Cisco - TABPI
Cisco - TABPI
Cisco - TABPI
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
VOLUME 20, NUMBER 21 n $6<br />
NEWSPAPER PERIODICALS<br />
NEWS & ANALYSIS<br />
Adding polish to<br />
Windows Server<br />
Microsoft mulls add-on<br />
technologies 7<br />
IBM banking on<br />
UML approval<br />
Version 2.0 could fuel<br />
new modeling tools 7<br />
PC makers look<br />
beyond desktop<br />
Acer, MPC take aim at<br />
server, storage space 12<br />
Anti-spam push<br />
picks up steam<br />
Microsoft, Symantec<br />
offer plans in D.C. 15<br />
2.6 kernel: More<br />
memory, storage<br />
Linux database users<br />
await new features 39<br />
GWEEK LABS REVIEW: State-of-the-art<br />
firewalls prevent the exploitation of<br />
Web application holes PAGE 47<br />
gWEEK LABS<br />
May 26, 2003<br />
From WEP<br />
to WPA<br />
and beyond<br />
What to consider<br />
when retooling 54<br />
OPINION TIMOTHY DYCK<br />
Seven years of<br />
perspective 52<br />
JOHN TASCHEK<br />
Product activation sends<br />
the wrong message 61<br />
Feds to open<br />
cyber-security<br />
ops center<br />
SUCCESS OF CENTER<br />
WILL HINGE ON HIRING<br />
OF HIGH-LEVEL LEADER<br />
Blue Titan<br />
unscrambles<br />
Web services<br />
Network Director<br />
taps XML 56<br />
Ultralight<br />
Actius excels<br />
at portability<br />
Keyboard, speed<br />
are trade-offs 59<br />
SUN, ORACLE STRENGTHEN ALLIANCE 36 N SERENA ACQUIRES TEAMSHARE 38 N CISCO UPGRADES SWITCHES 42 N ZYXEL BOOSTS ZYAIR SECURITY 58<br />
FOR DAILY TECH NEWS, ADDITIONAL REVIEWS AND MORE OPINION, GO TO IWEEK.COM<br />
By Dennis Fisher IN BOSTON<br />
and Caron Carlson IN WASHINGTON<br />
officials at the department<br />
of Homeland Security plan<br />
to announce this week the establishment<br />
of a national<br />
cyber-security<br />
center, which<br />
brings all the<br />
department’s<br />
information<br />
security assets<br />
under one umbrella,accord-<br />
Clarke:“The right<br />
person” is key.<br />
ing to people briefed on the plan.<br />
So far, however, no one has<br />
been named to head the center,<br />
and security experts warn that<br />
without a strong leader, the<br />
center will lack the muscle it<br />
needs to be effective.<br />
One of the main drivers be-<br />
[CONTINUED ON PAGE 16]
Editor in Chief Eric Lundquist<br />
Executive Editor/News Michael R. Zimmerman<br />
Director/Design Paul Schaffrath<br />
Director/eWEEK Labs John Taschek<br />
Managing Editor Sue Troy<br />
Executive Editor Stan Gibson<br />
Executive Editor/eWEEK Labs Deb Donston<br />
Technology Editor Peter Coffee<br />
NEWS<br />
News Editor Scot Petersen<br />
Deputy News Editor Chris Gonsalves<br />
Department Editor John S. McCright<br />
Online News Editor Rick Dagley<br />
Online Editor Shelley Solheim<br />
Senior Editors Jeffrey Burt, Caron Carlson,<br />
Dennis Fisher, Peter Galli,<br />
Paula Musich, Carmen Nobel<br />
Senior Writers Dennis Callaghan, Renee<br />
Boucher Ferguson, Evan<br />
Koblentz, Darryl K. Taft,<br />
Lisa Vaas<br />
Exec. Asst. to Editor in Chief Colleen Shanley<br />
gWEEK LABS<br />
Technical Director, West Coast Timothy Dyck<br />
Technical Director, East Coast Jim Rapoza<br />
Senior Analysts Henry Baltazar, Jason Brooks<br />
Cameron Sturdevant<br />
Technical Analyst Francis Chu<br />
Managing Editor Mary Stevens<br />
Senior Writer Anne Chen<br />
EDITORIAL PRODUCTION<br />
Deputy Managing Editor Debra Perry<br />
Deputy Copy Chief Jim Williams<br />
Senior Copy Editor Frederick Ricketts<br />
Production Designer Tara-Ann Fasulo<br />
ART DEPARTMENT<br />
Senior Art Director Stephen Anderson<br />
Senior Macintosh Artist Paul Connolly<br />
gWEEK<br />
Publisher Brian M. Gleason<br />
Business Manager John Dennehy<br />
Marketing Mary Zagrobelny,<br />
Group Marketing Director;<br />
Caroline Tilghman,<br />
Research Analyst<br />
Ad Traffic Howard Lubinger, Manager<br />
Production Manager Milena Emery<br />
ZIFF DAVIS MEDIA<br />
Chairman & CEO<br />
Robert F. Callahan<br />
Chief Operating Officer & CFO<br />
Bart W. Catalane<br />
Senior Executive Vice President, Publishing Operations<br />
Tom McGrade<br />
Executive Vice President & Editorial Director<br />
Michael J. Miller<br />
Executive Vice President, General Counsel & Secretary<br />
Gregory Barton<br />
SENIOR VICE PRESIDENTS<br />
Jasmine Alexander (Technology & Sales Operations)<br />
Derek Irwin (Finance)<br />
Charles Mast (Circulation)<br />
Sloan Seymour (Enterprise Group)<br />
Dale Strang (Game Group)<br />
Jason Young (Internet)<br />
VICE PRESIDENTS<br />
Ken Beach (Corporate Sales)<br />
Tim Castelli (PC Magazine Group)<br />
Charles Lee (Integrated Media)<br />
Aimee D. Levine (Corporate Communications)<br />
Jim Louderback (Editor in Chief, Internet)<br />
Eric Lundquist (Editor in Chief, eWEEK)<br />
Bill Machrone (Editorial Development)<br />
David Mullen (Controller)<br />
Beth Repeta (Human Resources)<br />
Tom Steinert-Threlkeld (Editor in Chief, Baseline)<br />
Stephen Sutton (Internet Audience Development)<br />
Stephen Veith (Publisher, CIO Insight)<br />
Senior Director, Manufacturing<br />
Carlos Lugo<br />
Director, International<br />
Christin Lawson<br />
eWEEK editorial staff members can<br />
be reached at (781) 938-2600 or<br />
(800) 451-1032, or via e-mail using the following formula: firstname_lastname@ziffdavis.com.<br />
For example: eric_lundquist@ziffdavis.com (Don’t<br />
use middle initials in address.)<br />
eWEEK®, PC Week®, PC Week Netweek®, PC Week Shoot-Out®,<br />
Spencer F. Katt® and Spencer F. Katt: Rumor Central® are registered<br />
trademarks of Ziff Davis Publishing Holdings Inc. Copyright (c) 2002 Ziff<br />
Davis Media Inc. All rights reserved. Reproduction in whole or in part<br />
without permission is prohibited. For permission to reuse material in this<br />
publication or to use our logo, contact Ziff Davis Media’s<br />
rights and permissions manager, Olga Gonopolsky, via email,<br />
olga_gonopolsky@ziffdavis.com; phone, (212) 503-<br />
5438; fax, (212) 503-5420. For reprints, contact Lori<br />
Noffz via e-mail, eweek@reprintbuyer.com; phone, (717)<br />
399-1900, Ext. 104. Printed in the U.S.A.<br />
FWEEK.COM<br />
THIS fWEEK<br />
find a weak point; build a firewall.<br />
It’s an ad hoc approach, but it’s the one corporate IT is following as it<br />
gropes its way to more secure Web computing. This week, eWeek Labs<br />
West Coast Technical Director Tim Dyck reviews three Web application<br />
firewalls designed to protect an extremely weak link in the Web infrastructure.<br />
And application holes are often exploited. Tim says the vendors tell<br />
him that customers come calling when they’ve failed a penetration test. The<br />
products he reviews are for critical servers and take a Draconian approach<br />
to security, eliminating access except by specifically allowed, or white-listed,<br />
entities. Tested were Sanctum’s AppShield 4.0,<br />
Teros’ Teros-100 APS 2.1.1 and Kavado’s InterDo<br />
3.0. Teros won Tim’s Analyst’s Choice award.<br />
Tim notes that we already have conventional<br />
firewalls, of course, and two of these can be<br />
used to create a demilitarized zone around<br />
a particularly sensitive server. Then you can<br />
add a Web application firewall and maybe<br />
a database firewall. The result is a firewall<br />
infrastructure that’s ripe for consolidation.<br />
Tim predicts this will happen, with such larger<br />
players as Check Point Software Technologies<br />
leading the way.<br />
Ah, security. We just can’t get enough. And if<br />
you listen to Richard Clarke, we’re not about<br />
L Tuesday,<br />
check out<br />
eWEEK’s online<br />
exclusive interview<br />
with<br />
Richard<br />
Clarke, former chairman of<br />
the President’s Critical Infrastructure<br />
Protection Board,<br />
and find out why he’s so criti-<br />
cal of the government’s<br />
cyber-security strategy.<br />
L Wednesday,<br />
join Cameron<br />
Sturdevant<br />
for<br />
an online<br />
walk<br />
through one of the latest<br />
patch management<br />
The NCC is expected to emerge<br />
from the DHS next month.<br />
to get enough of it from the Department of Homeland Security. Now that<br />
he has left the government, Clarke is very active on the speaking circuit.<br />
Dennis Fisher interviewed Clarke when he came to Boston last week and<br />
heard Clarke reiterate his call for a National Cybersecurity Center with<br />
direct access to the president.<br />
But if you look at the organizational chart, the NCC appears buried beneath<br />
levels of bureaucracy. Clarke has a point. For whatever reason, Clarke feels<br />
he was slighted when the DHS structure was created, so it’s hard to tell whether<br />
his critiques of the structure are objective or merely sour grapes.<br />
Finally, some good news: Microsoft has listened to customers. As Peter<br />
Galli reports, customers have told Microsoft that waiting three years for a<br />
major product upgrade is too long. So Redmond plans to deliver new technologies<br />
as incremental add-ons, “out of band” from the regular upgrade cycle.<br />
The first candidates, as Peter reports, are likely to be Network Attached<br />
Storage 3.0, Small Business Server 2003 and a version of Windows<br />
Server 2003 for AMD’s processors. Customers get to enhance the products<br />
at a pace of their own choosing. What’s not to like? ´<br />
Till next eWEEK, send your comments to stan_gibson@ziffdavis.com.<br />
products reviewed by eWEEK<br />
Labs, PatchLink Corp.’s<br />
PatchLink Update 4.0.<br />
dFriday, get your fix of tech<br />
rumors early:<br />
Eweek.com posts<br />
Spencer F. Katt’s<br />
Rumor Central<br />
column that night<br />
each week.<br />
MAY 26, 2003 n eWEEK 3
MAY 26, 2003<br />
CONTENTS<br />
NEWS&ANALYSIS<br />
7 Microsoft is thinking about<br />
strategies for future releases<br />
of Windows Server 2003.<br />
7 IBM eyes innovations that<br />
tap UML 2.0, which is up<br />
for a vote next week.<br />
12 Acer and MPC unveil servers<br />
and storage devices,<br />
moving beyond the desktop.<br />
12 Microsoft agrees to an<br />
