Westcon Security Forum (Part II)

As an update to my previous post  the Westcon Security Forums held last week were a great series of interactions amongst vendors, resellers, partners and Westcon.

The first 2 hours were presentations primarily covering two areas – Security Technology Trends and Executive Relevance Selling.  The Security Trends discussion covered 4 of the major security trends that we at Westcon are seeing in the market today:

1. Server Virtualization Security & Compliance
2. Cloud Security
3. Big Data and Security
4. NAC & BYOD

An introductory video here discusses 3 of the 4 topics, and I will get into the 4th – NAC & BYOD – in a followup post.

The second part of the presentations was on Executive Relevance Selling (ERS).  If you are not familiar with the concept, the guy to talk to is David McNicholas (David.McNicholas@westcon.com) who pretty much invented the concept as it relates to the channel.  David has created a comprehensive customer engagement process and platform that enables the reseller to talk to the customer about solutions from an ROI and business value perspective as opposed to just a technology discussion.  If you have not yet learned about ERS, I encourage you to reach out to David.  I am sure we will discuss it further in upcoming posts, but any of the posts you have previously read here regarding the process and approach of engaging the CIO and selling into IT is exactly aligned with what David teaches.  But, David makes it specific and actionable.

Will catch up further with you soon!

Westcon Security Forums

Just finished a great week of Westcon Security Forums.  The first one was held at the Testerossa Winery in Los Gatos, the second at the Old Red Museum in Dallas.

The Forums were broken into three parts – presentations, vendor discussion forums, and then “vendor speed dating” wherein attending resellers could visit, one on one, with their most important security vendors for exactly 7 minutes.  Then, the reseller would rotate to the next table for the next seven minutes.

I’ll update the post later with details on the presentations and the major topic of conversations throughout the sessions.

Books we have been reading

At a recent customer event, we were asked to list a few of the books that we have read recently.

• The Silicon Jungle: A Novel of Deception, Power, and Internet Intrigue-Baluja, Shumeet
• Launching The Innovation Renaissance: A New Path to Bring Smart Ideas to Market Fast-Tabarrok, Alex
• Race Against The Machine: How the Digital Revolution is Accelerating Innovation, Driving Productivity, and Irreversibly Transforming Employment and the Economy-Brynjolfsson, Erik, McAfee, Andrew
• Thinking, Fast and Slow Kahneman, Daniel
• The Great Stagnation: How America Ate All The Low-Hanging Fruit of Modern History,Got Sick, and Will (Eventually) Feel Better-Cowen, Tyler
• The Innovator’s Dilemma: When New Technologies Cause Great Firms to Fail-Christensen, Clayton M.
• Doing Both – How Cisco Captures Today’s Profit and Drives Tomorrow’s Growth-Sidhu, Inder
• The Big Switch: Rewiring the World, from Edison to Google-Carr, Nicholas
• The Black Swan: The Impact of the Highly Improbable-Taleb, Nassim Nicholas
• Staying Power: Six Enduring Principles for Managing Strategy and Innovation in an Uncertain World-Michael A Cusumano
• Cross the Chasm: Marketing and Selling Disruptive Products to Mainstream Customers-Geoffrey A. Moore

Westcon Goes “All-In” on Cloud Distribution

Recently, we’ve been talking to our vendor partners and customers about the cloud and the impact cloud-sourced IT services will have on the channel. There’s a lot of noise about cloud, and we’ve been working to harmonize that noise into a cloud services distribution strategy.  — one that will benefit all channel stakeholders, including Westcon Group.

In June, we deployed a cloud services aggregation portal in the UK, through which we began transacting cloud services business almost immediately. During this process, we learned a lot about what’s necessary to operationalize a successful cloud services distribution strategy. First, operational heavy lifting is required. Tacking this onto our existing business and expecting it to flourish is not an option; tight alignment with our sales, marketing and product management operations is a requirement, as is alignment with our procurement processes and IT systems. Second, the target keeps moving: new business models are emerging, new needs arise, and everyone (vendors and channel partners included) must figure it all out. The plane has already departed on cloud and there’s no time to stop and hit the reset button.  In striving to remain relevant to our channel partners, we’re changing the airplane’s navigation system in mid-flight!

At Westcon, we’ve been focusing on three key areas:

1. Identifying and investing in mature cloud markets
2. Helping resellers transition to one of any number of cloud-based business models
3. Developing new capabilities that (a) help vendors bring their cloud services to market, and (b) help resellers make the aforementioned transition to cloud

 Identifying and investing in mature cloud markets

As a VAD, Westcon knows we’re not able to be all things to all people.  Rather than simply filling our cloud services catalogue with all available services, we’re focusing on the most mature cloud services (i.e., market-ready), under the assumption these are easiest for partners to market and sell to customers. As other cloud services reach maturity, we’ll add them to our catalogue. This iterative approach maximizes our investment and forces Westcon to stay close to markets as they develop.

Helping resellers transition to one of any number of cloud-based business models

Partners all over the world continue to ask for our help. They want to know how to leverage their existing investments, whether those investments be in managed (data, voice) networks, security operations centers or systems integration capabilities. They want to know how cloud services can be added  to their portfolio of offerings, quickly and easily, and with minimal capital outlay. They want to know how Westcon Group lowers their barrier to entry, either by providing access to best-of-breed cloud services from across our global vendor portfolio they can resell to customers, or by providing converged infrastructure solutions (hardware and software) they can use to build IaaS platforms, enterprise private clouds or virtual private clouds. We are and will continue to provide this value to our partners.

Developing new capabilities to help vendors bring cloud services to market while enabling resellers make the cloud transition

Westcon is investing in the development of new capabilities that have not typically been considered the domain of “distribution. We’re doing this to lower our partners’ and customers’ barriers to entry to the cloud. Frankly, this is what’s most exciting about the opportunity. After all, how many times do you have the opportunity to define a market in the midst of such a fundamental shift? We’ve integrated some of these new capabilities into our cloud services distribution ecosystem, with more to follow  

Distribution is inherently a conservative industry. The cloud, however, enables us to explore new, uncharted territory. Our goal is to be the best and easiest distributor to transact business with, whether that business is cloud services, infrastructure products, professional services or a mix of all three; to realize that goal requires boldness of vision and expert execution of strategy and tactics. At Westcon, we’re “all-in” on both fronts.  Stay tuned to this blog for more on our cloud vision in the months to come.

Like Westcon Group, Carousel Industries is Bullish on Virtualization – and Teamwork

As a premier global distributor, it’s our responsibility to work closely with our partners to ensure the greatest success possible for their customers.  The
recent efforts of Westcon and Carousel Industries to virtualize our own data
centers has enabled our companies to give customers the perspective they need
to fully realize the benefits of with virtualization and cloud computing.
To elaborate more on this great success story — Kevin Gulley, Editor of Carousel Connect – discusses these efforts in further detail.

Like Westcon Group, Carousel Industries is Bullish on
Virtualization – and Teamwork

At Carousel Industries, we understand the value of teamwork. That’s why we partner with the best and brightest IT vendors in the industry, including Westcon Group. So when they asked us to pull together a guest blog post for the Westcon blog, we were thrilled.  Westcon Group shares our passion for using technology to drive business value, whether it’s through unified communications, data center solutions, infrastructure or security.

And like Westcon, Carousel also “eats its own dog food” when it comes to technology by finding ways to use it effectively on our own internal networks. One recent success story we share is virtualization technology.

To keep up with our rapidly growing requirements for data center resources, in early 2010 Carousel set out to execute on a server virtualization strategy in our Exeter, R.I. headquarters. The idea was to provide greater application functionality and flexibility, especially for mobile users, while giving us some breathing room for expansion and lowering power and cooling costs.

The results have exceeded expectations.  We replaced 100 physical servers with just five machines for peak periods and three for nighttime hours. All told, we’ve virtualized more than two-thirds of our enterprise server infrastructure thus far. As a result, we’re saving lots of money on power, cooling, IT support and operational costs.

Westcon Group has gone even further, as it’s one of the few companies that has virtualized 100% of its server infrastructure. And it is likewise getting some big benefits, as outlined in this story from InformationWeek, which quotes Bill Hurley, CTO and Executive VP of Westcon Group:

The new virtualized environment requires fewer system administrators to manage, saving on managed services expenses, lowered the cost of data center consolidation, and lowered electricity consumption in the new digs. Hurley said getting to 100% virtualized has saved Westcon $1.1 million over a two-year period. He now runs 350 virtual servers on the 22 UCS blades, with some blades hosting only 3-4 virtual machines and some hosting 25-30.

Virtualization is about more than cost savings, as Bill highlighted during a recent CIO Tech Talk he did with us. The technology lays the foundation for lots of other applications that help Carousel and Westcon Group drive more business value, including unified communications, mobility solutions, security and, in particular, cloud computing.

We learned quite a bit during the course of our virtualization project – so much so that we wrote a white paper called “Best Practices in Data Center Virtualization” to share our experiences. One of those best practices is to make good use of expert resources and technology partners.

If you need help with your virtualization project, you’d do well to leverage the expertise and resources of a partner like Westcon Group. For years, Carousel has benefited from the experienced team at Westcon; we encourage you to do the same.

