistants and digital signage. Once again, back office software and infrastructure are a major components. Partnering with someone who’s building out a lot of this infrastructure or providing the devices, might be advantageous according to Rick.

amsmartFor Financial Services and consumer banking in the urban area, there will be fewer and smaller branches, fewer specialists and already, there is some acceptance of consumer self service.  Smart Banking will have Personal Teller Machines which is essentially an ATM but with video and voice. There’s mobile banking, security & fraud analytics and again, back office software, a dynamic infrastructure and those specialized controllers to seamlessly integrate and deliver all these.

He sees these Smart Cities gaining traction in mid-size cities, like Austin, TX who wants to become the Clean-Tech Capital with their Pecan Street Project. Amsterdam is another example of sustainable living in a port city. Now, instead of having the ships dock and run their diesel generators, they can plug in at the port which reduces noise and pollution. He mentioned that many of these projects are still in the early stages and establishing a Brand now is important.  Here too, partnering with engineering firms, contractors, construction and the makers of the intelligent devices is a great way to get in at the beginning and says there is a $200 Billion market globally.

The Bullets:

  • Need to sell to both public and private consortia
  • Look for Smart Cities popping in medium size urban areas since these are still in development
  • Emerging markets in Asia and the Middle East are ripe since they are essentially starting from scratch.

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, education, technology

Digg This

Wednesday, March 17, 2010

Self Serve Security

Education of users has become a hot topic of late.  The final keynote at the recent RSA Conference was all about using education to combat cybercrimeThis article has statistics showing that, when Small and Mid-Market companies were asked, ‘what would help improve the level of security at their companies,’ 75% (48% for employees & another 25% for senior management) said Security Awareness.  And, the recent issue of SC Magazine featured an article where Dan Beard, the Chief Administration Office for the House of Representatives says that organizations must educate end users and that end user education is the weakest link in cyber security.  In that same article, Stephen Scharf, CISO at Experian explains:

“The human element is the largest security risk in any organization,”…“Most security incidents are the result of human errors and human ignorance and not malicious intent. Therefore, it is critical that significant effort is focused on education and awareness to reduce these occurrences.”

02840 The human element has always played a role in security, cyber or otherwise.  Growing up in Rhode Island, we used to always leave the keys in the ignition of the vehicles parked in our driveway.  We felt safe were we lived – and granted, we lived in a rural area so the main crimes committed were things like stealing eggs from Carpenter’s Farm.  Certainly, there are still plenty of areas and towns that have that type cocoon.  As I went off to college in Milwaukee, I had to remind myself early on – ‘you’re not in Wakefield anymore,’ since I’d instinctively leave my wallet crammed in the sun visor of my Rabbit Diesel.  I had to change my behavior when I moved from a small rural area to a larger city.  Internet users must do the same but we are creatures of habit.  Similar to leaving a wallet in the car, since that’s what I did most of driving life up to that point, many internet users still behave as if it’s 1995 and they are still on Prodigy.  The threats are different and more severe but behavior is the same.  Times change but sometimes people don’t, won’t or can’t.  

As all those articles point out, End User Education is vitally important to any organization and should be a key part of the overall IT security strategy.  Users knowing what and what not to do when something seems fishy is an important part of your defense – especially when it’s something your firewalls, WAFs, IDS/IPS and other perimeter mechanisms might have missed.  Education needs to be ongoing however and not a one shot deal since, according to Dr. Maxwell Maltz, it takes 21 days to make or break a habit.  This has since been deemed a myth and everyone is different but it does bring up a good point.  Security education, training and knowledge is not an overnight cram session – any security professional will attest to that.  A single afternoon meeting going over ‘corporate policies for end users’ regarding information security will not help those who already have bad habits.  It needs to be ongoing, consistent and relevant to their daily lives, including the serious consequences of poor behavior.  Help users understand the risks/threats, break the bad habits that might lead to exposure and secure your infrastructure in a way that no piece of hardware/software can.  Help users help themselves.

While not directly security related, F5 recently started offering Free Web Based Training for our end users.  IT admins are end users too, ya know.  F5 Networks Web-Based Training (WBT) courses introduce you to basic technology concepts related to F5 technology, recent changes to F5 products and basic configurations for BIG-IP Local Traffic Manager (LTM).   These are self-paced and you can access them at any time and as many times as you like.  The cool thing is if you complete all of the lectures and labs for the LTM Essentials WBT, you have met the prerequisite requirements for the Advanced Topics, Troubleshooting, and iRules classes.

ps

Related Items:

Technorati Tags: Pete Silva,F5,security,application security,network security, business, education, technology

Digg This

Thursday, March 11, 2010

In 5 Minutes Video - How I Create an ‘In 5 Minutes or Less’ Video

Thought it would be fun to produce one of these even though I got a new timer now.  I show how I create an In 5 Minutes Video, In 5 Minutes or Less. Behind the scenes in 5 Minutes.   :-)

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, education, technology, social networking, webinar, video

Digg This

In 5 Minutes Video - Smart Connection with the BIG-IP Edge Client

Watch how the F5 Networks BIG-IP Edge Client solution gets you connected automatically when you boot/start up your computer along with seeing browser based access of the F5 BIG-IP Edge Gateway.