intellectual property license<br />
with SCO.<br />
14 Startup Device IQ hopes<br />
to pick up where Thin-<br />
AirApps left off.<br />
15 Microsoft, Symantec and<br />
AOL join the anti-spam<br />
crusade.<br />
15 The SNIA expects major<br />
advances in communication<br />
among storage devices.<br />
16 Tools from Sunbelt are<br />
designed to speed analysis<br />
of network directories.<br />
18 The Buzz<br />
20 Nextel targets the enterprise<br />
with new push-to-talk<br />
and VPN services.<br />
22 BMC and Quest tools<br />
extend support for IBM’s<br />
DB2 database.<br />
22 Rendition’s TrueControl<br />
focuses on extensibility<br />
and administrative ease.<br />
24 Face to Face: VP Masters<br />
sees a bright future for<br />
Sun’s high-end servers.<br />
33 Security: The Department<br />
of Homeland Security is restructuring<br />
to give network<br />
safety a higher profile.<br />
36 Sun and Oracle strengthen<br />
their alliance in an effort<br />
to lower deployment costs.<br />
36 <strong>Cisco</strong> rolls out new and<br />
enhanced security management<br />
tools.<br />
37 CA’s and Veritas’ backup<br />
and restore tools link suites<br />
with other technologies.<br />
37 Swingtide and Blue Titan<br />
products take different paths<br />
to managing Web services.<br />
38 Serena gains collaborative<br />
technology through its<br />
acquisition of TeamShare.<br />
39 Storage: The forthcoming<br />
2.6 kernel will let Linux<br />
tackle big, enterprise-class<br />
database applications.<br />
41 Tadpole Computer’s first<br />
mobile workstation is fast<br />
and inexpensive.<br />
42 <strong>Cisco</strong>’s switch strategy<br />
focuses on upgrades<br />
and cost reduction.<br />
42 SPSS and SAS will<br />
expand Web tools’<br />
predictive capabilities.<br />
33<br />
fWEEKLABS<br />
54 Tech Analysis: WPA and<br />
802.11i will boost WLAN<br />
security, but IT staffs must<br />
weigh all options<br />
before retooling.<br />
55 REVIEW: Linksys’<br />
WRT55AG router<br />
offers new flexibility to<br />
organizations upgrading<br />
WLANs.<br />
56 REVIEW: Blue Titan sorts<br />
out Web services but<br />
needs better reporting.<br />
58 Pings & Packets: SOAP<br />
1.2 nears ratification; ZyXel<br />
adapter gains Aegis client;<br />
file size doesn’t matter for<br />
WinZip 9.0 beta.<br />
59 REVIEW: Sharp’s Actius<br />
SECURING<br />
WEB APPS<br />
47 Tech Analysis:<br />
New white-list<br />
approaches provide<br />
a higher level of<br />
security for Web<br />
applications.<br />
47 REVIEW: Kavado,<br />
Sanctum and Teros<br />
firewalls plumb<br />
HTML to lock down<br />
Web apps, but similarities<br />
end there.<br />
50 Case Study:<br />
AppShield has the<br />
Web app security<br />
prescription for<br />
Blue Cross and<br />
Blue Shield of<br />
Kansas City.<br />
redefines portability, but its<br />
keyboard is cramped.<br />
60 Tech Analysis: Storage<br />
World highlights basics<br />
and innovators.<br />
62 REVIEW: A Net Express<br />
update retools legacy apps<br />
for Web services.<br />
55<br />
OPINIONS<br />
3 This eWEEK: IT is using<br />
firewalls to protect weak<br />
links in Web infrastructures.<br />
26 Eric Lundquist: Lessons<br />
can be learned from older<br />
technologies.<br />
40 Peter Coffee: Statistics on<br />
sleep deprivation point to<br />
problems for employers.<br />
44 Editorial: Internet merchants<br />
should collect<br />
state sales taxes.<br />
44 Reader Mail<br />
45 Free Spectrum: Wellintentioned<br />
worms may be<br />
dangerous and illegal.<br />
52 Timothy Dyck: The driving<br />
forces of today’s IT spending<br />
will be here for a while.<br />
61 John Taschek: “Activation”<br />
aggravation is justified.<br />
66 Spencer F. Katt chuckles<br />
at a Freudian slip and<br />
toasts Chi-Town spirits.<br />
Clarke cover photo: Mark Alcarez<br />
47<br />
MAY 26, 2003 n eWEEK 5
16 SUNBELT<br />
TOOLS SPEED<br />
NETWORK<br />
DIRECTORY<br />
ANALYSIS<br />
20 NEXTEL<br />
SERVICES<br />
OFFER DIRECT<br />
ENTERPRISE<br />
CONNECTION<br />
24 SUN VP<br />
DISCUSSES<br />
FUTURE OF<br />
HIGH-END<br />
SERVERS<br />
NEWS&ANALYSIS<br />
Beyond Windows Server<br />
MICROSOFT PLOTS HOW TO IMPROVE THE PLATFORM OVER THE LONG HAUL<br />
By Peter Galli<br />
With windows server 2003just a month out of the<br />
gates, Microsoft Corp. is already looking at ways<br />
to deliver add-on technologies and wrestling with<br />
the issue of how to price these technologies.<br />
“There is some deep thinking and strong con-<br />
sideration going on inside the server team about how to best<br />
stage future releases and what the core elements of our<br />
strategy should be,” said Jay Jamison, director of product plan-<br />
ning for the Windows Server division, in Redmond, Wash.<br />
According to Jamison, one of the ways Microsoft intends<br />
to deliver some of that functionality<br />
is through an “outof-band”<br />
mechanism, where<br />
new technologies and tools<br />
are delivered between major<br />
server releases.<br />
Out-of-band technologies<br />
could range from tools and<br />
things such as the group<br />
policy management console<br />
to layered add-on services,<br />
such as the Real-Time Communications<br />
Server, he said.<br />
Sources close to Microsoft<br />
said the company is expected<br />
to release several out-of-band<br />
upgrades to Windows Server<br />
2003 this year, including an<br />
iSCSI initiator, Network<br />
Attached Storage 3.0, Small<br />
Business Server 2003, Windows<br />
Virtual Server and Windows<br />
Server 2003 for Advanced<br />
Micro Devices Inc.’s<br />
processors. When asked about<br />
the list, Jamison said, it<br />
“sounds about right.”<br />
Thompson: “Innovation does not<br />
have to wait for major releases.”<br />
When it comes to largeenterprise<br />
customers, some<br />
are willing to pay for additional<br />
technology rather than<br />
have it built into the core<br />
operating system.<br />
“We like the idea of being<br />
able to choose what functions<br />
we want to install on top of<br />
the operating system. In<br />
some ways, it would be less<br />
problematic than having all<br />
of this built into the core kernel,”<br />
said Jeff O’Dell, vice<br />
president of archi-<br />
tecture for health benefits<br />
provider Cigna<br />
Corp., in Bloomington,<br />
Conn. “But, on<br />
the other hand, if<br />
functionality is already<br />
built into the<br />
operating system, we<br />
can just turn it on if we<br />
want.”<br />
Jamison said the majority<br />
of new functionality made<br />
available through the out-of-<br />
Developers expect nod<br />
for UML 2.0 standard<br />
By Darryl K. Taft<br />
The object management<br />
Group will meet in Paris<br />
next week to vote on Version<br />
2.0 of Unified Modeling<br />
Language, a language that<br />
supports analysis and design<br />
in a variety of tools and promises<br />
to open new horizons<br />
for developers.<br />
The first UML 2.0 specifications<br />
were adopted as OMG<br />
standards in March—covering<br />
Infrastructure, Object<br />
Constraint Language and Dia-<br />
33 DHS<br />
REORGANIZES<br />
TO GIVE NET<br />
SAFETY HIGH-<br />
ER PROFILE<br />
band process will be things<br />
that customers can download<br />
and use freely.<br />
“In some cases, there will<br />
be new technologies made<br />
available through this process<br />
that may require an enterprise<br />
server to run or could<br />
require a Windows [Client<br />
Access License] or the like,<br />
but we have not made any<br />
final decisions on this,” Jamison<br />
said.<br />
‘We like the idea of<br />
being able to choose<br />
what ... to install on top<br />
of the operating system.’<br />
—JEFF O’DELL<br />
Dan Kusnetzky, an analyst<br />
for International Data Corp.,<br />
in Framingham, Mass., said<br />
Microsoft is trying to uncou-<br />
[CONTINUED ON PAGE 10]<br />
gram Interchange Protocol. A<br />
fourth specification, Superstructure,<br />
is expected to be<br />
voted on at the meeting next<br />
week, completing the recommendation<br />
process for the latest<br />
UML version.<br />
Few developers will be looking<br />
forward to UML 2.0 more<br />
than IBM. Sridhar Iyengar, a<br />
Distinguished Engineer with<br />
IBM, in Raleigh, N.C., and a<br />
member of the OMG Architecture<br />
board, said IBM<br />
[CONTINUED ON PAGE 10]<br />
MAY 26, 2003n eWEEK 7
NEWS&ANALYSIS<br />
LATE NEWS<br />
Microsoft tape<br />
backup flaw found<br />
MICROSOFT OFFICIALS LATE LAST WEEK CONfirmed<br />
they are investigating reports that<br />
tape backups made with Windows<br />
Server 2003 cannot be read by older<br />
versions of the operating system.The<br />
problem lies within Windows’ built-in<br />
NTBackup program.The 2003 version<br />
writes 64KB blocks while older versions<br />
use 32KB,industry analysts said.Thirdparty<br />
backup programs that do not use<br />
NTBackup.exe are not affected.<br />
E-mail scam targets<br />
Citibank customers<br />
ANOTHER BANK-RELATED E-MAIL SCAM<br />
began circulating last week,this one targeting<br />
users of a money-transfer service<br />
owned by Citibank.<br />
The fraudulent e-mail attempts to lure<br />
customers of the c2it money-transfer service<br />
into divulging user names,passwords<br />
and credit card numbers.The message<br />
appears to be from c2it customer service<br />
but is actually from a Hotmail account.<br />
The e-mail arrives with the subject line,<br />
“Your account is on hold.”<br />
Salesforce offers<br />
‘keys’ to CRM system<br />
SALESFORCE.COM IS PLANNING TO SHORE UP<br />
its application integration capabilities<br />
with a new developer’s tool kit called<br />
Sforce,which the company will<br />
announce next week.The hosted CRM<br />
services provider is partnering with<br />
Microsoft,BEA,Sun and Borland for the<br />
offering,which will give developers the<br />
“keys”to the Salesforce.com system,<br />
exposing code,system intricacies and<br />
database key indices.The hosted service<br />
will support Web services integration<br />
with other applications and be preconfigured<br />