GPN, GPS and Distributor-as-an-agent

One of the great things about being in distribution is  the ability to deliver products and services that can simultaneously generate excitement and create value for both our customers and our vendors.

Westcon prides itself on its global capabilities.  We truly believe that our ability to deliver on the needs of our local customers and simultaneously meet the requirements of our customer’s global deployments really gets to the heart of what Westcon and Comstor is all about.  We have been delivering this capability for a number of years through our Global Procurement Service (GPS) which eliminates much of the complexity normally associated with global logistics.  These complexities are usually in the areas of global trade, customs and duties, tax recoverability, audit, compliance, global staging and configuration, and the ability to manage complex global projects from a single “global desk”. Comstor’s GPS handles this for the reseller.  This gives our customers a single point of contact, consistent global discounts and pricing, a single global contract with consistent credits and terms, local relationships, in-country fulfillment, and local invoicing in 60+ countries.

What gets really exciting is when you can bond together that capability with creative offerings from world-class vendors and technologies that focus on solving end user global business requirements while empowering local
resellers to leverage our global footprint.

One of the poster-children for global technologies is video conferencing.  Not just to drive down the costs of travel (which is a great) but more importantly, to help accelerate the business growth and effectiveness of end users as they globalize their business processes.  Telepresence technologies produce greater business value not just for those firms that are already global but also as a tool to accelerate the maturation of firms who wish to move from “national” to “global”.
As an organization specifically built and operated to distribute Cisco products and services, Comstor is now working with Cisco to leverage our GPS
capabilities and simultaneously create more value for the reseller.  This is what today’s GPN announcement is all about.

The Comstor-Cisco GPN announcement is based on the concept of “distributor as an agent”, which allows customers to better utilize Cisco partner resources to service their global requirements.  Focusing on the Telepresence technologies,
the GPN program basically empowers the reseller to work with their customer’s
headquarters to centralize design and purchasing decisions for the global solution whilst utilizing Comstor and Cisco’s global reseller partner base for local
delivery of the products and services that make up the global solution.  All parties get the Comstor inherent advantage associated with our GPS capabilities as described above.

As the CTO and CIO for Westcon and Comstor there is nothing more rewarding than knowing Comstor’s systems and processes are being leveraged by vendors such as Cisco to help our reseller partners successfully embrace their customer’s ongoing march towards globalization.  Now Comstor and Cisco have a program that can really give the authorized reseller the ability to act globally and locally at
the same time.  It’s always exciting when every member of the channel can work in synch on creative offerings wherein everyone wins.

Cloud Dynamics

We’ve been spending a significant amount of time on two cloud fronts (no pun intended).  First, helping companies understand their potential role and opportunity in the cloud, and second, how they can participate in this burgeoning marketplace without over-committing capital.

Westcon has begun the build out of our cloud platform wherein we continue our role as a distributor.  In the case of the cloud, we see our role as the distributor of cloud services to resellers, systems integrators and service providers globally.  Our partners can then utilize the Westcon cloud platform to provide those cloud services to their end-users/customers. The focus is on education and awareness in addition to the actual technology.  Our platform brings together offerings and markets.  What we will not do is compete with our customers or vendors who are interested in building out the infrastructure necessary for the actual cloud offering.  The Westcon platform is in production in the UK and is now being rolled out globally.  The platform is exciting, and we will have more formal announcements in the near future, but just as interesting and exciting is the ebb and flow in clarity of roles and opportunities within the cloud marketplace.

In the cloud, the traditional vendor to disti to serviceprovider/reseller to enduser dynamic can be turned upside down.  Traditional service providers are now building out infrastructure to house their cloud offerings, while traditional manufacturers/vendors are looking to their customer base to invest and house the necessary infrastructure to “manufacture” the cloud offering.  Not quite, but it almost feels like they are swapping roles within the channel. Some vendors are drawing a line, stating that they want to compete in the cloud, but only as a supplier of hardware and software.  And these vendors are approaching their customer base in a quest to have their customers “manufacture” the cloud service, based on the vendors technology.  This puts the capital onus on the customer base.  So, creative financing becomes more and more critical as these companies do not want to risk that much capital on an unproven market.  Distribution can, and is, stepping into the breach, sometimes quite creatively, to provide potential financing options.

Financing the capital investment required to build out cloud platforms is becoming another important component in the infancy of the cloud industry.  These issues are quite complex, and will take time to mature.  Hence our belief that we are still very, very early in the cloud era, with many unique opportunities in front of every player in the channel.

Hot, Not Hot, and Be On The Lookout For….

Hot

- Flat network – already discussed in earlier posts, but continues to remain an early, “going to get hotter”, topic. Each of the vendors is, or has, recently made significant announcements about their converged Ethernet/fabric/2-tier/1-tier offerings.  Driven in large part by the need for a data center network with lower latency, optimized for virtualization, the network is the data center, and the data center is the network.

- Data Center to Data Center networking – really a subset of the above, but there are nuances such as WAN Acceleration technologies specifically designed for DC to DC as opposed to DC to Campus. This nuance will become more and more of a marketing issue for those better positioned as opposed to those perhaps not really in that DC-to-DC space.

- SBC’s – starting to get the recognition of their importance relative to their role in UC. They can be considered the switch/firewall equivalent for VOIP/UC. As companies and the public overall migrate to VOIP and SIP, SBC’s become critical. Expecting steady growth with an inevitable over-hype by the media once they understand the technology in the next few months.

- Cloud failures – the stories will remain hot for a while. In addition to service failure there will be offering failures – established vendors pulling out of initial cloud forays.

Not Hot

- Cloud success stories – this will take a backseat for a while, but cloud successes will definitely continue nonetheless.

Be on the lookout for:

- Virtualization security – as vendors continue to realize the exposure that virtualization presents, more and more messaging and positioning will appear. The exposure is two-fold. First, the obvious – a new layer in the stack introduces new opportunities for bad people to do bad things. But second, perhaps not as obvious, is the governance associated with the potental consolidation of previously physically separate servers/applications/data onto one single physical server. The IT group doing the consolidation may not recognize the compliance risks they are introducing.  And potentially even more interesting, the hypervisor doesn’t have a mechanism to process business rules associated with the company’s compliance or regulatory policies yet.

- POE – probably not the most exciting discussion point, but POE dedicated vendors have technologies coming out that can help support the powering of all the new video demand going on in the network. This is especially important for the growth of outdoor video/signage (think stadiums and traffic). Many of the vendors embed POE, but some of it is “just enough” and really does not provide the flexibility companies will need as they grow their video usage.

- Tablet Videoconferencing – there is definitely the potential for a schism to appear. I think it is already appearing. We could end up with high end videoconferencing rooms and many low-end video conferencing end points being tablets. The issue over video quality is over. Pretty much every device now has HD capabilities. With the growth of tablets, I pads or Android, the consumerization of IT is forging some new paths in video and UC.

Identity and Access Management (IAM)

The ability of an organization to rapidly search, identify and verify who is accessing the systems is a critical aspect of meeting security and compliance requirements for the organization.

An Identity and Access Management (IAM) solutions tool is often deployed in order to achieve these goals.

In its simplest form, IAM ensures the right people get access to the right resources at the right times for the right reasons.

Technology is only one the components of IAM. Both processes and supporting tools are critical elements of an efficient IAM strategy.

I will concentrate on the technology aspect of IAM. In particular I will focus on the Single Sign-On piece in this blog . Future blogs will attempt to look at other IAM technologies.

Broadly, IAM comprises the following technology components:

• Authentication: Traditional way of authentication is by means of username and password. There are products that provide methods that are stronger than passwords.
• Authorization: Grants and enforces access
• Enterprise Single Sign-On: Enable users to authenticate once and then be subsequently and automatically authenticated to other target systems.
• Federated Identity Management: Enables identity information to be shared among several and across trust domains.
• User Provisioning: Includes creating, modifying and deleting user accounts and privileges.
• Web Access Management: offers all of the above for Web-applications.

Enterprise Single Sign-On (ESSO)

Let us for a second imagine a home that comprises of at least 15 rooms (mine is much less) and each room is always locked with a set of keys. Including the main entrance, there will be at least sixteen different keys required to gain access to all of the rooms. The more rooms one needs access to, the more keys one would need to carry.

Life will be much easier for the home owner and anyone that requires access to multiple rooms if there was a master key that can open all the doors (that one have permission to).

Take this analogy and apply it to the IT network;

• House = IT network
• Rooms = Applications on the network
• Person = Username
• The Key(s) = Password

To gain access to any IT network, one generally requires a username and password. The system combines the username and password to represent the identity of the person requesting access to the network.

Gaining access to the network does not necessarily mean that one have access to all the applications on the network. For example access to the HR applications will be restricted to only the HR personnel and this will usually mean another set of username and password.

The more applications you have, the more username and password to manage. Managing a distributed security issues associated with duplicate identity stores is a nightmare for both the end users and IT administrators.

The concept of a master key on the IT network, known as Single Sign-On, is one way of addressing the issue of multiple usernames and passwords.

Single Sign-On (SSO), sometimes called Enterprise Single Sign-On (ESSO) enables users to access all their applications with a single password.

Originally, SSO was to be achieved by developing all applications and tools to use a common security infrastructure with a common format for authentication information.

