top 10 trends - aitp windy city chapter

Top Ten Technology Shifts over the Next Three YearsApril, 2007

®

2

Agenda

PC Virtualization Merged Storage Architectures Security/Audit Tools Increased Storage Density Acceleration Products Processor Clustering/Grids Management Suite Advances Wireless/Cellular Industry Competition Backup Software eSATA

3

One: PC Virtualization

Virtualization for the Desktop, but ON the desktop (unlike hosted images ON a server)

Similar to Partitioning on host-server systems

Creates an isolated ‘sand box’ operating environment for guest operating systems and/or for applications

Both software-only solutions and x86-64 hardware support

Will be used for security, performance, testing, and standardization reasons

Will be implemented by desktop management systems (e.g., remote install, remove, etc)

All virtualization techniques have licensing issues (Buyer Beware!)

4


Software Vendors: VMware’s ACE

Altiris’ Software Virtualization Solution (Symantec)

MSFT’s Virtual PC

GreenBorder (virtualizes apps, especially IE)

Hardware components (x86 processors) Intel’s “Vanderpool” (now “VT”)

AMD’s “Pacifica” (now “AMD-V”)

5


Corporations will deal only in VM’s, tailored to individual roles Corporate apps will only be accessible from certain VMs, while end-users can

have a couple of their “Personal VMs” to install individualized software too Allows fault isolation and containment (e.g. different VM’s could be coded into

different subnets and VLANs) Easy system-rebuild function! De-couples OS+Apps from underlying OS (e.g. WinVM’s run on Linux, etc);

server-based VMs allow license ‘pools’ and shared memory (i.e., lower cost) Market for pre-built VM’s and VA’s (virtual appliances) will develop, deployed

over the net… Eventually will get ‘process logging’ in which every keystroke, action, etc of a

VM is recorded in a stream, and could be re-played on another VM (think: DR, roll-back, parallel processing)

6


Reduce Licensing Costs:

Standard configuration PC’s can be created and stored as “Virtual PCs” on a server.

When a user needs access to an application stack, the VPC server deploys it to the users physical PC. When they are finished with the application, the VPC server retrieves it—for subsequent use to another user

This will allow us to ‘pool’ software licenses again, reducing our overall license costs for the desktop

Other labor savings exist, but they are not on ‘invoices’ typically: fewer security problems (‘sandbox’), much easier provisioning, DR much easier to implement

7

Virtualization/Thin-Client Hybrid

VMware's Virtual Desktop Infrastructure (VDI) Allows a PC/TC to run a virtualPC on a VMware server

Still uses RDP-class protocols

But provides full-PC experience (unlike traditional Citrix)

Can work with a connection broker for large shops (e.g., Propero, LeoStream, Citrix)

Used by Thin-Client vendors Wyse, HP, Neoware

Competes with Citrix’s DDI (Dynamic Desktop Initiative)

8

Two: Merged Storage Architectures

Trying to make storage management easier…

Goals: namespace aggregation, file system virtualization

Current Approaches: NAS front-ends to SAN’s [Everybody sells one now…]

NAS-only solutions (e.g., BlueArc, clustering)

NAS virtualization technologies in front of (or ‘inside of’) both of these

NAS consolidation frequently a part of this too (“NAS sprawl” reduction)

This is separate from SAN virtualization technologies, and will sit ‘in front of’ such

9


NAS Virtualization - Goals

Namespace aggregation make multiple local namespaces look like one global namespace

Logical device aggregation make many devices look like one

Physical-Logical device de-coupling allow changes to physical devices and file locations without requiring a

change in user/application access methods (location independence)

Allows creation of virtual NAS filers (from a single device)

Automatic/Transparent Device Management allow HA/failover, load-balancing, scale-out, MACDs, provisioning, etc to

occur without manual effort—e.g., policy and profile driven

Clustered File Systems: 3 Approaches

Storage

Cluster Cluster HostsHosts

Storage

Storage

Cluster NASCluster NASgatewaysgateways

Cluster Cluster StorageStorage

IBM GFS, SGI,Ibrix, RedHat GFS

Exanet, HP EFS, ONStor,PolyServe/HP, SGI

Isilon, Panasas, Terrascale

11


Top Vendors in This Area:

BlueArc

Exanet

Acopia

Attune

NeoPath/Cisco

NetApp (Spinnaker)

Polyserve/HP

Nuview/Brocade

Isilon

OnStor

Panasas

EMC (Rainfinity)

12

Three: Security and Audit Tools

Encryption

Occurring at every point and in every transmission On every device (differently)

On every write/read between devices

Software performance penalty going away: native capability becoming norm LTO4, Seagate drives, mobo’s, mainframe tapes, UDO2, etc

Biggest challenges: Key management! [Vendors: Application Security, CA, Disuk, EMC/RSA,

Entrust, Nexsan, PGP Corp, Protegrity, Spectra Logic, Symantec, WinMagic]

Outside trading partners (e.g., eSCM)

13


USB Devices

Thumb-drives, USB drives…walk up, plug in, copy drive, walk out…

100GB USB thumb-drives, 8GB memory sticks

Threats from intrusion and from data privacy

Two out of three organizations provide no guidance on the use of USB/flashdrive media

U3 and U4 technologies will allow programs (and OS) to run from thumbUSBs; first anti-spyware for these from ParetoLogic (Canada)—scans PC for malware and stops malware from being installed on the U3 drive; Avast also available for these

But these are also starting to be used as second-factor identification (like a token), with required signon to the USBstick (e.g. SanDisk’s TrustedSignins product)—looks like the ‘key to the PC’

Vendors: PointSec, SecureWave, McAfee, Sygate, ScriptLogic, Msystems/SanDisk, SafeEnd, etc

14


Content-Addressable Storage (CAS)

Uses digital ‘fingerprints’ (based on contents) to identify (and sometimes de-dup) data segments

Products vary at what granularity they operate (e.g. byte strings, disk blocks, attachments, etc)

This helps with access audit and with extrusion prevention (‘data leak’)

All vendors play: EMC (Centera), HP (RISS), IBM, STK/Sun (IntelliStore—from Permabit); Archivas (HDS), Avamar (EMC), Bycast, Nexxan; startup Caringo has a CIFS/NFS gateway to their CAS software

15


End-point security: NAC (Network Admission Control) Insuring that remote systems do not infect healthy networks upon log-in; uses

802.1x and EAP over UDP Works in addition to existing perimeter defenses and ID directories Router/Switch checks the security ‘safety’ of the notebook/PDA (via Trust Agent

installed on it), before it lets it through—it may quarantine the system. First product in this category: Cisco’s Network Admission Control appliance, with

client-side software Trust Agent; Co-developed with Network Associates, Symantec, Trend Micro; now Sophos, too

Oct05: Cisco moves NAC appliance to switches, now accepts clients from Altiris, Qualys, and Symantec (instead of Cisco PC-client) ; other NAC-switches from Enterasys, Alcatel, Nortel, Fortinet

Offerings for mobile devs by iPass; Tivoli by IBM

MSFT has competitive solution: Network Access Protection (NAP) also used by start-up Lockdown Networks, Vista will support both NAC/NAP; Juniper has Infranet/UAC; Foundry has SecureIrons; Others: Nevis, ConSentry, Sophos (via acquisition of Endforce); Siemens HiPath Wireless Mgr with NAP

Many vendors will support Cisco/MSFT + heterogeneous nets (e.g. Senforce’s INAC and Lockdown Network’s iNAC); Enterasys

16

Cisco/MSFT NAC/NAC

11 22 33

4455

6677

88

Vista clientRequests

LAN accessFrom switch;

SendsStatementOf Health

SwitchRefers

RequestTo Cisco

ACS(AccessControlServer)

ACS fwds requestTo MSFT Network

Policy Server

NPSAsks

HealthAuthority

server

Accept/DenyAccept/

Deny

SwitchEither

Grants LANAccess orDenies it

Note: Step2 uses EAPoUDP or EAP-FASTNote: Step3 uses host credentials authorization protocol (HCAP)

LAN

17

Four : Increased Storage Density

The average business user creates 3GB of data per year and spends 6-9 hours per week looking for data

TheInfoPro survey (Oct06) Avg SAN capacity in F1000 tripled in 18mos Jumped from 198TB to 680TB (FC); NAS capacity averaging at 224TB “Most exciting” storage vendors (in order): EMC, Hitachi, 3PARdata, NetApp,