for use with development tools<br />
such as Microsoft’s Visual Studio .Net<br />
and Borland’s JBuilder.Sforce should be<br />
available June 3.´<br />
10 eWEEK n MAY 26, 2003<br />
WINDOWS SERVER 2003 FROM PAGE 7<br />
ple updates from the basic release of<br />
the platform itself. But the challenge<br />
was the business, licensing and pricing<br />
model under which these were<br />
released.<br />
“That is not clear at this point. Will<br />
end users have any idea what the total<br />
cost of operation will be if every now and<br />
again Microsoft changes the prices on<br />
some functions?” Kusnetzky asked.<br />
Dave Thompson, corporate vice<br />
president of the Windows Server Product<br />
Group at Microsoft, said out-of-band<br />
releases are effectively part of Windows<br />
Server. “Innovation does not<br />
UML FROM PAGE 7<br />
researchers are looking into several innovations<br />
using the new specification.<br />
IBM will be looking to build a UML<br />
profile for testing. This work will lead<br />
to “using modeling not just for analysis<br />
and design but for testing,” Iyengar<br />
said. “We expect this technology will<br />
become a standard,” he said.<br />
IBM’s approach to modeling signals<br />
a race with Microsoft Corp., which is<br />
warming up to the OMG for similar purposes.<br />
Microsoft will support modeling<br />
in its upcoming Jupiter e-business suite,<br />
which will compete with IBM’s Web-<br />
Sphere.<br />
Iyengar said IBM is also looking to<br />
provide support for modeling business<br />
rules and add business modeling standards.<br />
The OMG has a business rules<br />
working group to which IBM has submitted<br />
a paper describing its work.<br />
“But this is in the early stages,” Iyengar<br />
said. Standards in these areas are<br />
expected next year, he said.<br />
In addition to its use of the MDA<br />
(Model Driven Architecture) specification,<br />
IBM is pushing toward a new<br />
area, which Iyengar calls Model Driven<br />
Business Integration, while the company<br />
also has a focus on model-driven tool<br />
integration and model-driven application<br />
development, he said.<br />
MDA allows developers to design,<br />
build, integrate and manage applications<br />
throughout the life cycle while separating<br />
technology and business concerns,<br />
Iyengar said.<br />
EMF (Eclipse Modeling Framework)<br />
is the glue that holds together IBM’s<br />
modeling strategy. “EMF is the technology<br />
that unifies the world of model-<br />
have to wait for major releases,” Thompson<br />
said.<br />
Jamison suggested that a Windows<br />
Server release in the “Longhorn” client<br />
time frame, expected to ship in early<br />
2005, is not likely. He did say that “Blackcomb,”<br />
the major Windows release following<br />
Longhorn, could be expected in<br />
a time frame “roughly similar to how<br />
we’ve done it before [three years].”<br />
Jamison said this release will extend<br />
the underlying security work in Windows<br />
Server 2003 and build on the work<br />
already done in .Net Framework and Universal<br />
Description, Discovery and Integration<br />
in Server 2003. ´<br />
Modeling at IBM<br />
�Being implemented in all major<br />
brands: Rational,WebSphere,DB2<br />
and Tivoli,with Lotus to come<br />
�Modeling used for tools integration,application<br />
development,data<br />
warehouse management and Web<br />
services<br />
�Moving from MDA to Model Driven<br />
Business Integration<br />
�Mapping UML to Business Process<br />
Execution Language<br />
ing in WebSphere and DB2,” Iyengar<br />
said. “The use of EMF will increase<br />
within IBM and externally,” among<br />
members of the IBM-sponsored<br />
Eclipse.org organization, which oversees<br />
the Eclipse open-source development<br />
platform, he said.<br />
“I was at an IBM Web services meeting<br />
in Atlanta recently, and it is clear they<br />
are with the [modeling] program,” said<br />
Tom Henner, a principal with BankHost<br />
Inc., an Atlanta-based banking company<br />
that has used modeling to develop a<br />
browser-based international banking<br />
application. “BankHost developed its<br />
application using IBM’s Rational Rose<br />
for UML modeling,” Henner said.<br />
In a report on IBM’s modeling strategy,<br />
Aberdeen Group Inc. analyst Tim<br />
Sloane, in Boston, said: “For competitors,<br />
the fact that IBM has made modeling<br />
central to its go-to-market model<br />
for both IBM Global Services and IBM<br />
products should give them pause for<br />
consideration. Is your company positioned<br />
to implement a similar plan?” ´
NEWS&ANALYSIS<br />
Acer, MPC set server<br />
sights on enterprise<br />
OFFERINGS TO INCLUDE RACK-MOUNTED SYSTEMS<br />
By Jeffrey Burt<br />
Acer america corp. is<br />
looking to expand beyond<br />
PCs and laptops and reestablish<br />
itself in the more<br />
lucrative server and storage<br />
space with new rack-mounted<br />
systems and storage devices.<br />
The Altos R300, a rackmounted<br />
1U (1.75-inch)<br />
server, is a one-way system<br />
powered by Intel Corp.’s Pentium<br />
4 chip running at speeds<br />
up to 3.06GHz, said officials<br />
Acer’s Altos R300 rack-mounted<br />
server runs on Pentium 4 chips.<br />
at the San Jose, Calif., company.<br />
The unit, due this week,<br />
is priced starting at $1,600 and<br />
is targeted at midsize companies,<br />
although officials said<br />
several servers can be tied<br />
together into a Linux cluster<br />
to deliver high-performance<br />
capabilities.<br />
The company this summer<br />
will add to that line the 2U<br />
(3.5-inch-high), two-way<br />
R700, based on Intel Xeon<br />
chips.<br />
Later this year or early<br />
next year, Acer will ship the<br />
Altos S300 and S700 storage<br />
devices, officials said.<br />
Acer’s parent company<br />
sells the systems in Europe<br />
and Asia, but this will be the<br />
first time the company’s rackmounted<br />
and storage devices<br />
are introduced to North<br />
America.<br />
The moves represent a<br />
growing trend among PC<br />
12 eWEEK n MAY 26, 2003<br />
makers, including Gateway<br />
Inc. and MPC Computers<br />
LLC, to branch out beyond the<br />
desktop.<br />
According to some IT<br />
administrators and industry<br />
observers, it is not yet<br />
clear whether the companies<br />
can grow beyond their<br />
installed base of PC customers.<br />
“We’re running all of our<br />
mission-critical stuff on our<br />
[Dell Computer Corp. and<br />
Compaq]<br />
servers,” said<br />
Roy Cashman,<br />
CIO for RUAN<br />
Transportation<br />
Management Systems<br />
Inc., in Des Moines,<br />
Iowa. “We would not take a<br />
chance on a niche player ...<br />
who didn’t have a market<br />
presence.”<br />
But that installed base<br />
could be the place to establish<br />
a presence. The State Journal-<br />
Register, a Springfield, Ill.,<br />
newspaper, has been an MPC<br />
PC customer for almost four<br />
years.<br />
Based on that history, the<br />
paper this year began buying<br />
servers from the Nampa,<br />
Idaho, company and will consider<br />
its storage equipment<br />
when the need arises.<br />
MPC last week rolled out<br />
its first two storage offerings,<br />
the DataFrame 310fc Fibre<br />
Channel product and a SCSI<br />
counterpart, the 310s.<br />
“From this point on, it’s virtually<br />
100 percent MPC in<br />
this building,” said Terry Claypool,<br />
IS operations manager.<br />
“They work very hard<br />
to keep our business, both<br />
with price and service.” ´<br />
Microsoft covers back<br />
with SCO Unix license<br />
By Peter Galli<br />
The crusade by the sco<br />
Group to protect its Unix<br />
intellectual property took<br />
an unexpected turn last week<br />
when Microsoft Corp. said it<br />
was licensing the Unix source<br />
code and patent from the<br />
company.<br />
“SCO approached us a couple<br />
of months ago, and they<br />
had a valid IP claim, and, as<br />
we do quite regularly, we<br />
agreed to a broad IP license<br />
with SCO and as such have<br />
stepped out of the fray,” said<br />
Alex Mercer, a Microsoft<br />
spokeswoman, in Redmond,<br />
Wash.<br />
In the last month, SCO,<br />
of Lindon, Utah, has made a<br />
number of moves, charging<br />
that IBM, Linux and many<br />
of SCO’s own customers are<br />
violating SCO’s Unix IP.<br />
Mercer said it was not<br />
Microsoft’s intent to exploit the<br />
IP license as a way to fund<br />
SCO’s campaign against IBM<br />
and Linux—which SCO is<br />
suing for $1 billion—and<br />
against Linux. “There is<br />
absolutely no correlation<br />
between the IBM suit and our<br />
IP license with SCO,” she said.<br />
Furthermore, Microsoft’s<br />
agreement is not an admission<br />
that the company and its<br />
Services for Unix product violated<br />
SCO’s IP but rather is<br />
a pre-emptive move to avoid<br />
possible complications, said<br />
Mercer. Details about the<br />
financial value and conditions<br />
of the Microsoft-SCO deal are<br />
confidential, and Mercer<br />
declined to say whether<br />
Microsoft is contemplating<br />
other deals with SCO.<br />
As for SCO, its legal moves<br />
are not sitting well with some<br />
customers. “More and more,<br />
it looks like SCO is just<br />
scratching the sides of the<br />
well as they plummet to their<br />
death,” said one SCO user,<br />
who requested anonymity.<br />
A Unix/Linux programmer<br />
in Boston also questioned<br />
whether Microsoft really<br />
needed another Unix license<br />
given that it held one of the<br />
original ATT Unix licenses, the<br />
same one Sun Microsystems<br />
Inc. has. Microsoft’s Mercer<br />
declined to comment.<br />
But Chris Sontag, senior<br />
vice president and general<br />
manager for SCO’s intellectualproperty<br />
division, said the<br />
licensing deal ensured Microsoft’s<br />
intellectual-property compliance<br />
across all Microsoft<br />
solutions and will better enable<br />
Microsoft to ensure compatibility<br />
with Unix and Unix services.<br />