Creating a common enterprise security infrastructure to replace a heterogeneous infrastructure is without question the best technical approach. However, the task of changing all existing applications to use a common security infrastructure is very difficult.  In addition there is a lack of consensus on a common security infrastructure.

SSO solution as we have it today is implemented more like a proxy; you have the SSO application usually placed between the resource to be accessed and the user (identity) who needs to access the resource.

All applications that use the SSO as a proxy, will have given the SSO application “authorisation” to check users’ credentials on their behalf.  The SSO application will also have a record of all the different permissions and access levels of every authenticated user.

Some Benefits of SSO

For end users

• Only one password to remember and update, and one set of password rules.

For (IT) operations

• A single common registry (directory) of user information.
• A single common way to manage user information.

Security advantages

• Easier to manage and protect common registry.
• Easier to verify user security information and update when necessary rather than tracking down all operational systems. This is particularly valuable when users move to new roles with different access levels.
• Common enterprise-wide password and security policies.
• Users less likely to write down passwords since they only have to remember one.

The key to a successful implementation of SSO is planning. It is crucial that organisation choose the right solution; one that will scale and seamlessly integrate with the other IAM components.

With the ever growing list of security and compliance rules and regulations, the adoption of IAM technology amongst organization of various sizes will continue to grow.

Tablets for the Execs

I have an iPad.  I love it for home use.  And I think it has some significant value in business today.  But the one thing that I don’t understand is the value of an iPad for senior executives. 

Often, senior executives are traveling on planes.  The iPad’s form factor is ideal for this.  And, most senior exec’s live in their email.  They get so much of it.  What confuses me is that if your email platform is Exchange (and I believe the same holds true for Notes) you cannot delete email or move email into folders if you are using an iPad on a plane without wifi.  I am guessing Apple will fix that some day, if they actually think it is a flaw.  But it is really important for senior execs to be aware of this gap in functionality. And, for the exec to understand that it isn’t up to IT to “fix it” – we can’t.

For a CIO, one of the toughest challenges is helping senior executives keep their email managed properly.  Their inboxes can get huge fast, and even with the proper policies and archiving capabilities, senior execs must still aggressively manage their emails almost every minute of the day.  Ideally, being on a plane is a perfect time to tidy up their inbox.  The iPad’s form factor is perfect for that.  Just be aware that if your execs ask for an iPad that they understand the limitations.  It won’t help you help them.

PS – although not an advertisement for Android – my Xoom does allow me to manage emails completely on a non-wifi plane.

CIO Empathy

Last week I attended a small, informal breakfast for CIO’s, mostly located in the New York City area.  The event was well run, with no hidden agenda, and was genuinely about getting CIO’s to talk about their challenges and foster stronger relationships.  We talked about business alignment, challenges with mobile technology (Apple, Android, and enterpise access), security, social networking, fostering innovation, the concept of IT as a profit center, and the day to day joys and misery of being a CIO.  It was about 2 hours.

After the session, I went back to my office and later that afternoon met with my boss for a weekly one on one.  He mentioned in the meeting I seemed more upbeat than I have in a while.  We have been in the midst of some very, very complex projects, and there have been some extremely high highs, and extremely low lows, and I tend to be more impacted by the lows than the highs.  So I have been pretty worn out.  But, I have to say, after that breakfast with the other CIO’s, I have been feeling better.  And, I guess it was noticeable to my boss.  I was more positive in my thinking, comfortable with talking about some good news, and looking at some of the challenges in a more positive light.  I joked with him that I had just come from this CIO breakfast and realized that there are others out there who have just as many problems, or worse, and that the breakfast was a bit like therapy.

The day after that, I read this article from one of the bloggers at HBR and it really hit home.  The blog is on empathy, and how a leader can utilize empathy to be a better leader.  It is a great article.  But it also got me thinking about the CIO breakfast, and that once in a while you just need to talk to some peers who aren’t trying to sell you anything, aren’t trying to “fix it for you”, but have the look in their eye that says, “yeah, I know what you mean”.

The point of this post isn’t so much to talk about a great breakfast meeting or a great article on leadership and empathy.  The point is, that for the channel, there is a great opportunity for you to create this type of environment for your customers – getting them together informally, in small groups of similar backgrounds – to discuss their issues in a non-sales/non-solve-it-now, kind of environment.  The company that ran the breakfast was relatively new to me, but I am now a loyal friend or partner.  They didn’t sell me anything, but they helped me out alot more than they realized.  These types of sessions can be relatively cost effective for you to have with your customers.  You won’t see a dime in the immediate term, but you should expect (if you pick the right mix of participants) to see a stronger, longer, deeper relationship over the long-term.

What is a Private Cloud ???

I recognize that the media has moved the term “cloud computing” into an over-hyped state.  But, as a CIO, I also know that there is real value in utilizing the cloud.  The “Public” Cloud.  What has me concerned is that the media is now calling everything “the cloud”, breaking it into public cloud services and private cloud services and I think I am missing the point with “Private Clouds”.

The categories of “cloud services” are, in simple terms:

1. Infrastructure as a service(IAAS) – this is the “storage as a service” or “compute as a service” type offerings.

2. Platform as a service(PAAS) – this is the Amazon EC2 or Microsoft Azure type offerings.

3. Software as a service(SAAS) – this is the Salesforce.com type offerings.

One of the most appealing aspects of the cloud is that the cloud concept is based on a “pay by the drink” model.  You only pay for what you use.  When you’re not using it, you don’t pay – like a utility.

But this is where the benefit of the private cloud seems to break down.  It breaks down on two levels: First, as a CIO do I have or want to invest in having the capability to provide my enterprise with a pay-by-the drink model and the associated billing functionality and; Two, even if I had the capability, do I really want to have that as the model for my enterprise IT service?

The above presumes that when one talks about a private cloud they are not just talking about virtualization.  Virtualization is a great opportunity to more effectively and efficiently manage the data center.  Westcon’s data center is 100% virtualized.  We are a big proponent and find great value in virtualization.  And, the underlying principle that accelerates cloud offerings really is virtualization.  But, by definition a private cloud is more than just a virtualized data center.  The CIO delivering a private cloud has to provide the abovementioned cloud services while doing so with a pay-by-the-drink billing capability, competitively priced.

There has to be more.  For example, even if tomorrow the CIO made IAAS/PAAS/SAAS offerings available to his or her business units with a pay-by-the-drink usage tracking and billing capability, are the internal business units prepared to take on the responsibilities associated with consuming such services.  I know it’s been very fashionable to question the value of IT, but the truth of the matter is that every well-managed firm utilizes IT to compete more effectively.  Can the CIO compete with the public cloud offering on price, and still provide the competitive value inherent within a business-process savvy internal IT organization. Few CIO’s can compete with Google or Microsoft on price.  Therefore the CIO is then left with monetizing the infrastructure sitting in the enterprise’s data center.  And, the CIO must either monetize the business process services inherent within IT or dismantle those services.  This will not create value for the enterprise.  And I doubt the CFO wants to hear about all the capital infrastructure write-offs the CIO would need to incur to become price competitive.

There is no doubt that the public cloud can create value for the CIO and the enterprise.  But it requires proper planning, and its value in the short term is incremental.  But the concept of the private cloud is different.  It requires a substantial upheaval within the IT organization as well as within any business unit that relies on the IT organization.  It is unclear to me where the cost/benefit is within that internal upheaval.

Then again, if the private cloud is really just virtualization, then let’s just call it virtualization, and reinforce the value of virtualization’s benefits.

Approaching the CIO

I recently spent a few days in a conference run by one of our most valuable customers.  I was honored that they let me participate.  I was there to present key IT trends that we are seeing and how they may be impacting the reseller market overall.  But, many of the conversations ultimately ended up discussing how best to approach the CIO.  Everyone had some great success stories, so by no means is this post the only way to do it.  But, as CIO for a relatively normal $3.5 billion firm, I am happy to be a proxy in helping any of our customers understand how IT people think.

Once again, this is a sample of one, but I thought it might be of value to share with you.

The Firewall Journey

My eight year old daughter asked me what a firewall was the other day. I had to think carefully about my answer. I wanted to explain it to her in such a way that she is not left confused even more. I told her that a firewall is something that helps protect the computer from the bad stuff and that the firewall is clever enough to distinguish the good stuff from the bad stuff and will only allow the good stuff in while keeping the bad stuff out.  

I am not sure if I succeeded in my explanation in the end.

My answer got me thinking about the firewall and how relevant and effective they are in actually keeping the bad stuff out.

A firewall at its most basic level, controls traffic flow between a trusted network (a corporate LAN) and an untrusted network (the internet). Majority of the firewall deployed today are port based; they use source/destination IP address and TCP/UDP port information to determine whether or not a packet should be allowed to pass between networks.

For the port based firewall to be effective, applications need to use the ports that they are expected to use. For example the firewall would expect E-mail application to use port 25, FTP to use port 21 and web to use port 80. There are “well known” ports that have been assigned to applications and the static port based firewall expects all applications to stick to this rule.

Port based firewall relies on the convention that a given port corresponds to a given service/application. In other words, they relied on the simple equation that:

Ports + Protocol = Application

For Example:

 Port 25 + TCP = Email

They struggle to distinguish between different applications that use the same port.

