Broadband Developments

VMWare is adding a new executive to the stable - Tod Nielsen.  This on the heals of Diane Greene being forced out.

VMware Inc., (VMW: NYSE) the global leader in virtualization solutions from the desktop to the datacenter, announced today the appointment of Tod Nielsen to the newly created role of Chief Operating Officer. Nielsen will report directly to President and Chief Executive Officer Paul Maritz.

Nielsen, 43, joins VMware from Borland Software Corporation where he served as President and Chief Executive Officer since November 2005.  Prior to Borland, Nielsen held several key executive management positions at leading software companies including Microsoft, BEA and Oracle.

“I am delighted to have Tod join VMware and bring his passion for software and wealth of leadership experience to our executive team,” said VMware’s President and CEO, Paul Maritz.  “In this newly created role, Tod brings unique skills and capabilities that will help us improve our operational focus and enhance our execution across all areas of the business.  With Tod on board, I will be able to devote more of my time to the product strategy and development, while Tod focuses more on business, marketing, and operations.  Having worked closely with Tod in the past, I know that we will work effectively together and complement each other.”

“VMware is an impressive company that is in the enviable position of giving customers a significant return on their IT investment which is becoming only more important in these challenging economic times,” said Nielsen. “As an admirer of the company’s strong track record of software innovation, I’m excited about working with my new colleagues at VMware to help our customers truly transform the way they manage their IT resources.”

Nielsen brings more than 20 years of leadership experience in enterprise software and application development to VMware.  Prior to Borland, Nielsen served as senior vice president, marketing and global sales support for Oracle Corporation. Prior to Oracle, Nielsen was the chief marketing officer and executive vice president of engineering at BEA Systems, where he had overall responsibility for BEA’s worldwide marketing strategy and operations, as well as all research and development operations. Nielsen joined BEA after the acquisition of his private company, Crossgain Inc., where he served as its chief executive officer. Nielsen also spent twelve years with Microsoft Corporation, in various roles, including general manager of database and developer tools, vice president of developer tools, and, vice president of Microsoft’s platform group.

Broadband Developments blogger Greg Ness writes a guest post on Seeking Alpha today that basically asks the question:  Can cloud computing be as disruptive to changing the game as TCP/IP was?

TCP/IP fueld a entire generation of great companies as well as creating massive wealth for investors, entrepreneurs, and employees.

It’s a long article so bookmark it or take it to go with you.  It’s a good read.

Some higlights that I like…

We’ve seen this collision between new software demands and network infrastructure many times before, as it has powered generations of innovation around TCP/IP, network security and traffic management and optimization.

It has produced a lineup of successful public companies well positioned to lead the next tech boom, which may even be recession-proof.  Cisco (CSCO), F5 Networks (FFIV), Riverbed (RVBD) and even VMware (VMW) promise to benefit from this new infrastructure and the level of connectivity intelligence it promises.

Until the current network evolves into a more dynamic infrastructure, all bets are off on the payoffs of pretty much every major IT initiative on the horizon today, including cost-cutting measures that would be employed in order to shrink operating costs without shrinking the network.

Automation and control has been both a key driver and a barrier for the adoption of new technology as well as an enterprise’s ability to monetize past investments.  Increasingly complex networks are requiring escalating rates of manual intervention.  This dynamic will have more impact on IT spending over the next five years than the global recession, because automation is often the best answer to the productivity and expense challenge.

Cloud computing is dynamic computing power on a massive scale delivering new economies for IT services and applications.  In between those economies and the prices existing enterprises are already paying for their own services is the business case, in addition to operations, sales, marketing, and new infrastructure requirements.

As much as cloud computing has rallied behind the prospect of electricity and real estate savings, the business case still feels like a dotcom hangover in some cases.  Virtualization is still a bit hamstrung in the enterprise by the disconnect between static infrastructure and moving, state-changing VMs; and labor is the largest cost component of server TCO (IDC findings) and a significant component of network TCO (as suggested by the Computerworld findings).  So just how much will real estate and electricity savings offset other diseconomies and barriers in the cloud game?  I think cloud computing will also have to innovate in areas like automation and connectivity intelligence.