“There are many companies<br />
in the IT industry who<br />
acknowledge and respect the<br />
intellectual property of software,”<br />
said Sontag. “Microsoft<br />
is showing the importance<br />
of maintaining compatibility<br />
with Unix and Microsoft’s<br />
software solutions.”<br />
The Open Source Initiative<br />
last week hit back, updating<br />
its attack against SCO. OSI,<br />
a nonprofit educational association<br />
with offices in Palo Alto,<br />
Calif., is one of the principal<br />
advocacy groups for the opensource<br />
community. In a position<br />
paper, OSI argues that<br />
an SCO victory could do serious<br />
damage to the open-source<br />
community. “SCO’s implication<br />
of wider claims could turn<br />
Linux into an intellectualproperty<br />
minefield, with potential<br />
users and allies perpetually<br />
wary of being mugged by<br />
previously unasserted IP<br />
claims,” it said. ´
NEWS&ANALYSIS<br />
FRONT OFFICE<br />
Oracle enhances<br />
Sales application<br />
ORACLE LAST WEEK RELEASED<br />
Version 11.5.9 of its Oracle Sales<br />
application, with several new<br />
enhancements designed to help<br />
salespeople.<br />
The enhancements include<br />
a new application called Oracle<br />
Proposals, which generates personalized<br />
sales proposals from<br />
templates. These proposals can<br />
then be tracked and monitored<br />
for effectiveness.<br />
This release also supports<br />
tighter integration with Oracle’s<br />
Order Management applications,<br />
allowing sales representatives<br />
to check customers’<br />
credit histories during the<br />
quoting process.<br />
The software is available now<br />
with suite and component pricing<br />
models.<br />
The next version of the software,<br />
11.5.10, expected in nine<br />
months to a year, will add new<br />
capabilities for collaborative<br />
selling and partner relationship<br />
management, officials said.<br />
—Dennis Callaghan<br />
STANDARDS<br />
OASIS ratifies<br />
UDDI specification<br />
THE ORGANIZATION FOR THE<br />
Advancement of Structured<br />
Information Standards last week<br />
announced the ratification of<br />
Universal Description, Discovery<br />
and Integration Version 2 as an<br />
OASIS open standard.<br />
UDDI, the most broadly supported<br />
Web services standard,<br />
allows users to publish, find and<br />
use Web services.<br />
OASIS officials said members<br />
of the OASIS UDDI Specification<br />
Technical Committee include<br />
Computer Associates International,<br />
Fujitsu, IBM, Iona<br />
Technologies, Microsoft, Novell,<br />
OpenNetwork Technologies,<br />
Oracle, SAP, SeeBeyond Technology,<br />
Sun Microsystems, Tata<br />
Consultancy Services and others.<br />
—Darryl K. Taft<br />
14 eWEEK n MAY 26, 2003<br />
Handheld applications redux<br />
DEVICE IQ SHUNS<br />
MIDDLEWARE FOR APPS<br />
By Carmen Nobel<br />
Ateam of engineers and<br />
developers from Palm<br />
Inc.’s ill-fated enterprise<br />
software group this fall will<br />
launch a company that will aim<br />
to create more enterprise applications<br />
for more devices than<br />
their previous employer.<br />
To do it, Device IQ Inc. is<br />
avoiding a generic<br />
middleware platform<br />
in favor of customizing<br />
applications for<br />
companies.<br />
“There is an enormous<br />
lack of good<br />
device-side software,”<br />
said Bob Pascazio,<br />
president of Device<br />
IQ, in New York. “So<br />
there is some work we Palm<br />
are doing on mobile<br />
embedded systems—<br />
that are not Palms or<br />
phones—that do not<br />
have an OS but communicate<br />
to a PC periodically<br />
through USB<br />
[Universal Serial Bus]<br />
or Bluetooth.”<br />
Pascazio declined<br />
to name the devices<br />
for which Device IQ<br />
will be designing software<br />
because many of them have yet<br />
to be released, but he said<br />
the company is working on<br />
applications for existing hardware,<br />
too. “We are also writing<br />
some sophisticated client-side<br />
applications on phones, Palms<br />
and Pocket PCs,” he said. “Also<br />
for PDAs we have a Web site<br />
deal, similar to Vindigo [Inc.’s]<br />
offering.” Vindigo creates<br />
Web-based, location-based<br />
applications for several handheld<br />
platforms.<br />
Pascazio was a lead devel-<br />
oper at ThinAirApps Inc., a<br />
company that Palm bought<br />
in December 2001 to create a<br />
wireless middleware platform<br />
for its Tungsten handheld line,<br />
which is aimed at corporate<br />
users. At the time, Todd Bradley,<br />
then chief operating officer<br />
of Palm, called the acquisition<br />
“a linchpin of our longterm<br />
enterprise and wireless<br />
strategies.” But Palm nixed the<br />
plans for the middleware,<br />
Wavering on wireless<br />
Microsoft Corp.<br />
� 1998 Co-founds Wireless Knowledge Inc.<br />
� 2000 Announces initial plans for Microsoft<br />
Mobile Information Server, which will compete<br />
with Wireless Knowledge<br />
� 2001 Sells off Wireless Knowledge stake<br />
� 2002 Announces phaseout of MMIS<br />
� Early 2001 Announces plans to buy<br />
Extended Systems Inc.; nixes the plans a few<br />
months later<br />
� Late 2001 Announces acquisition of<br />
ThinAirApps<br />
� 2002 Announces Tungsten line of handhelds<br />
and accompanying middleware based<br />
on ThinAirApps technology<br />
� 2003 Reveals that it will not release middleware<br />
for Tungsten<br />
dubbed Tungsten MIMS<br />
(Mobile Information Management<br />
Server), a couple of<br />
months ago, saying it no<br />
longer fits its focus.<br />
Life at Palm after the Thin-<br />
AirApps acquisition was frustrating<br />
up until Palm shut<br />
down the New York office in<br />
March, Pascazio said. “We had<br />
Tungsten MIMS Version 1.8<br />
almost out the door,” he said.<br />
“It was an amazing product. It<br />
worked on the Tungsten T with<br />
Bluetooth to a GPRS [General<br />
Packet Radio Service]<br />
phone, worked on the Tungsten<br />
C, Tungsten W, et cetera.<br />
It had full groupware support<br />
for Exchange, Domino,<br />
IMAP. They dumped the<br />
whole thing.” Palm officials<br />
said the company’s future software<br />
plans are based on partnerships<br />
with large software<br />
companies and carriers, which<br />
like to choose their own backend<br />
software.<br />
“Some of the ThinAir technology<br />
is still in use,”<br />
said Jon Oakes, senior<br />
director of business<br />
solutions at Palm and<br />
former CEO of Thin-<br />
AirApps, who works<br />
from his New York<br />
home now that Palm’s<br />
office there has closed.<br />
“Some technologies<br />
will be a part of the<br />
IBM WebSphere Everyplace<br />
Access suite.<br />
We were proud to be<br />
part of WEA Version<br />
4.3.”<br />
Explaining why<br />
MIMS was nixed,<br />
Bradley said in March,<br />
“In the enterprise<br />
arena, market conditions<br />
have caused us<br />
to rebalance our areas<br />
of emphasis.”<br />
Palm will still make client<br />
software. Oakes said: “We will<br />
continue to develop our own<br />
software solutions. But we<br />
intend to leverage software<br />
partners for most of our backend,<br />
connectivity-oriented<br />
solutions.”<br />
Palm has a history with IBM<br />
competitor BEA Systems Inc.<br />
In August, Palm announced<br />
plans to work with BEA and its<br />
WebLogic Server to develop<br />
what was to be the first Web-<br />
Logic Workshop control for<br />
handheld devices. ´
War on spam gains 2 allies<br />
MICROSOFT, SYMANTEC GO TO WASHINGTON TO PUSH NEW PRODUCTS<br />
By Caron Carlson IN WASHINGTON<br />
The anti-spam crusade is<br />
gaining momentum as<br />
industry players, including<br />
Microsoft Corp. and<br />
Symantec Corp., counter<br />
pending bills on Capitol Hill<br />
with legislative proposals of<br />
their own.<br />
To date, proposed ideas<br />
have covered a wide range<br />
of measures, from jail time<br />
for repeat spammers to a tiny<br />
charge on every piece of spam<br />
sent. The Senate is slated to<br />
sort through all the options<br />
and vote on one proposal<br />
before summer’s end.<br />
Microsoft, of Redmond,<br />
Wash., got into the act last<br />
week when company Chairman<br />
and Chief Software Architect<br />
Bill Gates called for Congress<br />
to create incentives for<br />
e-mail marketers to adopt best<br />
practices and become certified<br />
trusted senders. As part of<br />
the proposal, the Federal Trade<br />
Commission would provide<br />
a safe harbor for companies<br />
that join an FTC-approved selfregulating<br />
group. Legislation<br />
would require marketers to<br />
properly label their e-mail and<br />
would give ISPs the right to<br />
take spammers to court.<br />
Symantec suggested to lawmakers<br />
last week that legislation<br />
should focus on false<br />
labeling and require a physical<br />
address in commercial bulk<br />
e-mail. The Cupertino, Calif.,<br />
company, whose brand and<br />
products have been fraudulently<br />
peddled by e-mail, also<br />
asked Congress to give the<br />
FTC more resources to prosecute<br />
electronic fraud.<br />
For America Online Inc.,<br />
spam is the most important<br />
issue today, Ted Leonsis, AOL<br />
vice chairman, told the Sen-<br />
ate Commerce Committee<br />
last week. “There is raw anger<br />
that spam generates,” Leonsis<br />
said, adding that the government<br />
needs<br />
stronger tools to<br />
track down the<br />
most fraudulent<br />
offenders.<br />
Others maintain,<br />
however, that<br />
anger stems not<br />
only from fraudulent<br />
e-mail but<br />
also from the<br />
growing volume<br />
of unsolicited<br />
messages, to which ISPs contribute.<br />
Charging that AOL,<br />
of New York, operates its<br />
“own personal spam com-<br />
Schumer’s bill would give<br />
repeat spammers jail time.<br />
pany,” Ronald Scelson,<br />
owner of Scelson Online<br />
Marketing Inc., in Slidell,<br />
La., told lawmakers that<br />
some ISPs are<br />
filtering out<br />
legal messages<br />
if they receive<br />
one complaint,<br />