Cisco(!), IBM Drivers for growth: BizExpansion (50%), tighter data retention rules (38%),

server consolidation (28%) MonoSphere survey of storage professionals

% who say increased storage spending is causing financial problems for the IT budget: 62%

% who say storage costs are increasing faster than their overall IT budget: 41% % with more than 100TB of storage who say increased storage spending is

causing financial problems for the IT budget: 87%

18


Most main drives now use Perpendicular Recording

1TB drives shipping in PC’s now…

15K 2.5” drives out—run faster, use less energy

Also density improvements in tape/removable media

LTO4 is 800GB raw

UDO2 is 60GB

19

Data Storage Reduction through Data De-duplication

Data De-duplication

Reduces storage media costs by reducing data redundancy

Trades off processing power (to detect, manage, re-create data) for storage space (multipleX)

On unstructured data, reductions as high as 90% have been observed

ActiveProduction

Data

“Hot”Backup

Tape

De-duplication TechnologyCan be deployed at any point

20


Using data reduction techniques (e.g., commonality factoring) to reduce the source data footprint (and the 10:1 to 50:1 backups!), sometimes called Capacity-Optimized Storage (COS);

CAS (Content-addressable storage) also used for de-duplication

Amazing results: 12x to 30x reduction in data footprint, with trickle down to tape backup!

Products for primary on-line storage, near-line backup, archive backup, and virtual tape libraries

Vendors: IronMountain, Storactive (Atempo), Avamar (EMC), DataDomain, Asigra, Rocksoft (Quantum), Archivas (HDS), Permabit (Juniper), FalconStor, NetApp, HP’s RISS, Symantec

21


Thin Provisioning (allocating non-existent disk space)--system tells you when to buy another disk

Pools all storage into ONE space for ALL apps (i.e. no allocation to individual apps, wasting unused disk space)

Over-subscription (for ease of growth/mgt)

Offers the hosts a virtualized LUN

Sometimes uses finer granularity

Vendors: 3PARdata, LeftHand Networks, Permabit (Juniper), NetApp, Pillar, DataCore, EMC (NAS units), Compellant

22

Four: Acceleration Products

Acceleration Products attempt to Reduce Equipment and WAN costs

All the segments/elements in the data path from Data Center to Distributed Site are the targets of at least 10 ‘acceleration’ vendors

And all the segments from user-at-browser to Data Center AppServer and back are targets of at least 5 vendors

E.g. WAN traffic, NIC cards, data replication, data de-duplication, application acceleration, encryption, SSL/XML accelerators, file systems

WAFS (Wide Area File Services) have as one goal the reduction in FTE’s at the branches

Everybody plays in this space now—ask them “How?” and “Who with?”

A Round of “How much money could you save us?” meetings every 6 months would be good…

23

Five : Acceleration Products

Traffic Reduction Traffic Compression Packet Loss Mitigation Packet Combining/Coalescing Data Caching WAFS QoS Application Acceleration (e.g. CIFS, SSL)

24


Wide Area File Systems (WAFS) Tries to eliminate data storage at branch offices, lowering NAS/Backup ops at

those locations 75% of a firm's data is in the branches (Taneja Group) Technology: gateways which act as caching devices, CIFS accelerators, and/or

TCP/IP optimizers—requires one on each end of the connection E.g. Actona (bought by Cisco), Tacit Networks (sold by IBM in Europe; bought

by Packeteer); BlueArc (NAS, with Tacit); Availl; Brocade with Nortel; Riverbed; DiskSites (now Expand Networks); Signiant (software only); SilverPeak Systems

Often combined with application acceleration products—Fineground(Cisco), Expand Networks, Swan Labs/Pivia (F5), NetScalar/Citrix, Redline/Jupiter/Peribit, BlueCoat

Cisco offers WAFS and ACNS modules for its Integrated Services Router (NetD has a similar approach)

25


Application accelerators [Cisco’s SONA, Blue Coat’s MACH5, Redline/Juniper; Swan Labs (F5), NetScalar (Citrix)]

Ethernet adaptor acceleration: Level 5’s EtherFabric

WAN optimization (2006 leaders Packeteer, Juniper, Allot) Network-layer: Peribit/Juniper, Expand, Packeteer, Riverbed, Exinda, Swan