For the network to be dynamic, for example, it needs continuous, dynamic connectivity at the core network services level.  Network, endpoint and application intelligence will all depend upon connectivity intelligence in order to evolve into dynamic, automated systems that don’t require escalating manual intervention in the face of network expansion and rising system and endpoint demands.

The biggest threat to the promise of cloud computing to appear this summer wasn’t the failed trademark attempt by Dell, but rather brilliant research by a leading white hat security researcher. Dan Kaminsky discovered how a well-known and widespread vulnerability in DNS servers could be exploited in seconds and turn any one of millions of servers directing Internet traffic into a cybercrime gold mine in mere seconds.

Note: For those unfamiliar with cloud computing, or the delivery of software and other IT-related functionality as a service, you can read more at Archimedius. Some leading technology players involved or associated with cloud computing include: Google, Microsoft, Dell, VMware and Amazon.

As a result July and August saw unprecedented DNS media attention. Yet the discovery of a DNS exploit was only part of the story. Events soon unfolded that took the exploit from specialized security blogs (like Rational Survivability and Matasano, where the exploit leaked).

When the exploit inadvertently leaked (ahead of the disclosure timeline established to allow service providers ample time to patch their systems) the news quickly spread throughout more generalist blogs and even into mainstream media, including front page coverage in the NY Times referenced at Archimedius on July 31.

The Linux Journal published one of the best high level technical explanations of the exploit and why it matters. Despite the release of a patch and the heroic actions on the part of internet service providers, issues remain.

While the business press dwells on Dell, Microsoft, Google and a handful of key players making investments and strategic moves based on the eventuality of cloud computing, some of us in security and networking are all too aware of the storm clouds. You can read about the security issues at the newly established Infoblox DNS Security Center, with news, developments and resources hand-picked by leading experts.

Dan Kaminsky has openly labeled the patch just applied to protect the DNS vulnerability a temporary fix:

I listened to the Black Hat webcast today to grab as much info as I could on this subject. The biggest thing that I heard from the whole talk is that the patch fixes things to a reasonable point, but that long-term, there will have to be more work done to prevent the issue.

- Nathan McFeters, ZDNet

Unfortunately, it is likely that the DNS summer exploit story will fall back beneath the headlines in coming months; yet the vulnerability will still exist and it will likely require more patches on an ongoing basis. That will place an unprecedented level of demands on the management of the DNS infrastructure, the backbone of the Internet. That infrastructure is made up of millions of servers updated and managed manually. That is a serious problem.

An IDC report sponsored by Microsoft concluded that hardware costs were only a small fraction of the cost of operating a server (see page 5 for the IDC breakdown). Staffing expenses (management) and downtime constituted 75% of a server’s total cost of ownership, according to the April 2007 paper by Randy Perry and Al Gillen. More manual updates will impact both management and availability, the leading cost components before the DNS exploit discovery.

Internet integrity is a critical requirement for cloud computing. It requires a very high level of trust to use an online application for commercial and even personal uses. More management and availability challenges will further increase the cost of internet integrity while introducing new risks. The DNS exploit and the recognition that the recent patch is only a short term measure suggests that internet integrity may be more at risk than ever.

There’s More

A few days ago I discovered this YouTube piece by Cisco promoting green data centers and couldn’t help but to take notice of the points made about other server costs, including power. Cloud computing could suck up huge amounts of energy if cloudplexes are not virtualized properly and managed efficiently. For all of the opportunities posed by cloud computing it is obvious that substantial technical burdens remain before servers will follow the moon In pursuit of cheap electricity.

While low cost electricity and VMotion are important requirements for cloud computing, Internet integrity is the table stake: few will trust IT services from an unknown source. That is why the rise of cloud computing will depend upon the continued success and evolution of utility-grade core network services. Without network integrity the economics of software as a service will always be limited to low value consumers using low value services.