In order for the firewall to continue to have relevance in protecting the network, it needs to be “more intelligent”; it needs to be able to do what the traditional firewall do today and much more.

Firewall need to evolve to be more proactive in blocking new threats. Enterprises need to update their network firewall and intrusion prevention capabilities to protect business systems as attacks get more sophisticated.

In the research note “Defining the Next-Generation Firewall,” Gartner states that “Changing business processes, the technology that enterprises deploy, and threats are driving new requirements for network security”.  Gartner warns that “To meet these challenges, firewalls need to evolve into what Gartner has been calling ‘next-generation firewalls.’”

There are several attributes that the “The Next Generation Firewall – NGF” needs to have, they include:

• Ability to identify applications regardless of port or protocol
• Ability to identify users and not just IP address
• Ability to cope under heavy traffic (multi-gigs) without any performance issues
• Ability to use information from other sources outside the firewall to make blocking decisions

The NGFs should be able to distinguish between Skype and Facebook; it should be able to tell who is (and not an IP address) on YouTube and be able to support heavy traffic. A NGF should be able to use information from a directory service (e.g. Microsoft Active Directory) to tie blocking to user identity.

The leading firewall vendors have recognised the challenges of the traditional firewalls and several products have been released.

Cloud computing, Consumerization, Compliance and the Mobile workforce is set to continue to rise and this will only add to the Security pressure on the network.  

I have since had another “firewall” conversation with my daughter. This time I was explaining to her what a next generation firewall is and surprisingly, it made more sense to her this time. Now every time she cannot access a website, she blames the firewall!

Data Center Consolidation Quick Thought

1. EMC acquiring Isilon, HP/Dell fighting over 3par. It is probably safe to say that there is a consolidation happening at the storage level.
2. Avaya, Brocade, Cisco, Enterasys, Juniper all announcing data center networking/fabric solutions – each one upping the other.
3. Virtualization creating greater concerns and opportunities each day in the security industry.

Is it safe to say that the accelerated pace of consolidation we are seeing at the storage level will begin to take hold at the Data Center Networking level and/or at the Security level?

The World is Flat – And the Data Center Network?

Thomas Friedman in his book “The World is Flat: A brief History of the Twenty-First Century” analyzes how the world (in terms of commerce) became a level playing field as a result of globalization.

Is the Data center Network becoming flat?

Businesses reliance on IT to achieve more with less has never been greater. Flexibility and scalability of a fully virtualized or cloud data center will play a key role for the IT organization in their quest to keep up with the demand placed on them by the CXO.

Achieving a fully scaled out dynamic virtual data center (where applications and virtual servers can move seamlessly to other hosts) and a converged network (where all data center traffic, be it storage, messaging, or voice move onto a single network) is not possible with the current multi-tiered network.

The data centre network is the critical enabler of all services delivered from the data centre.  Many data centre networks in operation today were designed and architected to support a multi-tier network.

These setups were designed for traffic patterns that predate virtualization. They are not optimal for today’s brave new world of server consolidation, virtual machines, and cloud computing and 10 Gigabit switches.

The multi-tier network was created as a work around for the limitations of Spanning Tree Protocol (STP).

The main goal of STP was to give us a loop-free network. To achieve this, STP makes sure that there is only a single active path to each network device.  STP did manage to achieve its goals, but not without introducing limitations. Some of these limitations (listed below) contribute to the road blocks that needs to be addressed in order to achieve a fully scaled out and dynamic data centre.

• Wasted bandwidth – by blocking some network paths in order to avoid loops, all the available bandwidth is not being used
• Active path is not always the most cost effective – This impacts virtual machine and application portability
• Fail over time – when a device fails, STP reconfigures the network and sets up new pathways, but it does so relatively slowly. This is not acceptable in today’s network

The workaround for STP limitations has been to keep Layer 2 networks relatively small and join them together via Layer 3 segments. – Welcome to 3-Tier Network.

Then came virtualization and unified network. It soon became obvious that the 3-Tier network is not ideally suited to support this new technology

For example, in order to do a non-disruptive VMotion, the source host and target host as well as their storage needs to be on the same Layer 2 network. In other words, live migration can only happen on a single subnet.

All of this (and host of other issues) leads to a requirement to make the data centre network more intelligent. The buzz word for this is FLATENNING THE NETWORK.

According to estimates by some analyst firm, if all businesses eliminated a single layer from their networks, they could collectively save $1billion in IT spending.

So what is the way forward and how are the vendors responding?

The way forward is to come up with technology that can address the STP issues at the same time flatten the network down to two tiers, and if possible one tier.

Transparent Interconnection of Lots of Links (TRILL) is a proposed standard from IETF that is aimed at eliminating the aggregation/distribution layer and creates a switch fabric. TRILL goal is to make the network more intelligent and eliminate all of the shortcomings of STP.

Radia Perlman (the creator of STP) is a member of the IETF working group developing TRILL.

TRILL is an emerging standard and some analysts believe that we are at least 2 years away from a matured standard-compliant implementation of technology such as TRILL. However vendors such as Brocade, Cisco, Extreme, HP/3com and Juniper have all come out with approaches that flatten the network down to two tiers, and in some cases one tier.

Westcon have over 25 years of experience in the networking business and our focus is to work with our customers and help them with the transition. The skills we have acquired over the years and the fact that we carry majority of these vendors mean we are well placed to educate and help our customers to negotiate the new world of a FLAT network.

LEAP

If you are a regular reader of this blog you know that Westcon is a distributor of Networking, UC, Security, and Data Center technologies.  We do about $3.0 billion in revenue per year and distribute solutions to over 70 countries.  We conduct business under two brand names – Westcon and Comstor.  As CTO I am responsible for both the technology that runs the enterprise and also setting the overarching strategic direction of the firm from a technology perspective.  So, I get to work with the stuff we distribute.

There have been a number of posts on our Data Center Consolidation project and our migration to virtualization.  Our journey towards selecting the right platform for us was important on a number of levels.  Obviously we wanted to make the best selection for our enterprise from an ROI perspective.  But we also planned ahead and utilized the decision making process as a framework that we would share with our customers (Resellers, SI’s, Service Providers) to help them in understanding the decision making process of the average mid-size enterprise end-user/buyer. 

The Framework

Substantial technology decisions must always be premised on rational business justification.  The bigger the purchase, the more demand for a coherent, articulate business justification (ie not tech-talk).  The learning process involved in acquiring new technology has to be at two levels – what is the technological benefit and what is the business benefit.  In addition to learning about the technology and the business rationale, there is the need to actually experience the technology in action.  Especially if the technology is on the leading edge, such as Virtualization or Cloud.  And, no technology purchase happens in a vacuum.  Understanding how the new technology can be architected into a heterogeneous environment needs to be part of the process.  Lastly, the larger the decision, the greater the need for a clear plan, with specific milestones, in order to ensure business and technology decisions are synchronized for success.

LEAP – Learn, Experience, Architect, Plan

This high level decision making process became a framework that the channel can use in conversations with their customers.  In order to deliver on this framework, Westcon recognized that an environment was needed to step through the four steps of the process – learn, experience, architect and plan.  To achieve that goal, Westcon will begin launching LEAP Centers around the globe in the coming months.  The first center opens in Brussels, Belgium this week (September 29, 2010) followed by the opening of the Denver, Colorado LEAP Center on October 20, 2010.  Additional sites in Australia, Brazil, Singapore, and South Africa will come online in the future.

Each LEAP center is designed to help the channel (with end-users when desired) learn about new technologies, the business value of the technology, and how the technology actually performs in live, heterogeneous technology environments.  The goal is for Westcon’s customers (Reseller, SI or Service Provider) to truly understand these new technologies and what the proper architectures are for solutions that include these new technologies.  Ultimately the goal of the LEAP center is to create a more informed channel partner who can successfully sell the solutions efficiently and effectively.

Our experiences as an average IT organization showed that our engineer’s “new technology skepticism” was eradicated when they had the chance to work with the equipment real-time.  As an example, in the case of our data center consolidation, the original selling points for our technology configurations were superseded with more important benefits once the team got their hands on the equipment. Appreciation for these new capabilities would not have been accomplished without working with the equipment.  That is a key objective of the LEAP Center.

Your LEAP Center

Each LEAP Center is a fully configured data center, running hardware and software from multiple manufacturers in order to create a more realistic IT environment.  The center contains equipment from vendors that, in some cases, Westcon does not even distribute.  Westcon has full-time engineers dedicated to the running of each LEAP Center.   But make no mistake about it, the LEAP Center is a center for our customers.  We built it for our channel customers.  Our goal is for our customers to be successful in deepening relationships with, and ultimately selling to, their end-users by creating greater value to their customers through the knowledge gained in a LEAP experience.   We want our customers to consider the LEAP center as an important component of their portfolio of sales strategies, tactics and tools.  LEAP Centers will help our customers Learn and Experience the technology, but also be an environment wherein they can bring in their customers to work on specific Architectures and Plans.  In order to do that, Westcon has committed millions of dollars in the development of the LEAP Center.  Ultimately, Westcon believes that this investment for our Resellers, Systems Integrators, and Service Providers will generate profitable success for our customers, their customers, our vendor partners and the channel as a whole.

We look forward to seeing you at one of the LEAP Centers soon!

Downturn V2.0?