Labs (F5) TCP/IP layer: Peribit (Juniper), Riverbed (used by McData), Tacit (now

Packeteer), Netex File-transfer protocols: Riverbed, Tacit (Packeteer), Cisco, Peribit (Juniper),

Fineground Networks (Cisco) XML acceleration: Solace Systems, Cisco, DataPower (IBM), Sarvega (Intel)

26

Six : Processor Clustering/Grids

We must get to “easy-incremental” capacity growth… Just couple-on another resource and workload auto-shifts

Processors and systems Storage Network gear Web services & Vendor services

Auto-provisioning

Many middleware and utility solutions for this already, but our problem is at the application layer—very little parallelism exists for multi-threaded architectures (except in some multi-user apps)

Vendor pricing models for applications differ widely (and ‘often’!), related to processor usage, cores, threads, users, etc.

27


Auto-Provisioning Model Resource Discovery/Acquisition Allocation to Need, pre-Need Monitor, Assess, Re-balance Reporting/Billing/Charge-back

Grid-basedResources

Off-PremiseVendor Systems(xSP model)

On-PremiseSystem w/Excess Capacity

Load Monitoring

Reporting & Billing

ProvisioningLogic

Changes

ResourceAcquisition& Release

UsageManagementIntervention

Virtualization

28


Cluster software available for just about every platform Load-balancing (and failover) is a key requirement: for application,

network, CPU, and storage

Vendors: Scali (Lin), Sun Cluster (Solaris), Polyserve (shared cluster FS, Lin/Win), LeftHand (grid storage); SteelEye; Unisys (for Win); MSFT Cluster Server

Clustered File Systems getting more attention: Lustre, Ibrix, Intransa, Cluster File Systems Inc,

HP's MetroCluster and ContinentalCluster products for DR, failover…now for mid-range storage/servers (e.g., EVA)

A grid is a cluster that spans organizational boundaries and/or geographic boundaries

Grids

Query Task (from Query Task (from anyany authorized system on the Grid) authorized system on the Grid)

Q-TaskQ-TaskAA

Q-TaskQ-TaskBB

Q-TaskQ-TaskCC

Q-TaskQ-TaskDD

Software/silicon which ‘parses’ the Query Task into “asynchronous” sub-tasksSoftware/silicon which ‘parses’ the Query Task into “asynchronous” sub-tasks

Grid Directory layer knows DB resources, routes the requests, verifies Grid Directory layer knows DB resources, routes the requests, verifies completion, aggregates (if asked), and returns results [Federated Data Structure]completion, aggregates (if asked), and returns results [Federated Data Structure]

Access to:Access to:DB'sDB'sAPI'sAPI's

FileSysFileSys

30


Vendor offerings from: IBM (Enterprise Workload Manager; WebSphere Grid), Sun (Grid Engine), HP (Utility Data Center), Kontiki, United Devices, Avaki Corp (now Sybase), DataSynapse, Platform Computing, Exagrid (a storage grid),Oracle, Apple, Altair, Topspin (Cisco), Tsunami's Hive software, LeftHand (storage); Digipede (a Windows grid), Acxiom (now EMC)—data grid, Bycast Storage Grid (fixed data, almost archival); Crosswalk’s iGrid (for data)

Oracle Grid Control now has a plug-in for DB2, EMC NAS, NetApp

Products range from distributed cache systems (GigaSpaces), API-addressable data fabrics (Gemfire), and data-movement products (GridFTP, GASS) to full data center ‘virtualization’ options (i.e., application provisioning ) from United Devices

31

Seven : Management Suite Advances

We are in a period of integration of various management areas:

Mobile device management with Desktop management Linux with Windows (e.g., Novell) Security with Platform management (e.g., Symantec and Altiris) Unified Threat Management (UTM) Converged communications – I (fixed and mobile) Converged communications – II (email, voice, IM, video)

Much of this occurs through M&A IBM: CIM Lab, Rembo, MRO (and 3 others) HP bought Mercury Interactive ($4.5B!) CA bought Wily Technology BMC bought Identity Software Symantec and Altiris

32

Seven : Management Suite Advances

Leading Desktop Mgt Suites:

Altiris Client Management Suite (used by Dell and Fujitsu-Siemens)