You can read my disclaimer at: About ARCHIMEDIUS.

VMWare is posting about a major issue with VMWare.  I’m calling around to find out what the heck is going on.

Here is information from Mattjk on the VMWare community forum (I think it’s a blog):

serious bug with our ESX cluster - serious enough that I thought I should post about it here as a prior warning for others running ESX 3.5 Update 2.

The VMWare tech support person we spoke to wouldn’t 100% confirm whether this was / would be affecting all ESX3.5u2 installs, but he strongly alluded that it was widespread. For others sake I hope I’m wrong and it’s limited.

The bug:

Starting this morning, we could not power on nor VMotion any of our Virtual Machines. The VI Client threw the error “A general system error occurred: Internal Error”.

Further digging lead us to messages like this one in /var/log/vmware/hostd.log, and the log file for any virtual machine we tried to power on or VMotion:

Aug 12 10:40:10.792: vmx| http://msg.License.product.expired This product has expired.
Aug 12 10:40:10.792: vmx| Be sure that your host machine’s date and time are set correctly.
Aug 12 10:40:10.792: vmx| There is a more recent version available at the VMware Web site: “http://www.vmware.com/info?id=4″.

A call to tech support confirmed this as a known problem with a temporary workaround.

The work-around: turn off NTP (if you’re using it), and then manually set the date of all ESX 3.5u2 hosts back to 10th of August. This can be done either through the VI Client (Host -> Configuration -> Time Configuration) or by typing date -s “08/10/2008″ at the Service Console command line on the ESX hosts.

As soon as the date was reset to the 10th - problem solved.

Note that running VMs were operating fine, this only seems to affect initial VM power-on (including from suspended state) and VMotion.

So, it sounds like a serious licensing bug has crept into 3.5u2. Further testing shows that the problem begins as soon as the date hits 12th August - 10th is fine, 11th is fine, 12th and the problem appears.

There wasn’t any real reference to similar problems in the forums as far as I could see, but it’s quite possible we’re seeing this before most of the rest of the world as we’re in Australia, and therefore the date here ticked over to the 12th “before” those in Europe, America, etc.

Hope this helps others… took us a couple of hours to get this far - at least we can power on VMs again though!

I love how the bandwagon of cloud computing it hitting on all time high. Everyone is about the cloud. Today AT&T announced it is joining the Cloud Bandwangon. AT&T said Tuesday that it will offer cloud computing services via a new service dubbed AT&T Synaptic Hosting. AT&T is just the latest company to join the cloud computing game. Everyone from traditional IT giants like HP and IBM to Amazon and Google have cloud computing services catering to companies ranging from enterprise giants to startups.

The category of the “Cloud” is the new branding or categorically sector for all the big infrastructure players. Cloud computing is the new category that we’ll all keep score on who is the best vendor.

Why is cloud computing such a hit for these companies? It’s because it spans multiple sectors - enterprise datacenter, web services, consumer, virtualization, security. It’s sort of a convergence between intranets, DMZ, extranet, and outside web all in one.

It’s a land grab and yet it’s so unknown. It’s a marketing dream for a big vendor to say ‘we own the cloud’.

My take: it can’t be owned. Lock-in is harder in today climate. Old lock in tactics don’t work in today’s infrastructure.

What are the new lock-in tactics? We’ll be covering them. Right now Google, VMWare, and Amazon are putting on a clinic in the cloud area. Everyone else is an also ran.

Steve Ballmer gets it. While he discusses a strategic interest in search, his head is really in the clouds and beyond (hello new operating system models); in the coming transformation many are calling cloud computing. I think he fully understands the cannibalization risk that Google is posing in the long term as it delivers increasingly sophisticated applications as a service.

Yet there is another storm now appearing on the horizon for cloud computing, in addition to some technology challenges facing the proliferation of virtualization in the data center. Collectively they represent substantial, multifaceted risks to the major technology players.