driving bulk<br />
e-mailers to<br />
forge addresses.<br />
Calling himself<br />
“the most<br />
hated person” at<br />
the hearing,<br />
Scelson said he<br />
sends as many as 180 million<br />
e-mail messages every day<br />
and that it takes him less<br />
than 24 hours to thwart an<br />
NEWS&ANALYSIS<br />
ISP’s spam filters.<br />
The industry approaches,<br />
which urge Congress to preempt<br />
state anti-spam laws, are<br />
largely consistent with the<br />
longest-standing anti-spam<br />
bill, the CAN-SPAM initiative<br />
sponsored by Sens. Conrad<br />
Burns, R-Mont., and Ron<br />
Wyden, D-Ore. CAN-SPAM<br />
would ban the use of false or<br />
deceptive headers or subject<br />
lines, require senders to provide<br />
users with an opt-out feature,<br />
and prohibit private<br />
rights of action.<br />
Consumer groups, and<br />
many state attorneys general,<br />
are calling on Congress<br />
to take a tougher approach.<br />
Sen. Charles Schumer, D-N.Y.,<br />
is sponsoring a bill that would<br />
establish jail time as a penalty<br />
for serious, repeat spammers<br />
and create a national<br />
“Do not spam” list. Sen. Mark<br />
Dayton, D-Minn., last week<br />
suggested that a small tax on<br />
e-mail would deter spam. ´<br />
Smarter storage on horizon?<br />
By Evan Koblentz<br />
For several years, users have clamored<br />
for more management features to be added<br />
to existing hardware. Now, a number of<br />
vendors are suggesting it’s better to build<br />
smarter hardware in the first place.<br />
In fact, technologies are under development,<br />
according to industry experts, that improve<br />
the way low-end RAID controllers communicate<br />
with drive clusters and that enable highend<br />
array intelligence to reside as objects in<br />
central servers.<br />
“The future of the storage industry looks<br />
just like the future of the rest of computing,”<br />
said John Webster, an analyst at Data<br />
Mobility Group Inc., in Nashua, N.H. “People<br />
build functions, express it in hardware or software,<br />
and [eventually] express it in more efficient<br />
ways of doing things.”<br />
On the low-end storage front, users in the<br />
future will be able to consolidate storage,<br />
move drives among controller units, replace<br />
failed parts and upgrade to new features—all<br />
among different vendors and without having to<br />
use backup data sets or remap every drive and<br />
volume, said Wayne Rickard, chairman of the<br />
Storage Networking Industry Association’s Technical<br />
Council and vice president of advanced<br />
technology at Seagate Technology LLC.<br />
Such interoperability will be facilitated by the<br />
Disk Data Format Provisional Working Group<br />
proposed this month by Adaptec Inc., Dell Computer<br />
Corp. and LSI Logic Corp., Rickard<br />
said. Creating the standards could take two years,<br />
said Rickard, in Scotts Valley, Calif.<br />
In high-end storage, object-based storage is<br />
also on its way to becoming a context-aware,<br />
native technology. For evidence, users can look<br />
to hardware such as EMC Corp.’s Centera and<br />
software such as IBM’s StorageTank.<br />
Instead of mapping logical units, numbers<br />
and zones directly between servers and<br />
storage, “with object-based storage, the devices<br />
are doing all this themselves,” said Mike<br />
Mesnier, co-chair of SNIA’s object storage<br />
devices working group and storage architect<br />
at Intel Corp.<br />
By this fall, the working group will complete<br />
its security and data sharing documents,<br />
said Mesnier, in Pittsburgh. ´<br />
MAY 26, 2003 n eWEEK 15
NEWS&ANALYSIS<br />
Network analysis: Fast and frugal<br />
SUNBELT TOOLS CUT<br />
COSTS, SPEED TASKS<br />
By Paula Musich<br />
Sunbelt software inc.<br />
hasdeveloped a pair of administrative<br />
tools that deliver<br />
fast, inexpensive analysis<br />
of directory and network protocol<br />
issues for administrators.<br />
The Clearwater, Fla., company’s<br />
directory reporting tool<br />
works across multiple directories,<br />
including those of<br />
Novell Inc., Microsoft Corp.,<br />
IBM and Sun Microsystems<br />
Inc., as well as any LDAPenabled<br />
directory. It reports on<br />
security, integrity and com-<br />
CYBER-SECURITY FROM PAGE 1<br />
hind the center is the need<br />
to improve the government’s<br />
incident-response and information-sharing<br />
capabilities,<br />
which have come under fire<br />
in both public and private sectors,<br />
said Richard Clarke, former<br />
special adviser to the<br />
president for cyber-security,<br />
who resigned earlier this year.<br />
That criticism is likely to continue<br />
unless the department<br />
can attract a well-known security<br />
expert to run the center.<br />
“The center will never<br />
become what it should be in<br />
terms of the national locus for<br />
policy unless there’s a nationally<br />
recognized and high-level<br />
person with high-level access<br />
in the administration,” Clarke<br />
said in an interview in Boston<br />
last week. “Because otherwise<br />
people will just consider it<br />
another bureaucratic organization.<br />
It’s very key that they<br />
get the right person; very<br />
key that person has access<br />
to the president, the homeland<br />
security adviser and<br />
homeland security secretary.”<br />
For others, however, such as<br />
16 eWEEK n MAY 26, 2003<br />
pliance in enterprise directories,<br />
officials said. The Directory<br />
Inspector tool, due this<br />
week, lets directory or system<br />
managers easily answer<br />
such questions as: Where<br />
are the users? Do some users<br />
have too many security privileges?<br />
Are there unused user<br />
accounts? Are there duplicate<br />
account names?<br />
“It is a management issue<br />
when you have multiple<br />
directories,” said Alex Eckelberry,<br />
president of Sunbelt.<br />
“For companies with that<br />
hodgepodge, to be able to report<br />
on them from a single<br />
view—this lets you distill<br />
security experts in the private<br />
sector, who have accused the<br />
government of failing to<br />
respond quickly to emerging<br />
security threats and of being<br />
difficult to deal with, the choice<br />
of a leader for the national center<br />
is not as crucial.<br />
“I don’t think it’s possible<br />
Clarke: New chief will need top access.<br />
for the government to have<br />
much of an effect. The government<br />
acts in a reactive<br />
fashion,” said Eric Stromberg,<br />
senior electrical engineer at<br />
The Dow Chemical Co.,<br />
based in Wilmington, Del.<br />
complex information.”<br />
Directory Inspector, which<br />
provides Wizards to guide<br />
users through complex directory<br />
data, is priced starting<br />
at $1,295 for 500 user objects.<br />
Sunbelt’s other tool, LANhound,<br />
also due this week, cuts<br />
the cost of basic protocol<br />
analysis and network monitoring—especially<br />
for switched<br />
LANs—in a commercial-grade<br />
product. The cost to capture<br />
and analyze network protocols<br />
such as TCP/IP, NetBEUI,<br />
IPX/SPX and AppleTalk on<br />
switched networks can be<br />
high, since vendors often<br />
charge for each remote seg-<br />
“There will always be the leading<br />
issues that eventually<br />
cause government to react.<br />
But as the government is<br />
reacting to issues that were<br />
birthed yesterday, new issues<br />
are forming today.”<br />
The national center will be<br />
part of the Directorate of<br />
Information Assurance<br />
and Infrastructure Protection<br />
at the DHS, Clarke<br />
said. As a center of gravity<br />
for government information<br />
security, it will<br />
combine the functions<br />
of the National Infrastructure<br />
Protection Center,<br />
the Critical Infrastructure<br />
Assurance<br />
Office, the Federal Computer<br />
Incident Response<br />
Center and the National<br />
Communications System.<br />
As the DHS meshes<br />
the center together, members<br />
of Congress charged<br />
with overseeing the department’s<br />
cyber-security efforts<br />
are scrambling to understand<br />
how all the pieces will fit.<br />
For example, two separate<br />
House panels—the Commit-<br />
MARK ALCAREZ<br />
ment or switch port. Typical<br />
protocol analyzers can start<br />
at $1,000, plus $395 per remote<br />
agent. LANhound, which<br />
includes three remote agents<br />
for $595, could greatly reduce<br />
the cost to monitor and analyze<br />
network traffic across multiple<br />
segments.<br />
“That pricing will make a<br />
big difference,” said beta tester<br />
Erik Goldoff, systems manager<br />
at The HoneyBaked Ham Co.,<br />
in Norcross, Ga. “You are<br />
talking a factor of 10 cheaper.<br />
With LANhound, it just starts<br />
monitoring the network and<br />
shows where the protocol<br />
distribution is [and] what the<br />
network statistics are.”<br />
LANhound displays statistics<br />
in charts and bar graphs<br />
and lets users set alarms that<br />
trigger a packet capture to<br />
aid trouble-shooting. ´<br />
tee on Science and the cybersecurity<br />
subcommittee of the<br />
Select Committee on Homeland<br />
Security—have unsuccessfully<br />
sought answers to<br />
such questions as, How many<br />
resources are being devoted<br />
to cyber-security?<br />
Cyber-security is among the<br />
priorities for the Science and<br />
Technology Directorate,<br />
Charles McQueary, DHS<br />
undersecretary of the directorate,<br />
told the cyber-security<br />
subcommittee of the House<br />
Select Committee on Homeland<br />
Security at a hearing in<br />
Washington last week.<br />
McQueary said the DHS<br />
will create a technology clearinghouse,<br />
which will enable<br />
it to work in partnership<br />
with private industry.<br />
DHS officials said they are<br />
still working out the details of<br />
the national cyber-security<br />
center, including its formal<br />
name and organizational<br />
structure. ´<br />
For more on DHS,see.<br />
story,Page 33.