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, technology, social networking, webinar, video

Digg This

Tuesday, March 9, 2010

Dan Kaminsky Interview Part II

Peter Silva of F5 continues his conversation with IOActive's Dan Kaminsky. Please see Part 1 for complete description. In this segment, Dan talks about the discovery of DNS Cache Poisoning, DNSSEC and the overall importance of DNS to the Internet.

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

Digg This

Dan Kaminsky Interview Part I

Peter Silva of F5 sits down with IOActive's Dan Kaminsky. In this extremely informative and lively discussion, the Domain Name System is the topic. DNS infrastructure, DNS vulnerabilities including DNS Cache Poisoning, DNSSEC and what's happened since the discovery of the flaw are all discussed. In 3-10 minute segments.

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

Digg This

Dan Kaminsky Interview Part III

Peter Silva of F5 finishes his chat with IOActive's Dan Kaminsky. Please see Part 1 for complete description. In this segment, DNSSEC conversation continues and Dan explains what's happened since his discovery of DNS Cache Poisoning vulnerability. And info on an upcoming DNSSEC Webinar.

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

Digg This

F5 Networks Partner Spotlight - Layer 7 Technologies

Peter Silva interviews Scott Morrison, CTO of Layer 7 Technologies during the 2010 RSA Conference. Part of F5 Networks Partner Spotlight Week at RSA.

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

Digg This

F5 Networks Partner Spotlight - Splunk

Peter Silva interviews Will Hayes of Splunk during the 2010 RSA Conference. Part of F5 Networks Partner Spotlight Week at RSA.

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

Digg This

F5 Networks Partner Spotlight - OPSWAT

Peter Silva interviews Benny Czarny, CEO of OPSWAT during the 2010 RSA Conference. Part of F5 Networks Partner Spotlight Week at RSA. f5.oesisok.com

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

Digg This

F5 Networks Partner Spotlight - Secure Passage

Peter Silva talks with Jody Brazil, President & CTO of Secure Passage during the 2010 RSA Conference. Part of F5 Networks Partner Spotlight Week at RSA.

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, webinar, video, partners

Digg This

Sunday, March 7, 2010

My 2010 RSA Conference & Kaminsky Interview

logorsa I hung out at the 2010 RSA Conference last week and wanted to  share some observations from the show.  Rain early in the week reminded me of why the organizers moved it later in the Spring the past couple years but the sky’s cleared and the remainder of the week, we got the nice, crisp, sunny Bay Area weather.  F5 decided not to exhibit this year but we did attend in full force, meeting with analysts and customers along with focusing our video camera on partners and doing a Partner Spotlight Week at RSA.  It was kinda fun to attend as a typical participant. 

I got there around 11am on Tuesday, just as the Expo floor was opening.  I easily got my badge without any delay.  I remember the long lines a few years ago when we all gathered in the main entrance.  They’ve improved the check-in process over the years but I’m also guessing most attendees got their badges on Monday.  Met with some F5’ers between analyst meetings, saw a very cool demo of our BIG-IP Edge Gateway Client solution and made my way to the Expo floor.  All the usual companies were displaying their wares but I’m always amazed by all the company names I’ve never heard of along with lots of color companies – Blue that, Red this, Black the other thing.  There were many ‘systems management’ companies and a whole ton of ‘token’ companies.  I even overheard another attendee mention how many token companies there were.  And of course, Cloud.  Everyone’s got some ‘cloud’ solution, even those who really do nothing in the cloud, except maybe store your info, added ‘cloud’ to their signage.  I don’t have any official attendance numbers but it did seem a bit fuller this year verses last. 

Since we didn’t have a booth, I decided to do a ‘Partner Spotlight Week at RSA’ shooting video segments of the various F5 partners at the show.   Something I’ve been thinking about for a while and with many all in one place, it made the task easy.  Every partner was very accommodating and excited to participate.  The basic premise would be, introduce the company – talk about the integration both technically and business wise – then show a quick demo if one was available.  Even with short notice (most I just walked up to and asked on the spot) they were very engaging and all were done in a single take.  I want to thank Splunk, Layer 7 Technologies, OPSWAT and Secure Passage.  Great job guys!

The highlight of my week came on Thursday.  F5 and Infoblox will be offering a Webinar on March 10th called DNSSEC: Compliance is Easier than You Think.  I was lucky to get one of the webinar speakers, Dan Kaminsky, Director of Penetration Testing at IOActive (and the guy who exposed the serious DNS vulnerability, DNS Cache Poisoning) who was gracious to participate in an interview with me – and boy what an experience!  We talked all about the DNS infrastructure including how DNS works, his discovery, DNSSEC and many other interesting topics.  What I thought would be a quick 5 minute chat turned into a full blown half hour conversation about many things Internet related.  Great stories about the discovery and some of the challenges he faced along the way.  It was awesome – thanks so much Dan – good times!!

The Videos

ps

Technorati Tags: Pete Silva,F5,security,application security,network security, business, banks, education, economy, technology, blogging, blogs, social networking, dnssec, dns, kaminsky, webinar, video, partners

Digg This