While the media buzz surrounding Google, Yahoo, VMware and Microsoft has been particularly deafening this summer -between exec changes and various staged media events- the real story beneath the headlines is about a long term positioning battle being played out today between Microsoft and a new generation of upstarts over the delivery of software and how it’s monetized.

The VMware versus Microsoft battle is really a precursor to the coming cloud computing dogfight between Microsoft and Google, because virtualization is a critical enabler of cloud computing. And cloud computing will make certain technologies and capabilities strategic in ways that weren’t possible when data centers were cumbersome and inflexible.

Hypervisor Economics 101

The hypervisor revolution ignited by VMware enables new levels of flexibility and efficiency for managing even the most complex data center infrastructure, with point and click server management and movement. Multiple virtual machines (servers) can share the same hardware, regardless of operating system and be easily moved from one hypervisor to the next.

That new level of flexibility can transform the economics of IT, by delivering servers and processing power on an as-needed basis, versus keeping all hardware powered on even if only for potential use. Yet electricity savings are only part of the value proposition.

By converting broad collections of servers running different dedicated operating systems into sets of VMs running on larger blade servers, IT departments can make changes with minimal effort and their racks and stacks can take up a fraction of the space as was previously required. That could mean major transformations for service providers and large enterprises delivering applications to growing sets of users and partners.

Reducing power consumption and increasing agility could set the stage for a substantial shift to cloud computing. Yet hurdles remain. It is likely that virtualization security concerns have played a factor in VMware’s recent lackluster execution in the data center in 2008. Virtualization security is one of the major hurdles to virtualization and cloud computing.

Virtualization Security

I’ve called the nature of many virtualized production deployments virtualization-lite, because data centers accept a lower payoff from virtualization (less flexibility, less consolidation, reduced savings on electricity, for example) in exchange for maintaining their security posture. Players like Blue Lane Technologies (my alma mater) and others will be among the first to see the transformation of the data center as they are capable of protecting fluid meshes of hypervisors, a limitation for many types of network security appliances. That limitation has boxed in many virtualization projects into hypervisor VLANs, which substantially erode the business case.

Two Promising I/O Front Ends

Moving VMs around across hardware can also tie up additional processing overhead, which makes VMotion less than ideal at this time. Companies like 3 Leaf Systems and Xsigo Systems are addressing these challenges. As they grow they’ll be yet another proof point of the expansion of virtualization beyond hypervisor-VLANS, as their products enable greater flexibility.

There are also compliance and change management issues that might slow virtualization down and inadvertently buy Microsoft enough time to establish an even larger foothold in the data center market. VMware has been very effective in leveraging its partner ecosystem in addressing these issues.

Yet cloud computing faces a fair share or risks, including the biggest security story of perhaps the last ten years: the Kaminsky DNS exploit.

The New Storm Cloud for Cloud Computing

The last few weeks have seen a massive explosion in commentary on the DNS exploit discovered by security researcher Dan Kaminsky, Director of Penetration Testing at IOActive. Since his discovery and an inadvertent series of blog posts DNS cache poisoning exploit attack code has been published; and yesterday a ZDnet blog by security expert Dancho Danchev sited DNS cache poisoning attempts reported from multiple sources. Recent research also notes that a majority of service providers have not patched their systems for the vulnerability.

Infoblox Vice President Cricket Liu, the author of DNS and Bind, called it one of the most significant vulnerabilities of all time. Ironically, he was on a DNS Security: Old Vulnerabilities, New Exploits webinar with Dan Kaminsky just days before the exploit code was published.

The DNS exploit threatens the core integrity of the Internet, as it allows hackers to redirect traffic from exploited servers to spoof sites where they can gather personal information and engage in identity theft on a scale we have yet to experience. That’s a bigger problem than when the “I Love You” virus inconvenienced computer users years ago; it is a major storm front for the future of cloud computing.

An untrusted Internet would be nothing short of an ecommerce disaster; its impact would go far beyond cloud computing. It would be a major disruption for the software as a service model, as well as many other business models that have grown with the Internet. That’s why I predict that core network services will become increasingly strategic to IT. The integrity of the network is about to matter even more than ever.