LANDesk Fujitsu Siemens (partners with Altiris now) MSFT’s SMS 2003 / MOM 2005 and System Center directions Novell ZenWorks (now with MSFT interoperability), with

automation and VM mgt (even MSFT VM’s) AttachmateWRQ NetWizard 6 All the big-center offerings: CA, Tivoli/ IBM Director All the all-software offerings: Serena, Spectrum, Novadigm (now

HP), Marimba (now BMC), Telelogic, Compuware, BMC, Aldon Computer, Elsinore Technologies, AppSense

33

Eight : Wireless/Cellular Industry Competition

Expect a marketplace battle between WiMax and 3G+ in 2008

Will have similar operating performance in overlapping space [see chart] But cost will be a BIG issue, with 3G carriers having some advantage due

to infrastructure 3G will have significant time/installed base lead over mobile WiMAX

And another battle between telecomm and cable—over wireless/VoIP traffic! Cable companies have made telephony available to most of their subscribers (Cablevision, Cox, Time Warner)

Cellular will also fight for the campus: Motorola makes a 3G indoor AP for cellular carriers to offer (versus WiFi; solves poor reception problems in some buildings); rise of picocells and femtocells

34

Wireless TechnologiesWireless Technologies

(source: UWB Forum, others)

WPANWPAN

WLANWLAN

WMANWMAN

CellularCellular

10k

100k 1M 10M 100M

1GData Rate

2G/2.5G/3G2G/2.5G/3G 4G4GUMTSUMTSHSDPAHSDPA

802.16802.16

802.11802.11

BluetoothBluetooth1 & 21 & 2ZigbeeZigbee UWBUWB

35

Nine : Backup Software Finally Recognizing Disk

Is VTL a stop-gap?

VTL is popular because it allows disk to be brought into the tape-backup procedure easily

But when these backup software packages get straight2disk capability, will the VTL function really be needed any longer?

If backup moves to disk—to solve the archiving problem at the same time—will there be a need for any emulation product (as opposed to regular ‘vanilla’ tape backups)?

Some using disk-VTL in DR sites—straight D2D replication-type architecture (with existing tape backup software)

Push your backup software vendor on this!

36

Ten: eSATA

1m1m150 MB/s150 MB/sSATA (Serial ATA)SATA (Serial ATA)

5m (x 5 hops)5m (x 5 hops)1.5 MB/s1.5 MB/sUSB 1.1USB 1.1

100m (per hop)100m (per hop)100 MB/s100 MB/sFirewire2 (IEEE1394b)Firewire2 (IEEE1394b)

5m (x 5 hops)5m (x 5 hops)60 MB/s60 MB/sUSB 2.0USB 2.0

4.5m4.5m50 MB/s50 MB/sFirewire (IEEE1394)Firewire (IEEE1394)

1m (2m)1m (2m)300 MB/s300 MB/sSATA II (eSATA 2)SATA II (eSATA 2)

18 inch18 inch133 MB/s133 MB/sATA133 (Parallel)ATA133 (Parallel)

10m (per hop)10m (per hop)300 MB/s300 MB/s

(next 600)(next 600)SASSAS

(Serial Attached SCSI)(Serial Attached SCSI)

12m (total all 12m (total all hops)hops)320 MB/s320 MB/sUltra320 SCSI (Parallel)Ultra320 SCSI (Parallel)

DistanceDistanceSpeedSpeedInterface Tech.Interface Tech.

37

Ten: eSATA

USB becoming “Universal Slow Bus”—eSATA interfaces emerged in 2006; external SATA at same speeds as internal SATA

Needed for high-speed drives (burst rates): USB has burst of 33.5MB/s Firewire 1394 has burst of 36.2MB/sec eSATA burst is 111.3MB/sec (SATA 1)

Requires eSATA adaptors on both ends Cable length is 2m; and drives are hot-swappable

Drives by LaCie, Iomega, Western Digital, and Seagate eSATA II cards available already (e.g., Silicon Image, MRI);

Iomega makes a CardBUS for eSATA2 for notebooks

Thank you!

top 10 trends - aitp windy city chapter

Technology

agenda pc virtualization

pc virtualization corporations

virtualization techniques

desktop management systems

serverbased vms

vpc server

pc experience

individualized software