Gartner recently released analysis advising CIO’s on how to manage and prepare for a second downturn in the economy.  It seems like there have been genuine concerns for a while, but now seeing Gartner’s analysis AND seeing firms already starting to advertise their value in the context of Gartner’s just released analysis indicates that there is a lot of genuine concern and we are heading down again for the second time.

It doesn’t matter if it is a formal recession (2 consecutive quarters of negative growth in the United States).  We  have to assume the worst and start planning for it.  Again, it comes down to the same issues as before – how are you (the channel) meeting the needs of your customer and what are you doing to deepen existing relationships?

As CTO, in addition to the Gartner analysis, we are seeing Intel and Cisco resetting Wall Street’s expectations – downward.  And we are seeing PC forecasts being brought down for the next few quarters.  Signs that tend to assume 1.5% GDP as opposed to 5.0% in the coming 6-9 months.  Companies such as Intel and VMWare making acquisitions to round out their solution sets, or to expand into new market adjacencies, could be rationalized as a slow-growth indicator since these firms might, in better times, look for organically developed solutions rather than taking on the additional risks associated with acquisitions.

As CIO, my sense of the situation is as follows – internally Westcon went through a serious set of cost reduction activities in the fall of 2008.  Those actions positioned us to sustain our business and be ready to move quickly once an upturn appeared.  During this down period, we were able to really dissect the skeletal structure of many of our planned projects, and really get underneath the potential ROI calculations to clear away any noise in the analysis.  When the upturn began to appear we moved quickly to execute on those projects that we had analyzed and kicked off a number of capital and expense initiatives that would drive down costs and/or improve relationships (and thus revenue and profitability) as the economy grew.  With the next downturn staring us in the face, and with everyone coming back from summer vacation, one can assume that CIO’s will start putting new projects on hold in September, with an eye towards revisiting them in January/February 2011.  Although this looks more like a US downturn than anything else, any US downturn has global implications.

So, in general, projects kicked off in late 2009/early 2010 probably have the budgets in place to continue through the remainder of the year, and although they will be the second place that the CIO goes for costs reductions, these projects have already been analyzed to death in the first downturn and probably are deemed most important to the long term success of the firm and will likely not be stopped.

If you agree with everything said so far, then there are considerable opportunities for the channel during this 2nd downturn.  The opportunities will most likely be with the customers you were working with most closely towards the end of the first downturn and the beginning of the uptick in the economy.  These customers would have engaged you in projects in the Fall of ‘09 and early 2010.  The message here is that your customers probably do not want to focus too much on new initiatives, but want to work with you on previously approved projects to make sure that those projects successfully hit or surpass any upcoming project milestones.  Again, having that deep understanding of your customer’s strategy and priorities will help you and your customer through this impending downturn.  Lastly, I doubt there will be any of those last minute “gotta spend it before the end of the year” opportunities at the end of 2010.

Certainly, I hope Gartner and the other indicators are wrong, and that the economy snaps back to 5.0% growth.  But, just in case they are right, you may want to consider revisiting your most valuable US customers after the US/Canada Labor-Day holidays, and ask them how you can start working most effectively with them to prepare for the next downturn.

Desktop Virtualization

A lot of hype, wow, a lot of hype.

One observation

The actual ability to introduce the solution into the end-user enterprise needs to be looked at in two parts.  It seems that those most excited are focused on the value and flexibility of the end-points.  We need to be able to focus everyone’s attention on the real hurdles associated with VDI which is primarily around SAN (or simply put IOPS) performance.  Our counsel to our customers, as a distributor, is to introduce the benefits of the technology without requiring capex investments on end points.  End users can get a lot out of VDI pilot programs by using existing end points (laptops and desktops) and focusing the pilot on the introduction of the VDI platform and the demand it places on the SAN and the network.  It allows everyone to get a better sense of the complete cost/benefit picture without getting tripped up on the introduction of a new end-point platform.

Consortiums – Where does this lead us?

The rise of consortiums (multiple manufacturers integrating their products to produce an integrated, “pre-built”, solution) poses an interesting set of questions about what IT will look like in the future and the role the channel will play in that future.  Integrated offerings look to the purchaser to be easier to understand, easier to justify, and easier to support or to acquire support.  The channel may need to recognize that a new wave of thinking with regards to addressing end-user needs is upon us.  Being a bit sarcastic, but are we looking at another round of “evolve or die” in the channel?

What does it do to the channel?  Does it minimize the value the channel provides, or does it open up newer opportunities?  There are newer opportunities, for sure, but are they more vertical? More limiting?  Deeper knowledge and expertise can now be acquired, retained and delivered across the specific components of the integrated stack.  This is great for the consortium’ and their specific product, great for those in the channel who have that expertise, and great for the end user.  Conversely, does it impose limits on the breadth of solutions that the channel partner can participate in selling and supporting.  One would think that it has to.  The channel partner only has so many resources.  But, the consortium’s products should already be built to work together, and hence there are limited support requirements since the platform should perform more effectively than if someone had sown the platform together themselves.  So, there are a number of opportunities to argue that the consortium solution requires less support from the channel. But the consortium’s integrated solution still needs to work in the heterogeneous environment of the end user.  So, will channel partners evolve who focus purely on the integration of consortium solutions into brown field opportunities. Can the partner scale, becoming an expert in both the actual consortium built solution, and the integration of that solution into the end user’s heterogeneous environment.  Can channel partners combine (collude?) to marry their expertise of the consortium’s product and various end user environments?

The Consortium’s solution should be, theoretically, easier to sell.  Once you create an integrated offering, you basically move up the technology evolutionary scale, becoming a business solution as opposed to just being a technology solution.  Business solutions imply an easier ROI equation as opposed to technology solutions.  The opportunity for the channel is the relevance of that business solution to the end user’s needs.  The channel is now presented with the opportunity to more deeply ingrain themselves in the strategic decision making process of the end-user.  In order to get there, new thinking in the areas of relevance selling become critical.  The consortium’s solution has multiple components that are synthesized into a business solution.  Traditionally the channel was more adept in the lower rungs of the technology scale – selling the components or providing the services necessary to synthesize the solution.  With these two components of the sales opportunity now being potentially commoditized or completely eliminated via the consortium’s solution, the opportunity to focus more on the end-users business needs takes on greater value to the channel.

This all presumes the consortium concept really takes hold.  It could be that the HP’s, IBM’s, and Cisco’s of the world are just going through a “phase” and their relationships and partner eco-systems will reform so often that integrated offerings being created by consortium’s today will just be an ongoing stream of alternatives, with the consortiums themselves being fluid and temporary.  But, the investments and rhetoric seem to indicate that this time we may have more substantial, long-term entities being formed.  Whether we are in a temporary fad or a true market transition, the channel will most like succeed by focusing on moving up the technology/business solution evolutionary scale, listening to the needs of their customers, and solving for those needs with the most effective, stable solutions available.

Cloud Physics

Westcon’s migration to Microsoft’s BPOS Cloud Solution has brought sunlight to some broken processes that reinforce the need to really plan out before jumping to the cloud.  Although we discussed this topic earlier in another post on the WestconCTO blog, we thought it might be of value to discuss it again but from a different angle.  We would like to share our experiences in the context of the channel opportunities, the need for advisory services, and the recognition that although Cloud Services are the way to go for commoditized technologies such as email, even then the ramp-up will be slower than the hype due to the hidden complexities lurking in every organization’s business processes.

The Silver Lining here is the services and guidance that are truly needed are an opportunity since they appear to be underestimated in many cloud deployments.  In our case, because of proximity of the physical servers, and the fact that it appears our own engineers were doing things on the QT (to genuinely help their business colleagues succeed), the business processes of our organization have become severely clogged or weighed-down.  The “ease of use” of just dumping everything into email was in some cases compounded by business partners who took the easy way out, too.  The interactions between the organizations, and within our own organization, relied more and more on “softly structured” data and less on structured data interactions.  “softly structured” means to us that the information necessary to complete the transaction is structured, but it is wrapped inside an email, rather than just being communicated via a webservice or EDI. You can actually see the structure of the data in the email.  The reliance on email, rather than taking the extra step to utilize existing message bus/SOA architectures is one example of the many types of process adhesions that your customer’s organization has most probably created, which will be exacerbated when they migrate to the cloud and all the cut-corners are exposed.

The opportunity is this – having an appropriate partner to work with when the end user is deploying a cloud service is crucial to success and an opportunity for the channel.  There are “quick answers” to the problem (OCR the email would be one), and there are more strategic solutions (tighter, structured messaging/SOA designs that are easier to incorporate) that need to be addressed before the end user goes to the cloud.  Our sense is that the smarter members of the channel will see this, and by bringing in the appropriate architects, process consultants, or engineers, the end user will ultimately be more successful in their utilization of the cloud.  This does lead though to a hard conversation around costs.  Most companies are not going to the cloud to improve their business processes, they are going there to reduce costs, and will perhaps not react well to the process re-engineering conversation that must occur before going to the cloud.  Nothing worthwhile is every easy, and this applies to the cloud as well.  This also means that any of your sales folks who are projecting cloud services sales within their pipeline had best ensure that they are allocating the appropriate lead time for this analysis.  If not, they may suffer from premature pipeline projections, or the customer will suffer from an unsatisfied customer experience after the cloud service has been deployed.