NEWS&ANALYSIS<br />
the<br />
buzz<br />
TECHNOLOGY<br />
NEC desktop:<br />
Cool and quiet<br />
NEC ANNOUNCED IN NEW<br />
York last week what it<br />
calls the world’s first<br />
water-cooled PC system—which<br />
also<br />
promises to be one of<br />
the quietest.<br />
The desktop PC’s<br />
water-cooling system uses<br />
liquid to cool off the CPU,<br />
enabling operating noise to be<br />
suppressed to about half that of a<br />
conventional PC that uses a cooling<br />
fan, or about 30 db, according<br />
to company officials.<br />
The machines, due this week,<br />
come in two models: the<br />
Valuestar TX server and the<br />
Valuestar FZ desktop.<br />
FINANCIALS<br />
PC group fuels<br />
HP’s second quarter<br />
HEWLETT-PACKARD EARNED $659<br />
million on $18 billion in revenue<br />
for the second quarter, fueled in<br />
large part by its PC group and<br />
SCO’s implication of wider claims<br />
could turn Linux into an intellectualproperty<br />
minefield.<br />
18 eWEEK n MAY 26, 2003<br />
NEC’s desktop PC is the world’s<br />
first water-cooled system.<br />
printing division.<br />
The numbers represent a<br />
$100 million jump in revenue<br />
over the previous quarter.<br />
Chairman and CEO Carly<br />
Fiorina said the company’s focus<br />
is on building the business rather<br />
than absorbing Compaq<br />
Computer.<br />
“We still have a lot to do, but I<br />
feel confident that HP is no<br />
longer an integration story,”<br />
Fiorina said during a conference<br />
call with analysts and reporters.<br />
For the quarter ended April 30,<br />
HP’s Personal Systems Group—<br />
which includes such devices as<br />
desktop PCs and laptops—made<br />
$21 million in profit on $5.1 bil-<br />
QUOTE OF THE WEEK<br />
DOSI position paper on the SCO-vs.-IBM complaint<br />
lion in revenue. Fiorina said the<br />
gains made on the commercial<br />
side of the ledger were offset by<br />
seasonal weakness in the consumer<br />
business.<br />
BUSINESS<br />
Does IT matter<br />
anymore?<br />
A MAY HARVARD BUSINESS REVIEW<br />
article by Nicholas Carr claims<br />
that, due to technology commoditization,<br />
“IT doesn’t matter” as a<br />
strategic advantage.<br />
“By now, the core functions of<br />
IT—data storage, data processing<br />
and data transport—have become<br />
available and affordable to all,”<br />
the report said. Turning expenditures<br />
on technology into the costs<br />
of doing business is an evolution<br />
similar to that of the steam<br />
engine, the telegraph, the telephone<br />
and the internal combustion<br />
engine. Similarly, the report<br />
said, overinvestment in technology<br />
in the 1990s echoes overinvestment<br />
in railroads in the 1860s.<br />
The scary question is whether<br />
“people have already bought most<br />
of the stuff they want to own,”<br />
said Bill Joy, chief scientist and<br />
co-founder of Sun Microsystems,<br />
who was quoted in the article.<br />
Vendors that are evolving to survive<br />
in this commoditized environ-<br />
BY THE NUMBERS<br />
ment include Microsoft, which<br />
turned its Office software suite<br />
into an annual subscription service.<br />
That is a “tacit acknowledgement<br />
that companies are losing<br />
their need—and their appetite—<br />
for constant upgrades,” the report<br />
said.<br />
PEOPLE<br />
Oracle turns to<br />
Wall Street analyst<br />
ORACLE IS PLUGGING MORGAN<br />
Stanley analyst Charles Phillips<br />
into one of the company’s top<br />
positions, the company<br />
announced this month.<br />
Phillips will become executive<br />
vice president in the office of the<br />
CEO and will report directly to<br />
Chairman and CEO Larry Ellison.<br />
The analyst, who’s reported on<br />
the software industry for Morgan<br />
Stanley since 1994, will focus on<br />
customer-facing activities, partners,<br />
corporate strategy and business<br />
development, officials said.<br />
Phillips has been ranked the<br />
No. 1 enterprise software industry<br />
analyst by Institutional<br />
Investor magazine each year<br />
since 1994, Oracle officials said.<br />
He has also been recognized as<br />
one of the Top 50 black professionals<br />
on Wall Street by Black<br />
Enterprise Magazine. ´<br />
RDBMS new-license revenue<br />
Worldwide revenue estimates for 2002 (in $ billions)<br />
$7.5<br />
$6<br />
$4.5<br />
$3<br />
$1.5<br />
0<br />
2.4%<br />
IBM Oracle Microsoft NCR Others<br />
9.7%<br />
14.3%<br />
39.7%<br />
33.9%<br />
2001 REVENUE 2002 REVENUE<br />
Source: Gartner Dataquest (May 2003)<br />
9.2%<br />
18%<br />
33.9%<br />
36.2%<br />
2.7%
NEWS&ANALYSIS<br />
SERVERS<br />
StarView remotely<br />
monitors systems<br />
STARTECH.COM THIS WEEK IS<br />
rolling out a tool designed to<br />
enable IT administrators to manage<br />
and monitor their servers<br />
remotely via the Internet.<br />
The company’s StarView IP2<br />
enables BIOS-level remote control<br />
of a single server or multiple<br />
systems connected to a<br />
KVM switch over TCP/IP. Using<br />
the device, administrators can<br />
reset, reboot and control the<br />
servers through any Web<br />
browser.<br />
The StarView IP2 can support<br />
servers from most vendors,<br />
including Dell, Hewlett-Packard,<br />
IBM and Sun, and is compatible<br />
with most KVM switches,<br />
according to the company.<br />
The device will be available<br />
this week, priced starting at<br />
$999. —Jeffrey Burt<br />
INTERNET<br />
AOL 9.0 beta released<br />
AMERICA ONLINE LAST WEEK MADE<br />
its AOL 9.0 client available to<br />
beta testers.<br />
The software, code-named<br />
Blue Hawaii, is a marked departure<br />
from the last release, AOL<br />
8.0, in offering a skinnable, or<br />
changeable, user interface codenamed<br />
Prescott. With it, AOL<br />
members will have many more<br />
opportunities to customize the<br />
navigation and design of the AOL<br />
client.<br />
AOL 9.0 also introduces a<br />
feature called QuickViews,<br />
which allows members to<br />
obtain information by rolling<br />
their mouse over a feature.<br />
—Craig Newell, ZDI<br />
20 eWEEK n MAY 26, 2003<br />
Nextel targets the enterprise<br />
PUSH-TO-TALK AND VPN<br />
SERVICES ON LINEUP<br />
By Carmen Nobel<br />
Nextel communications<br />
Inc. is taking several<br />
steps to strengthen its<br />
reputation as a company<br />
that caters to the enterprise.<br />
The Reston, Va., company<br />
is rolling out a nationwide version<br />
of its renowned Direct<br />
Connect push-to-talk service,<br />
offering new software based<br />
on technology from IBM, forging<br />
partnerships with enterprise<br />
application companies<br />
and launching new hardware<br />
throughout the year.<br />
“When used properly, it has<br />
the feel of a less disruptive<br />
phone call. I use it especially<br />
for quick questions or checking<br />
if someone is available.”<br />
The service has been credited<br />
for giving the company<br />
a higher average revenue<br />
per user—$67 last quarter—<br />
than its competitors. Other<br />
carriers have voiced vague<br />
plans to offer their own pushto-talk<br />
services, but Nextel<br />
officials shrugged off the idea<br />
that this might make Nextel<br />
lower its prices.<br />
“We don’t think so,” said<br />
Greg Santoro, vice president<br />
The StarView IP2 manages servers. Direct Connect, which lets Nextel’s direct<br />
a phone work like a walkietalkie,<br />
is currently available<br />
only within a customer’s local<br />
calling area. But that will<br />
change this summer. A longdistance<br />
Direct Connect service<br />
is in beta tests in Boston,<br />
Southern California and<br />
Florida. It will be widely available<br />
in those areas by next<br />
month, with service available<br />
to more than half of Nextel’s<br />
coverage area by July and<br />
throughout the United States<br />
by August, officials said.<br />
Nextel plans to offer two<br />
pricing options for Nationwide<br />
Direct Connect: an<br />
unlimited plan for $10 per<br />
month or a pay-as-you-go plan<br />
for 10 cents a minute.<br />
The scanner attachment<br />
will cost $249.<br />
Mobile workers say a direct<br />
connection is simply less of a<br />
hassle than a phone call on<br />
both ends.<br />
“For certain types of communication,<br />
push to talk is<br />
particularly useful,” said<br />
Christopher Bell, chief technology<br />
officer at the People-<br />
2People Group, in Boston.<br />
enterprise connection<br />
� Launching Nationwide Direct<br />
Connect service this summer<br />
� Offering a mobile VPN service<br />
that uses IBM’s WebSphere<br />
Everyplace Connection Manager<br />
� Selling a bar-code scanner<br />
attachment from Symbol for Nextel<br />
phones<br />
of Internet and Wireless<br />
Services at Nextel. “We don’t<br />
think [competitors] can create<br />
a service that meets ours.”<br />
In the meantime, Nextel<br />
last week announced a new<br />
VPN (virtual private network)<br />
service based on IBM’s Web-<br />
Sphere Everyplace Connection<br />
Manager software. The VPN<br />
compresses data up to three<br />
times faster than previous<br />
solutions, Nextel officials said,<br />
and uses several encryption<br />
standards, including Data<br />
Encryption Standard, Triple<br />
DES, RC5 and Advanced<br />
Encryption Standard.<br />
“It finally brings together<br />
encryption and compression,”<br />
Santoro said. “It was<br />
either/or up until now.”<br />
He added that Nextel is<br />
working with several companies<br />
that specialize in corporate<br />
data applications, especially<br />
for creating software<br />
designed to run on the Black-<br />
Berry 6510, an e-mail/phone/<br />
walkie-talkie device that<br />
Research In Motion Ltd. created<br />
for Nextel’s network.<br />
“We’re getting traction with<br />
people who never thought<br />
about using a BlackBerry<br />
before,” especially in vertical<br />
markets, Santoro said.<br />
To that end, Nextel this<br />
month began selling a barcode<br />
scanner attachment<br />
for its i88s and<br />
i58sr phones.<br />
Symbol Technologies<br />
Inc.’s PSM20i<br />
scanner clips on to the<br />
end of the phone. It<br />
weighs 1.4 ounces.<br />
Users scan the bar<br />
codes by pressing the<br />
Direct Connect button<br />
on the side of the<br />