As reported previously at Archimedius, Google and others have made considerable strides in delivering software as a service. Their success could mean the eventual shrinking of the computer hard drive, the shrinking of the pre-installed software market, not to mention the shrinking of the shrink-wrapped software industry.

Microsoft seems to understand the risks and upside, and has focused on “search” as a strategic roadmap issue, along with their recent Hyper-V attack on VMware. Yet the real Microsoft adversary is Google-driven cloud computing, and the spoiler issue for all of them is an untrusted Internet. Until a few months ago, few saw this issue coming. But now the vulnerability is known, exploits have been published and apparently attacks are now being launched.

You will be hearing much more about these issues, players and risks in coming weeks and probably months as Google and Microsoft prepare for battle in the skies.

You can read my disclaimer at: About ARCHIMEDIUS.

VMWare is planning a new datacenter.   Not in Palo Alto and not in Massachusetts.

According to Data Center Knowledge, VMware is planning to locate a new data center in East Wenatchee (North Central Washington), leasing no less than 100,000 square feet of space in a new facility being built by Sabey Corporation on its Intergate.Columbia campus. VMware will be the biggest leaser by far; their data center will take up about two-thirds of the 189,000 square foot second building.

Company spokeswoman Melinda Marks said that VMware will use its new data center to expand research and development.

All eyes are on post-Greene VMware as it prepares to announce earnings on Tuesday and as analysts speculate about how much cleanup will be included in the results. Yet I think the most important questions to be addressed in the upcoming quarterly earnings call will have more to do with VMware’s competitive response to Microsoft’s recent Hyper-V launch.

And who better than Paul Maritz to be at the helm during the critical questioning; he was, after all, a major player at Microsoft for fourteen years. Diane Greene will certainly be missed. Her legacy as one of the Valley’s most successful entrepreneurs won’t be tarnished by her abrupt exit.

As a preparation for the questioning I’ve included a series of Archimedius posts about the hypervisor smack down. I’ve already seen some of my comments taken out of context to suggest that I’ve predicted a winner. Hardly. In the following posts from ARCHIMEDIUS I’ve talked about competitive positioning, strengths, weaknesses and recommendations. It would be nuts to make a prediction this early.

Background Reading for the VMware Earnings Call

In How VMware could beat Microsoft I talk about the need for VMware to expand their data center footprint, differentiate ESX and monetize unique attributes. This has been the most popular posting within the smack down theme, perhaps because VMware is perceived as an underdog, and readers are wondering what the company could possibly do to prevail.

In Microsoft vs. VMware: the New Battleground I talk about the early reactions to Hyper-V and the considerable new pressure that VMware will be facing as a result of Hyper-V and what that will mean for the virtualization category conversation. It was posted on June 25, just days after the Hyper-V shipping announcement.

For the blogger who said that I predicted a VMware victory I offer How Hyper-V could beat VMware. If VMware growth into the data center slows and they fail to differentiate, then Microsoft would have the closest thing possible to a welcoming party. Microsoft could have time to tackle enough technical limits to data center virtualization and accelerate the process that VMware kicked off.

Yet as I’ve blogged at Archimedius about cloud computing, Microsoft has a double-edged agenda. Its end game may be virtualization as an extension of its domain, not as an enabler of software industry disruption. For more on those implications you can read Google will unleash the Cannibals on Microsoft.

In a more recent post (Microsoft Unleashes the Cannibals) I talk about how larger and more established technology companies have used loss leader bundling in order to commoditize/cannibalize disruptive technologies. Clearly that was at least part of what Microsoft is doing with Hyper-V pricing, etc.

For a perspective on the recent CEO change at VMware you can read Maritz replaces Greene. Most certainly Microsoft’s entrance into the virtualization category had at least some role to play in Greene’s abrupt departure. It seems a stretch to see it as a rare coincidence.