We have had some great experiences in the cloud, reaping real dollar savings.  We have also stubbed our toes.  But this does translate into opportunity for the smarter members of the channel.  Again, there are significant changes on the horizon due to the cloud.  We feel having the early experiences here at Westcon, as well as at your own organization, with the impact of these newer offerings, will only help solidify your relationships with your customers.

Innovation Without Structure is Anarchy

I recently had a conversation with a friend who is in the high-tech distribution industry who was grappling with a problem.

He had been having a rather heated argument with one of the most potentially innovative people he had ever met in his company.  Her argument was that he was wrapping too much structure around the company and that this would stifle innovation.  His counter-argument was that they really could not innovate if they could not agree on what the standard,  most efficient ways to do things were from a baseline perspective.  He believed (as do I) that innovation is born out of those standard structures - producing new approaches to current problems or new products/services that extend the company’s value proposition.  He knew he had a sympathetic ear since I totally agree with this philosphy.

My friend and I were having this conversation in the hotel bar, and I subconsciously noticed that Charlie Parker was playing in the background.  So I started down this path – “John, what kind of music does Jane listen to?”  He said that she actually had a similar background to John and I which was the Grateful Dead and Jazz.  (Most folks probably do not realize how close the Dead and Jazz are.  Phil Lesh and Bob Weir of the Dead consider John Coltrane one of their biggest influences.  For the more modern rocker, Dave Mathews claims Charlie Parker as one of his biggest influences.)  Jazz musicians like Parker, Coltrane & Monk are some of the greatest improvisational (read “innovative”) musicians in the world.  But they innovate off of structure.  For Parker there was, in general, a beginning to the song where he set (or allowed to be set) the structure off of which he would innovate.  Bebop players changed the rules a bit by flattening the fifths inside the chord structure, but that was in itself an innovation that then became a standard to build upon.  The point here is that the song had structure at the start, and then came back around at the end many times to replay that structure.  In the middle was a clear structural foundation of chords and harmonies that the artist could innovate off of.  Without that contextual foundation, all you really have is noise or anarchy.

The Dead were the same way.  Bob Weir once remarked that the Dead started a song with a specific structure, and then literally “leapt off the building”.  The difference here was that they relied on the fact that one member in the band would re-introduce structure (structure meaning baseline chord progressions that they all were intimately familiar with) to the song before they “crashed to the ground”.  Anyone who followed the Dead from that perspective knows that the band grew stronger and stronger with each leap.  They learned from the improvisational experiences, and would re-introduce those improvisational elements as new structures in future iterations of the song. 

Innovation (read improvisation) without structure will lead to anarchy.  Employees who must execute against the new innovative idea need to contextually understand how you got to the new innovative solution, and their roadmap is made up of structure where the beginning is where they are today.  You can innovate all you want, but if you cannot get your employees to execute inside the innovation, all you have done is created a song with no sound.

Technology has the greatest opportunity to be both the driver of the foundational elements of every business process, and at the same time be the true spark for innovation.  But in order to create that spark there must be standards (process with structure).  My point to John is that Jane can not only innovate with greater value, but also help others to innovate, once she recognizes that the innovation is really an improvisation off of an existing chord structure (ie business process).

DC Consolidation, UCS and BPOS

If you have been a steady reader of this blog you know Westcon/Comstor is in the midst of a data center consolidation project, moving our production infrastructure to the new Cisco UCS platform with EMC Clariion.  The past two weeks were wins, on a couple of levels.

Westcon’s Single Global ERP system runs on three instances.  Our most recent win was the completion of the migration of our North American instance to the Cisco/EMC platform.  We had a number of challenges along the way, and it will be a couple weeks before we declare complete victory, but there were immediate performance benefits that are immediately helping our sales, operations and finance colleagues.  We are really seeing queries that would take 3 minutes now return results in 30 seconds.  Batch jobs are running significantly faster.  This translates into the potential for larger windows of uptime.  And, as Comstor’s/Westcon’s business continues to grow, and the transaction volume continues to increase, we have the headroom to take on the volume without increasing our batch windows.  The performance of the platform has so far been living up to its expectations.

In addition to having a very smart, tireless, group of application’s, infrastructure and engineering colleagues inside Westcon, and great support from Cisco, EMC and CBTS (our data centers are being consolidated as a managed service within Cincinnati Bell – another great story for another post someday soon), one of the key reasons we were able to make the move in a relatively calm manner was our use of BPOS.  For those of you who are not familiar with BPOS – BPOS is Microsoft’s cloud offering combining Exchange, Sharepoint, OCS, LiveMeeting and Forefront.  Except for a couple of special mailboxes, everyone in North America was migrated to BPOS last year.  Why is this important?  Well, it was nice that we did not have to move all the Exchange servers from our old data center to our new data center.  We had slowly been de-commissioning the servers these past few months as part of the data center consolidation, but you have to love it when a plan comes together.  We only moved one.  The natural, high-level stress associated with a data center move was mitigated just a little bit because we did not have to manage the move of our messaging platform.

Why do we talk about this?  This blog is written for many different audiences, but one of the objectives of this blog is to help Westcon’s and Comstor’s customers (Resellers, Service Providers, and Systems Integrators around the world) understand what their customers are going through, and how the cloud can help as companies migrate to virtualization and new data-center converged platforms such as UCS/EMC.  Helping Westcon’s customers and Comstor’s customers provide a complete vision, optimized for the customer’s business situation, that leverages sound architectures, is a large part of the Westcon/Comstor value proposition.  We are literally eating our own dogfood.  We run our company on the products we distribute, sharing those experiences with our customers, part of which is why we write this blog.  We get many responses here from customers and suppliers, and encourage you to send your comments or questions any time on what we are going through if it can help you help your customers.

Engaging the CIO

I have discussed before the different aspects of engaging CIOs in order to sell into their organization.  As the CIO of Westcon, I am often asked to be a proxy for the CIOs of our customer’s customer.  Westcon runs seminars and sessions around this process, in order to help our customer’s succeed.  It is part of the value proposition that is Westcon, and we are happy to do it.

In these sessions we often structure the material around real life examples.  I thought two recent examples were noteworthy and would share them here.

The good and the bad

The good – as a company that has been through a few acquisitions, there is some legacy voice equipment still running within the company globally.  Intuitively one can imagine that there are incremental costs (maintenance and support primarily) that could be eradicated if we could be on a single standard platform.  And we could provide a more globally consistent unified communications experience for our employee’s.  But, standardizing just to standardize does not always make financial sense.  One of our key VOIP suppliers stepped forward and said that they would be willing to work with us to standardize our entire global VOIP platform, assuming we could make the ROI work.  Even though there is a significant investment of time that our Manager of Voice & Data would need to make to complete the analysis, the fact that the vendor came forward with an opportunity wherein the final decision would be premised on a positive ROI has made the engagement very productive for everyone involved.  And, even if for some reason the ROI does not work (which I am sure it will), I am definitely pre-disposed to looking at that vendor first for any future solutions.  And, I am more than happy to open up to her what my entire IT strategy is, because she has shown herself to be a true partner, focused on my needs.  Of course, she is trying to sell me something, but if it solves my problems, then everyone is happy.

The bad – conversely, recently we had a series of experiences at two levels that might be worth shareing.  First, there is the blind call/email.  There is nothing wrong with a supplier running a campaign, identifying me as a prospect and then either emailing or calling me to see if I am interested.  That’s how IT works.  But, there is a line that I feel seems to be getting crossed more and more.  If I do not respond to your email or call, please do not berate me or accuse me of being inconsiderate because I did not answer your email.  That’s not how it works.  I would say that the tone of the “follow up” has gotten more aggressive in the past 18 months.  I guarantee you that no IT leader appreciates being told by a stranger that it is inconsiderate that they have not received a response or “I have tried you many times and you don’t answer”.  Well, get the hint.  There is nothing wrong with sending a CIO a follow up to an original email,
stating something like “maybe you missed the first one”, but nicely make it clear that if there is no response to the follow up, there will be no more follow ups.  IT leaders get so many contacts every day that they quite often do not get to every email, and solicitations are at the bottom of the pile of emails or calls to reply to.  Personally I would rather get a “checking in” email every 6 months or so as opposed to the email that says “why haven’t you returned my emails?”.  In either case, don’t be surprised if you do not get a response but do be considerate in any follow up you may make.  (something about bees and honey and vinegar?)

The second-level of mistakes we have run into recently is the opposite or the lack of follow up.  If we are talking about something together, and there is a genuine opportunity, then I expect you will follow up with me or my team.  Yes, it requires work.  Similar to the “good” example above, if you want the business you will have to make the investment.  But, as with the above “good” example, your investment pays back in multiple forms.  First, hopefully you get new business, but second, you get access to a larger portion of the IT organization and third, perhaps you get a view as to the key strategic imperatives of the firm.  Ironically, if you never follow up with me, or expect me to take the next step, you will probably receive little more than an empty feeling that nothing was accomplished.  I may be difficult to reach, but show progress based on our last conversation, demonstrable progress, and any IT leader worth their salt will take the help.  “Tell me something I don’t know” about my own organization or the industry I compete in, and you will get my attention.  But, even if in our last call I said I would do something, and it didn’t yet happen, follow up with some more information to make sure I am fully aware of all the value you can provide to my organization.