phone and then use<br />
a Java-based application<br />
to send the information<br />
out over the iDEN, or<br />
Integrated Digital Enhanced<br />
Network.<br />
The scanner requires<br />
third-party software from a<br />
company such as AirClic Inc.<br />
to work properly, officials<br />
said.<br />
One device Nextel may not<br />
be offering in the near future<br />
is a phone that offers voice<br />
over IP via 802.11 wireless<br />
LANs. Although company<br />
officials said earlier this year<br />
Nextel and Motorola Inc.<br />
are testing such a product,<br />
Santoro said that the companies<br />
test many things and<br />
that Nextel has yet to commit<br />
to a Wi-Fi phone. ´
NEWS&ANALYSIS<br />
BMC, Quest tackle DB2<br />
TOOLS BOOST MANAGEMENT IN<br />
HETEROGENEOUS ENVIRONMENT<br />
By Lisa Vaas<br />
Users of ibm’s db2 software can<br />
turn to tools from BMC Software<br />
Inc. and Quest Software Inc. to<br />
manage the enterprise DBMS.<br />
BMC, as part of its Project Golden Gate<br />
initiative to enable data management in<br />
a heterogeneous environment, has added<br />
support for IBM’s DB2 Universal Database<br />
in its SmartDBA performance,<br />
administration and recovery tools. Working<br />
in the same vein, Quest is shipping<br />
Quest Central for DB2 3, which is management<br />
software for DB2 that features<br />
deep diagnostic capabilities for IBM’s<br />
database partitioning technology and support<br />
for heterogeneous environments.<br />
Both database management products<br />
were rolled out at the annual International<br />
DB2 Users Group Americas<br />
conference in Las Vegas last week.<br />
BMC’s tools include SmartDBA Performance<br />
Management for DB2 UDB 2.5,<br />
which provides event management, diagnostics,<br />
visualization, administration,<br />
Tool tracks network changes<br />
By Paula Musich<br />
The second release of<br />
Rendition Networks Inc.’s<br />
TrueControl network configuration<br />
tool focuses on<br />
greater extensibility and ease<br />
of administration.<br />
The software, which allows<br />
users to track and better<br />
control configuration changes<br />
in routers, switches, firewalls<br />
and load balancers in large,<br />
enterprise networks, can<br />
automatically detect when<br />
changes are made and notify<br />
appropriate network operators,<br />
officials said.<br />
Released last week, True-<br />
Control works across multiple<br />
vendors’ networking<br />
22 eWEEK n MAY 26, 2003<br />
space management and tuning of DB2<br />
UDB environments. The software integrates<br />
common alerts that let database<br />
administrators more easily monitor, tune<br />
and manage space within DB2 databases,<br />
said officials at Houston-based BMC.<br />
BMC’s SmartDBA tool watches DB2 systems.<br />
Also included is SQL-BackTrack for<br />
DB2 UDB 3, which allows DB2 users to<br />
perform database backup and recovery<br />
through the SmartDBA Web console. The<br />
console also allows users to manage<br />
Oracle Corp. and Microsoft Corp. SQL<br />
equipment and is intended to<br />
help reduce the repair times<br />
when outages occur.<br />
Competitive offerings from<br />
AlterPoint Inc. rely on polling<br />
devices to determine whether<br />
a configuration change has<br />
been made. But with polling<br />
intervals as long as an hour,<br />
detection can take time and<br />
cost money, according to<br />
Raghav Kher, president and<br />
CEO of Rendition, in Redmond,<br />
Wash.<br />
The instability of networks<br />
in a time of tight IT budgets<br />
is focusing attention on ways<br />
to reduce operational costs.<br />
Automation is a key mechanism<br />
to help reduce those<br />
costs, said Peter Christy, an<br />
analyst at NetsEdge Research<br />
Group, in Los Altos, Calif.<br />
“The network as a whole<br />
is an unreliable system. Now<br />
what’s important is that networks<br />
become better and<br />
cheaper to operate, and automation<br />
is a key element to<br />
making that happen,” Christy<br />
said.<br />
TrueControl serves as a<br />
repository of log information<br />
that includes comments from<br />
network engineers about why<br />
they made certain changes.<br />
When a change results in<br />
an outage, TrueControl can<br />
be used to return the network<br />
to an earlier, stable configu-<br />
Server databases from one common spot.<br />
SmartDBA Performance Management<br />
for UDB 2.5 is slated to be available<br />
next month. SQL-BackTrack for<br />
DB2 3 is due in July with support for<br />
DB2 UDB Versions 7.2 and 8.1.<br />
Meanwhile, Quest Central for DB2<br />
3 also supports heterogeneous environments.<br />
A new compare-and-synchronize<br />
feature allows DBAs to compare databases<br />
and identify differences to ensure<br />
that all changes are in place before<br />
deploying applications into<br />
production. The product also<br />
features DB2 alerts and diagnosis<br />
at a summarized database<br />
level as well as at the level<br />
of detailed partition.<br />
Fast Communication Manager<br />
in Quest Central for<br />
DB2 3 allows DBAs to quickly<br />
identify hot spots in multipartition<br />
databases. This lets<br />
them identify performance<br />
problems at the summary level<br />
and drill down into the partition<br />
to get enough detail to<br />
solve a given problem, according<br />
to Quest officials, in Irvine, Calif.<br />
Quest Central for DB2 3 supports DB2<br />
7.1, DB2 7.2 and DB2 UDB Enterprise<br />
Server Edition 8.1. Pricing starts at $1,500<br />
for the Developer Edition and $10,000<br />
for the Professional Edition. ´<br />
ration, Kher said.<br />
TrueControl Version 2.0<br />
adds the ability to integrate<br />
with Hewlett-Packard Co.’s<br />
OpenView Network Node<br />
Manager. TrueControl can be<br />
launched from within an<br />
OpenView console. Rendition<br />
is also planning to integrate<br />
with tools from NetIQ<br />
Corp., BMC Software Inc.’s<br />
Remedy Action Request System<br />
and Computer Associates<br />
International Inc.’s Unicenter.<br />
Version 2.0 includes a software<br />
development kit for<br />
adding new drivers that allow<br />
users to attach other networking<br />
equipment not currently<br />
supported. The release<br />
is available now; prices start at<br />
$29,990 for 75 managed<br />
nodes. ´
NEWS&ANALYSIS<br />
Face to Face: Clark Masters<br />
Sun aims high<br />
VP SEES LOTS OF VIGOR LEFT IN HIGH-PERFORMANCE COMPUTING<br />
In recent months, sun<br />
Microsystems Inc. has<br />
made a big push into lowend,<br />
low-cost computing.<br />
The Santa Clara, Calif.,<br />
company rolled out blade<br />
servers as part of its N1 data<br />
center virtualization strategy,<br />
as well as two low-end x86<br />
servers, and promised to<br />
continue providing more of<br />
the same. But high-end Unix<br />
systems are still an important<br />
part of Sun’s overall strategy,<br />
and Clark Masters, executive<br />
vice president and general<br />
manager of the company’s<br />
Enterprise Systems Products<br />
group, spoke with eWeek Senior<br />
Editor Jeffrey Burt about<br />
Sun’s plans for its top-of-the<br />
line servers.<br />
Low-end servers and blade<br />
servers have gotten a lot of<br />
publicity. What is Sun doing<br />
with high-end servers?<br />
I think the high end matters<br />
more today than ever,<br />
really. At the $500,000-andup<br />
price point—these are<br />
[International Data Corp.]<br />
data, not Sun data—in the<br />
year 2000, it was 20-someodd<br />
cents out of every server<br />
dollar was spent on the halfmillion-<br />
dollar-and-up market<br />
range. At the end of 2002,<br />
that was over 30 cents, so that<br />
the amount of IT dollars<br />
going toward the high end ...<br />
is larger today than ever<br />
before.<br />
Is this because the systems are<br />
more expensive or because there’s<br />
24 eWEEK n MAY 26, 2003<br />
Masters: High-end spending climbing.<br />
a growing demand for them?<br />
It’s two things. The weakness<br />
in the market we see is more<br />
the midrange.<br />
So we’re seeing [high-end<br />
server growth] with server consolidation<br />
and data center<br />
consolidation and the drive<br />
toward efficiency. Also, we’re<br />
seeing strength in government<br />
spending, high-performance<br />
technical computing [HPTC],<br />
all of those things.<br />
What’s driving the demand for<br />
the really high end?<br />
Two or three key factors that<br />
I see. One is server consolidation.<br />
Two years ago, when<br />
I talked with customers, it was<br />
all about staying out in front<br />
of the wave. ... It was the dotcom<br />
boom times. It was all<br />
about deployment.<br />
Now, today, it’s all about<br />
doing more with less—total<br />
cost of ownership. How do I<br />
drive costs out of the system?<br />
Another thing is, most<br />
large organizations are<br />
structured in business<br />
units, and a lot of business<br />
units have their own IT<br />
infrastructure, and now I<br />
think the political walls are<br />
broken down, that cost<br />
control is much more<br />
important than the autonomy<br />
of a particular business<br />
unit. You see people,<br />
to save costs, much<br />
more willing to consolidate<br />
workloads and combine<br />
computing environments,<br />
and that helps drive the<br />
high-end server business<br />
and data-center-class machines.<br />
Regarding N1, can you provide<br />
me with an idea of how<br />
Sun’s largest servers—the 12K<br />
and the 15K—fit in with that<br />
strategy?<br />
With N1, the better we can<br />
do at driving up the utilization<br />
and efficiency, the<br />
more applications we<br />
can dynamically provision.<br />
That’s a huge<br />
opportunity for us. So<br />
with the software tools<br />
we’re developing with<br />
N1, to manage and<br />
provision it, plus the<br />
virtualization in the hardware<br />
with domain and the Solaris<br />
operating environment, with<br />
resource management and<br />
software partitions—or containers—we<br />
have very powerful<br />
technologies to leverage,<br />
to simply be the best in the<br />
world at that.<br />
How important is HPTC to<br />
Sun’s high-end computing strategy?<br />
It’s very important to Sun up<br />
and down the product line.<br />
... We’re developing visualization<br />