For a little more perspective into the dynamics of data center virtualization and how they may play out you can check out Virtualization-Lite, which is about VMware’s surge into the data center and its quick establishment of beach head deployments in major accounts. Of course, I also suggest why VMware needs to continue its momentum beyond hypervisor VLAN deployments in order to prevail. That outlook may prove to be prescient in 2009. VMware needs to tackle the virtualization barrier in order to move customers beyond VLAN spaghetti deployments.

VMware’s earnings call is July 22. I hope the above selections from Archimedius give you a deeper perspective into the dynamics at play and how they may affect the outcome of the hypervisor smack down.

You can read my disclaimer at About Archimedius.

As the battleground between Microsoft and VMware takes shape with the launch of Microsoft’s Hyper-V, I’ve talked about what VMware should do as well as how Hyper-V could prevail. While this is a critical battle for both companies, it is only a precursor for Microsoft as Google looks to be launching the cannibals of commoditization at Microsoft’s core applications.

This morning a very interesting article on online office applications appeared in Computerworld. While the article is a feature assessment of three online office applications (Google, ThinkFree and Zoho), the strategic implications of these innovations become obvious in the first paragraph:

For quite a while, Web-based suites — which offered word processing, spreadsheets, presentations, and other tools associated with desktop office suites — were extolled not because they did these things well, but because they could do them at all. But the three major competitors, Google Docs, ThinkFree, and Zoho, have all made major improvements in recent months. They’re becoming both broader, with more applications, and deeper, with more features and functionality in existing apps.

This takes me back to a Computerworld blog discussion and Nicholas Carr’s new book The Big Switch. Carr argues in The Big Switch that enterprise IT is about to get sucked into the cloud of utility computing, similar to how electricity production went from strategic industrial age differentiator to ubiquitous commodity as access spread and service providers expanded their coverage.

That switch would be a major disruption to the likes of Microsoft, as the world of massive shrink-wrapped and pre-installed software for ever larger hard drives has been very good to the Redmond Empire. It has allowed Microsoft to bundle its way into waves of innovations while crushing rivals. Its ability to assimilate and crush reminds me of Ancient Rome.

As I mentioned a couple days ago in Microsoft Unleashes the Cannibals, cloud computing gives new entrants the ability to deliver software as a service and change the economics of the software industry. And I think that both Microsoft and Google are well aware of the enablers, the potentials and the new stakes.

I think Microsoft is bracing for the first formidable cannibal assault on its core suite of applications. Yes, Google may do to Microsoft what Hyper-V is attempting to do to VMware and what Microsoft has done to others for decades. The outcome of this assault promises to change the critical requirements of enterprise computing, spur new innovation and make computing more affordable and accessible for even more users.

Clearly Microsoft is a well-funded empire populated with a lineage of brilliant strategists/generals. It won’t go away. But I think it will have to adapt to the switch as Carr calls it; and the way it fights off cannibalization will impact Microsoft, the software industry and the world of computing.

With software from the clouds will come new demands, new players and new opportunities. Appliances that enhance security in the clouds, make compliance more manageable and enhance flexibility and control will become even more strategic. Specialized hardware and ASIC races between various “one trick pony” category players will become increasingly uncommon. Service providers will ultimately out-innovate many enterprise data center teams.

I think this process is already underway, as some enterprises have already started commoditizing their shops, outsourcing certain roles, and establishing ever more bureaucratic technology evaluation committees. Security pundit Chris Hoff may blame analysts for quashing innovation, but I think enterprise IT is under even more scrutiny for justifying innovation.

Google’s cannibals will also likely impact more than Microsoft. They may transform the increasingly reactive and incrementalist IT industry already juggling legacy purchases with emerging new demands under increasing resource constraints. They may force change at a critical time for the IT industry.

The shift to cloud computing could unleash an explosion of innovations in applications, application delivery, core network services, traffic management and security. It promises a new generation of technology leaders, opportunities and market dynamics and perhaps even new types of service providers. No doubt Microsoft will survive and ultimately thrive; the real question is what its business will look like after the aftermath of its coming battle.

You can read my disclaimer at About Archimedius.