It may be that times are tough, so folks are getting too aggressive at some points.  Or, perhaps business is starting to really pick up, leads are coming in, and you are dropping a few leads here and there.  IT managers remember things, for a long time.  Always make sure you have the bandwidth to engage with a prospective IT leader, otherwise it will backfire severely.  Conversely, making the commitment to become a true partner with the IT leader will always lead to more long-term business.

Email Needs Attention

Recently I spoke at a conference and discussed the need for every organization to manage their email more aggressively.  The driver for this was not the normal IT justification for space or performance, but the more important justification from an information integrity and document retention perspective.

Westcon benefits from solid leadership in our General Counsel.  They are always looking to work with IT on improving the company’s document retention policies and the tools needed for enforcement.  But, it may not be that way in every organization, and based on the reactions of some of the attendees, I think there is an opportunity for us collectively to help improve the situation for our customers.

The point of the presentation was that the argument for retaining emails because “we may need it if a customer calls and asks a question” or “what if there is confusion on a point of negotiation” may appear to be good reasons to keep email, but only for as short a period of time as is legally required.  This is not about covering up information, or being malicious in any way or form.  It is about the use of the existing structured, business process defined, transactional systems (e.g. ERP systems) to keep the historical record of account for the firm as opposed to allowing unstructured, unmonitored and fairly uncontrolled systems such as email to become the historical record of account.  Billions of dollars are spent defining business processes and then incorporating those processes into systems to ensure security, consistency and enforcement.  Companies place a huge emphasis on the editing and management of transactional information to ensure all the data ever needed to determine the details of a customer or supplier transaction are properly recorded and legal and ethical behavior is maintained.  There is an opportunity for all of us to work with our customers to help them begin thinking more about investing similar amounts of attention on email.

A few years ago I worked for a firm wherein a handful of individuals were involved in a price fixing scheme, using email to bypass existing system and negotiate the deals.  These emails became the basis for a set of crippling fines that put the firm into a tailspin.  Management quickly replaced any individual involved in the scheme, but ultimately these folks were caught because of the emails, and are now in jail or at a minimum out of the industry. 

More recently, it appears that poorly worded emails will play a role in the current investigations on Wall Street and I am sure there will be an investigation of all the emails for all the firms involved in the oil rig disaster still playing out in the Gulf of Mexico.  There is no denying email facilitates the speed of business, but when it becomes a tool to bypass existing corporate standard technology or business processes, then there is an opportunity to re-evaluate and re-align business processes and the technologies that support them.  The IT industry has the tools to help make this happen.  The opportunity is not sexy, but it is there in front of our faces.

An underlying theme is the implication for this problem in the world of collaboration.  Email is one of many forms of collaboration, but with any form of electronic collaboration, everything is recordable and quite possibly stored (internally, or in the cloud). As we begin to collaborate across a myriad of devices and mediums, the challenge for the industry will be to ensure that process integrity and sound business process rules hardwired into the customer’s transactional system are not unintentionally compromised or bypassed through the use of alternate technologies.

If, as an example, employee’s are bypassing the ERP system with email because the ERP system won’t “let me do something”, well, then work with your customer to ask why their ERP is wired that way. Help correct the flow in and around the ERP system to properly record what is right, and help the customer highlight that the firm really does not want the employee to “do something the other way”.   Proper process definitions in their SharePoint sites may be needed.  Or a fresh set of eyes on a more formal integration of the customer’s email environment with that company’s document retention policies could help deepen the relationship you have with your customer for years to come.

and, let them know, if their email inbox is too big, it does start to degrade performance too…!

Crowd Sourcing and Cloud Services

Recently we met with a firm that provides crowd sourcing for enterprise systems development.  Crowd sourcing as a concept has been around for a while but perhaps it is about to take another step in its maturation cycle.  The reason we think this is because of the acceleration in the wider acceptance and usage of cloud services. 

IT management has already gone through a maturation of its requirements and specifications processes.  Any weakness in their internal development process was exacerbated with the advent of offshoring.  If your specs were not high quality when you offshore’d your project, you could be assured you would get back a poor quality solution.  So, firms have improved substantially in their requirements definition and specifications processes.  That evolution could now pay dividends in the crowd-sourcing environment, since the enterprise can place those specs in a crowd sourcing development environment and can expect a high quality product in return.  Now with the advent of cloud computing, the cultural acceptance of using crowd sourcing becomes more acceptable if we were to consider crowd sourcing as a cloud service. (For those of you with a religious commitment to the definition of “cloud services”, you may want to stop reading here.  We recognize we are stretching the definition, but if Mother Nature can stretch volcano ash across Europe and shut down air-traffic for 5 days, we figure we can stretch the definition of the sacrosanct phrase “cloud services” for this post!)

The crowd sourcing platform, conceptually, is another cloud service in the arsenal of weapons that an IT leader now has at her disposal to provide high-quality/low-cost solutions to her enterprise customers.  You could take this situation and stretch it into an argument for the business user to go straight to the cloud, bypassing IT, but I don’t buy that portion of the argument.  (Any organization that allows its business users to bypass its own IT organization to provide an IT solution should look in the mirror with regards to how they are managing and utilizing IT).

Anyway, there is clearly an opportunity here for crowd sourcing to take the next step in utilization.  Combining that service with other cloud services (Infrastructure as a service, for example), can lighten the IT CAPX load even further.  “Application development as a service” environments in the cloud can benefit not only from enterprises who use them today, but could be the shared environment for heterogeneous development environments that utilize portions of the cloud for development and crowd sourcing and their own internal teams tomorrow. 

Westcon has been utilizing the Amazon cloud for almost a year now, both as its storage as a service solution and its elastic computing environment.  We have been quite successful in utilizing it for application development.  We can spin up new environments quickly, and working with our offshore partners, it is quite cost-effective.  Now the question is, how can IT leaders take that platform, and expand the number of development resources to speed up delivery time and reduce costs through the use of crowd sourcing on a cloud service platform.

As IT becomes more comfortable in these mixed environments,  IT can focus on higher business value initiatives such as business process optimization and delivery of optimal business solutions that can give their organization a competitive advantage.  To me, the benefit of cloud services and crowd sourcing is not just the agility and cost effectiveness it affords IT, but how the enterprise transforms its IT organization to focus more on competitive advantage and value add for its own customer base and the markets in which they compete.

Business Process in the Cloud

Westcon is going through the a migration from an in-house Exchange environment to a cloud service, provided by Microsoft, as part of their BPOS offering. From time to time we will share our progress, starting with this posting.

No IT shop is perfect.  We share below the trials and tribulations at Westcon to hopefully help you make sure you grow from our experiences.  That’s part of Westcon’s mantra – help our customers succeed through every avenue possible.  And that includes Westcon’s commitment to being on the cutting edge of many of these technologies – we experience it first, in order to help our customers (and their end users) achieve success faster and more profitably.  So, I will open the kimono here a bit about Westcon in the hope that it help you learn from our experiences.

Westcon was originally a Lotus Notes shop, and a few years ago we migrated to Exchange.  At the time, it appeared to make sense to replicate business processes on the Exchange environment in a similar manner to how those business processes functioned under Notes.  This approach had a negligible negative impact on performance since the servers were local.  There were some shared workspaces with inherent workflow with few storage limitations.  People did not notice the negative impact on performance in an Exchange environment when you tried to make Exchange act like Notes. 

I am not going to get into a discussion of Notes over Exchange.  I think Notes was, and is, one of the more misunderstood technologies.  Notes is so much more than messaging.  I am actually old enough to remember a distant past when you didn’t even use Notes for “email”, there were other tools use for messaging. And, Notes is one of the most powerful collaboration/database technologies out there, when used properly.  Exchange too is an excellent technology.  A world class messaging platform.  But, Notes is not Exchange and Exchange is not Notes. 

Why is this important when migrating to the cloud?  Simply put, once the servers are in the cloud, performance of the servers was trumped by bandwidth and latency.  And now, what was an “imperceptible, but somewhat unnatural use of Exchange” became a perceptible problem.  There is nothing wrong with the cloud service, and there is nothing wrong with the platform.  The challenge is identifying the most effective technology to support a particular business process.  So, although Westcon has successfully migrated 85% of its employees to the Exchange environment, there are a handful of shared mailboxes that have performance problems when put in the cloud.  These shared mailboxes should, and will, be migrated to alternative platforms (e.g. Sharepoint) in order to allow the software that supports those business processes to function appropriately and perform acceptably. 

Ironically, Westcon has a parallel project underway that is globally mapping each business process for the firm.  This “touchmap” project will be covered in detail in a later post, but the project has produced significant savings for Westcon globally, and once we pointed the projects attention towards the abovementioned shared mailbox problem, the touchmap team helped us identify the end to end process, implications and solutions, very quickly.

Here’s the point – when migrating to cloud services, it’s not simple.  Even though you may be using the exact same piece of software, except now its “just in a cloud”, the conversion must be considered as you would the introduction of any new piece of technology – no matter how familiar you are with the underlying platform.  Our experiences clearly indicate that any technology introduction or migration is best tested through an impact analysis on business processes.  The migration of the technology to the cloud is the easy part, the more difficult part is the quantifiable assessments of business impact associated with the migration.  Hopefully anyone having read this far realizes the explosion in business advisory and consulting services that must now accompany any cloud services migration. The conversion to the cloud requires a deep understanding of the target company’s business processes.  Many organizations have been able to avoid doing this type of work in the past, since everything was controlled within their own 4 walls.  But now they can’t necessarily mitigate business process disruption through sheer IT brute-force.  Now companies must really OWN their business processes.  They need to understand how their business flows, in detail, in order to successfully achieve all the savings that cloud services dangle in front of their eyes.  Many end users will require help in nailing down those process definitions.

Needs Based Segmentation

These past few weeks we have spent a considerable amount of time with customers and vendors discussing segmentation, more specifically needs-based segmentation, and how this can create more profitable business relationships. At the turn of the century (feels funny writing that, by the way), I was working as a partner in a firm called “The Peppers and Rogers Group”. Don Peppers and Martha Rogers had written a series of papers and books that became the cornerstone of what then was called “One to One Marketing”. The company focused on the concept that it is more profitable to grow the customers you have than to continuously hunt for new customers.  We thought it of value to introduce some of their concepts, but tailored to the B2B Technology Resellers, Service Providers, Systems Integrators and other Westcon Partners that read this blog.

One of the key aspects is the concept of needs based segmentation. Whether your customers are B2C customers or in the case of Westcon and our customer base – B2B customers – there is a continuous requirement to understand, track and manage your business based on customer needs. Truly understanding customer needs can lead you past what they are telling you, and put you in the position to solve your customer’s problems before they occur. This creates loyalty, profits, and a torrent of innovation.

Technology distributors, resellers and other members of the industry are using these concepts today. Maybe I can articulate this with an example – One of your customers has a need for a piece of technology. Let’s oversimplify and say it’s a router. It is all very good to satisfy that need. Deliver the router at the right time, right price, etc. What is important, over and above the transaction, is to understand the drivers behind the need for a router. These needs can be strategic (the customer is actually deploying a global MPLS network) or tactical (one of their routers is end-of-life and they need a new one) or personal (the customer’s purchasing manager is trying to show her boss how she can do the transaction more efficiently than her predecessor).

The trick with needs-based-segmentation is to truly understand the underlying drivers that came together, looking like a transaction for a router.  The idea is to create a series of conversations (phone, email, surveys) that help you understand more of the key strategic, tactical and/or personal decisions that drove the router purchase, and more importantly, drove the router purchase through you.  The more information you have regarding the drivers to the decision, the closer you are to understanding the customer’s needs.  Satisfying your customer’s needs will lead to a deeper more profitable relationship.  There is a tremendous amount of research available that shows how satisfying customer needs increases profitability – it is usually collected as “loyalty”.  Any good sales person lives by the above.

Understanding and satisfying needs are one thing.  Being able to aggregate, analyze and act upon common needs across your customer base is the challenge.  The simplest, and fastest, approach is to brainstorm internally on what these needs are first, using your best sales team to build a framework of needs.  Then using the framework as a proxy, begin to categorize potential deals from your CRM system.  This is definitely the short cut approach.  The more analytical approach would be to create a series of survey’s that ask a few simple questions (Don and Martha called it “drip irrigation”) to identify what are the common, underlying motives (needs) that drove some recent transactions.  In addition, break the survey into newer vs. long-standing customers to understand why they are with you, with the idea being to uncover the needs that your organization has been satisfying already for these firms.

There is a lot more to this.  Once you understand and have collated customers around needs based groups, begin to work out the messaging such that your customer clearly understands how your organization can meet that customer’s needs.  Understanding customer needs will help drive messaging.  Properly attaching customers to proper needs groups will help you determine the content and media you should be using for your interactions with that customer.  It may look to that customer as if you have prepared a special communications stream specifically for that customer, when in fact, you did create the messaging to address the needs of the segment that customer belongs to.  This keeps your messaging costs down.  In addition, understanding the value of the customer, and what needs segment(s) they belong to, will in the end help drive how much more (or less) you should be spending on your interactions with each customer.  Basically, understanding and managing to customer needs will help drive messaging and become a key input towards managing profitability.

There is a number of smaller steps involved here, and we will touch upon all the key steps from a B2B perspective, but given the activity this week at Westcon on this topic, I thought it was a good time to mention it here.  As a distributor, Westcon has been helping customers to work through these issues.  As the financial crisis subsides, customers will begin executing more transactions as their willingness to invest grows.  We are committed to adding value through the belief that understanding needs will be one way to make sure that you are not just another partner who gives the lowest prices.  It will be more about the strategic partnership that you create with your customer, thereafter focusing more on meeting their needs strategically, tactically and at a personal level.

Cisco UCS

As some of you know, Westcon is in the midst of a data center consolidation effort.  We have two data centers, UK and US, and are consolidating them into one managed services center in Cincinnati, Ohio US. 

A major part of the consolidation is the migration to a completely new platform – Cisco’s UCS with EMC Clariions (CX4-480′s and CX4-120′s).   When appropriate, I will definitely post updates (good, bad, ugly, hilarious, scary) about the project.  We were one of the first (actually number 4, I think) to order the equipment and it was shipped this past summer (2009).

Where are we?  Working with Cisco’s AS team, our managed services data center partner (CBTS – Cincinnati Bell), EMC engineers and our own internal team, we stood the equipment up over the Fall of 2009, and put our first production applications on the new equipment December 2009.  We will complete the move in 2010.

We will definitely get into it as we go forward, but a couple of quick observations from a CIO/CTO perspective (as opposed to at a bit/byte/block level):

• Deployment was good – NIC pools, Clariion integration, and server provisioning was seemless.  It really was smooth and easy.
• The UCS Manager is really the sexiest part of the whole thing according to our engineers.  Having everything in one place is alot easier than what we previously had, and appears to be industry leading.  The team loves this thing.
• Truly stateless, the service templates really work. 

Along the way, we have had a few bumps (HBA challenges, Fiber Interconnect challenges), but so far less than I expected.  Sometimes they have been scary, but I have to give Cisco/EMC credit – they have been pretty responsive.  We have had some configuration issues which I believe are more due to being one of the first than to being really a systemic problem.  We had a few minor challenges when we stood the equipment up that were immediately addressed and have had one or two bugs appear since then, but they are addressed in a reasonable time by the relevant manufacturer.  We have the usual misery associated with software vendors who have not mastered licensing issues in the 21st century, ie they can’t give us a reasonable licensing model for a fully virtualized environment, but I will save my frustration on this issue for another post.  And, it is not specific to Cisco/EMC, though the technology really forces you to work through these issues if you want to really exploit the technology fully.  But I digress…

The cool thing here is that as a distributor of Cisco UCS, I really believe that our own employee’s can be some of the best, “tell the truth”, resources for our customers (resellers, service providers and systems integrators) who are working closely with their end-users on making these very complicated decisions.  Westcon is living it, and we have some brutally honest employees (believe me, as CIO, they tell me everyday how IT can be better! ).  This experience will benefit Westcon, but can simultaneously help our customers, which I think is great.

Westcon’s savings associated with moving to the new platform have yet to be truly realized, but all indications are that once we are fully migrated we will see all the expected benefits (financial and technological).  We already have started to see improvements in the applications that have been migrated, so everything is looking up.

Don’t misunderstand me, this is not easy.  People are killing themselves working around the clock, but the technology is helping us, doing what it was advertised for the most part. Data Center migrations are the types of decisions that put CIO’s out on the street.  So far, though, I think we are doing well.  The rewards will outpace the risks.  And, so far the UCS Technology is for real.  But stay tuned, as we hit our milestones (or run into hurdles) I will keep you posted.

New Zealand

We spent this past week meeting with CxO’s and IT leaders in the country of New Zealand.  As a country, New Zealander’s are considered on the forefront of using technology, and are a good indicator of what technologies will be taking the lead in the industry in the near future.  It also doesn’t hurt that the country is beautiful and the people are wonderful.

In every meeting, the key issues that came up were Cloud Services, Desktop Virtualization and Unified Communications.  The conversation on Cloud Services was focused on the management of the plethora of services that are arising every day, and how to create the most frictionless, integrated portfolio of services in an aggregated fashion.  Many of the folks are expecting  the distributor to play the key role in the distribution of cloud services.   And work in partnership with the resellers, service providers and systems integrators that focus on meeting customer needs.  Specifically, the role of Westcon is to provide services for our customers and not to compete with them to meet the needs of the end-user/enterprise.

In the area of Desktop Virtualization, New Zealand has real examples of real projects underway.  These projects have tangible, measurable, common-sense ROI that shows how the technology is being used to help the end-user enterprise reduce costs and provision desktops more efficiently.  These are not pilots, nor are they technology projects for technology’s sake.  They are desktop projects that meet the needs of the enterprise using the right technical approach.

In the area of Unified Communications, there are similar challenges with regards to getting the most out of the technology investments that have been made, and how can video play a larger role in the UC eco-system.  Not the larger telepresence-like systems, but the smaller desktop, point-to-point solutions.

New Zealand is clearly a country that leverages technology advances to the betterment of its enterprises.  And, in many examples, New Zealand is taking a lead role in how these technologies are being used.  We look forward to seeing more of what comes from this country that can be used as leading examples around the world.