technology like Java<br />
3-D, for example. That’s big in<br />
the research and technical<br />
computing area.<br />
We’re finding that technical<br />
[computing] has much more<br />
growth potential and is becoming<br />
much more integrated with<br />
most every organization,<br />
whether it be manufacturing<br />
to do design optimization<br />
before you actually do implementations<br />
to biotech companies.<br />
What are some of the other areas<br />
in HPTC that Sun needs to<br />
address?<br />
We’re very good at large physical<br />
memory, so that gives us<br />
an advantage. High-bandwidth<br />
I/O we have.<br />
We have a storage business<br />
and very good technology<br />
there. When we get our Ultra-<br />
SPARC 4 machines—and I<br />
think in the worldwide analyst<br />
conference I said we would be<br />
introducing those before the<br />
next analyst conference, so<br />
about year-end or early part of<br />
next calendar year—that will<br />
have multiple threads ... so it<br />
will double the floating-point<br />
performance that we have in<br />
the same footprint.<br />
‘Today, it’s all about<br />
doing more with<br />
less—total cost<br />
of ownership.’<br />
Long term, we’re investing<br />
in additional cluster technologies;<br />
investing in InfiniBand<br />
for high-speed networking,<br />
for both I/O and machines to<br />
machines; and also new processor<br />
technologies and interconnect<br />
technologies aimed<br />
at HPTC. ´
NEWS&ANALYSIS<br />
Eric Lundquist: Up Front<br />
Golden-oldie lessons<br />
Vendors and prognosticators are either<br />
wringing their hands looking for the next big<br />
thing or worrying that IT has become a lowpriced<br />
commodity to be purchased like electricity<br />
or paper clips. They could learn a thing<br />
or two from mainframes, pay phones and backhoes.<br />
Here’s why. The mainframe business has been predicted<br />
to die ever since IBM developed the Model 704<br />
in 1957. Full-time venture capitalist and part-time Fortune<br />
columnist Stewart Alsop predicted that the last<br />
mainframe would be unplugged in 1996. This month,<br />
IBM once again proved Alsop’s and others’ predictions<br />
to be ludicrously off the mark by introducing the z990,<br />
code-named T-Rex. The advance of Intel-based microprocessors and Microsoft<br />
software was supposed to be the equivalent of the cataclysmic asteroid impact that<br />
wiped out the dinosaurs. It has been little more than a summer meteor shower.<br />
Why do mainframes continue to<br />
inhabit the planet? That they work as<br />
advertised is probably the immediate<br />
answer. The stories about old mainframes<br />
still cranking out reports and<br />
doing financials on some proprietary program<br />
written in the 1970s are legion. A<br />
second reason is that if you are willing<br />
to invest—say, about $1 billion over four<br />
years—you can make a mainframe<br />
that looks a lot like what IBM is selling.<br />
“We continue to invest in those features<br />
and capabilities our customers<br />
are asking for,” Peter McCaffrey, IBM’s<br />
director of product marketing for the<br />
zSeries of mainframes, told me. Combining<br />
the reliability and scale of mainframes<br />
with recent developments such<br />
as Linux has created an alluring platform<br />
for e-commerce.<br />
What’s more, working on a platform<br />
that pundits are forever declaring extinct<br />
has proved motivational to IBM engineers.<br />
“Every once in a while, they<br />
have a good laugh over it. In the end, it<br />
drives our engineers to constantly reinvent<br />
the platform,” said McCaffrey.<br />
26 eWEEK n MAY 26, 2003<br />
Now, pay phones. They are ubiquitous<br />
and yet underused in this era of cell<br />
phones. When Intel introduced its<br />
wireless chips under the Centrino<br />
label, it produced a movie, ostensibly<br />
humorous, that included a spoof on<br />
pay phones. Now, Verizon is striking<br />
back by adding wireless hot-spot capabilities<br />
to its pay phones. Starting in New<br />
York, Verizon is making hot-spot access<br />
for 802.11-enabled devices free for Verizon<br />
Internet access customers.<br />
This is a smart move for Verizon<br />
and a challenge to all those venture<br />
capitalists who were betting on the<br />
vendors of equipment you’d need to be<br />
wirelessly logging on at McDonald’s as<br />
you scarf down your Big Mac. Philip Nutsugah,<br />
executive director for broadband<br />
wireless at Verizon, said the company<br />
intends to have 1,000 pay phone hot spots<br />
in New York by year’s end.<br />
Now take a guess what the following<br />
quote refers to. “Every feature was<br />
designed with productivity, serviceability<br />
and reliability in mind.” No, it’s not<br />
Scott McNealy trying to persuade you to<br />
buy more Solaris, and it’s not Bill<br />
Gates contending he finally has the security<br />
thing under control. The quote was<br />
part of a press release for the new John<br />
Deere 710G backhoe introduced in<br />
January and replete with new features<br />
and technologies. In a 1997 article on<br />
HotWired.com titled “50 Ways to Crash<br />
the Net,” security expert Simson Garfinkel<br />
included buying 10 backhoes as<br />
one of the 50. That’s because, back<br />
then, critical Internet backbones too<br />
often ran through underground cables,<br />
which too frequently fell victim to the<br />
digging of backhoes.<br />
When a backhoe blade sliced through<br />
a cable and cut off Internet access to a<br />
big chunk of Boston on May 13, I started<br />
to wonder if backhoe technology is evolving<br />
faster than the physical security of<br />
the Internet.<br />
I tracked down Garfinkel, now going<br />
for his doctorate at MIT. While it<br />
might take more than 10 backhoes to<br />
do the job now, the physical security<br />
of the Internet’s routers, name servers<br />
and associated hardware remains far<br />
too vulnerable for the elevated threats<br />
the Net faces, Garfinkel said. “There<br />
ERIC_ LUNDQUIST@ZIFFDAVIS.COM<br />
Why do mainframes continue to inhabit<br />
the planet? That they work as advertised<br />
is probably the immediate answer.<br />
is a very high risk of physical damage.<br />
People tend to forget about physical<br />
security,” he said.<br />
Part of progress is the illusion that we<br />
leave some things behind. But some<br />
golden-oldie technologies stick around<br />
for a reason. They’re good at what they<br />
do. Still, that backhoe technology remains<br />
one step ahead of Internet architects<br />
should give us all pause. ´
Security: Government<br />
DHS revamp on tap<br />
IN WAKE OF CRITICISM, CYBER-SECURITY TO GET HIGHER PROFILE<br />
By Caron Carlson IN WASHINGTON<br />
After months of escalating criticism<br />
from the IT industry that the<br />
Bush administration is devoting<br />
insufficient resources and attention<br />
to cyber-security, the fledgling<br />
Department of Homeland Security is<br />
already restructuring to give network<br />
safety a higher profile.<br />
The organizational changes, due to<br />
take place over the coming months,<br />
will show that the executive branch is<br />
taking cyber-security seriously, according<br />
to Charles McQueary, undersecretary<br />
for science and technology at the<br />
new department.<br />
McQueary addressed lawmakers here<br />
last week at a hearing of the House Committee<br />
on Science. The session took on<br />
a very un-Washington, almost-surreal<br />
quality as legislators chided civil servants<br />
for not chasing after enough funding for<br />
cyber-security research and development,<br />
and civil servants answered that there<br />
is plenty of money already being spent.<br />
“We’re not lacking for funds,” Anthony<br />
Tether, director of the Pentagon’s Defense<br />
Advanced Research Projects Agency, told<br />
the committee. “I funded every idea that’s<br />
come forth in this area this year. We’re<br />
more idea-limited right now than we<br />
are funding-limited.”<br />
Acting on ramped-up industry lobbying,<br />
legislators took to task the DHS,<br />
DARPA, the National Science Foundation,<br />
and the National Institute of Standards<br />
and Technology for not seeking out<br />
or setting aside adequate funds for cybersecurity.<br />
The preoccupation with national<br />
security since the terrorist attacks of Sept.<br />
11, 2001, was expected to unleash a torrent<br />
of government spending on IT goods<br />
and services, but the federal funds have<br />
not been as forthcoming as the industry<br />
had hoped.<br />
According to committee Chairman<br />
Sherwood Boehlert, R-N.Y., there have<br />
been complaints from throughout the<br />
research community that the DHS is not<br />
focusing on solving network vulnerabilities<br />
and that DARPA is operating<br />
under reduced resources.<br />
“It’s impossible to conclude that far<br />
more needs to be done,” Boehlert said,<br />
DHS’ Ridge (center) and DARPA’s Tether (right) are tuning out<br />
Boehlert’s complaints that cyber-security gets short shrift.<br />
NEWS&ANALYSIS<br />
directing DARPA’s Tether to “enlighten<br />
us as to why we’re moving in the wrong<br />
direction.”<br />
Most of DARPA’s resources are<br />
directed at classified projects, according<br />
to Tether, who said that a peek at<br />
the agency’s classified budget would<br />
make lawmakers more comfortable with<br />
the funding level.<br />
“We’re not concerning ourselves [with]<br />
the commercial networks,” Tether said,<br />
adding that DARPA is focused on solving<br />
problems that the private sector<br />
currently does not confront. The military<br />
faces threats from “attackers whose<br />
life depends on taking the network<br />
down,” he said, and projects are under<br />
way to make those networks increasingly<br />
wireless and peer to peer.<br />
“We’re really far ahead of the commercial<br />
world in this regard,” Tether said,<br />
adding that a prototype military network<br />
with 400 nodes to use for simulated<br />
attacks is in the works.<br />
Last week, DARPA sent its data<br />
mining report to Congress. Following<br />
public outcry over the research last<br />
year, the agency changed the project’s<br />
name from Total Information Awareness<br />
to Terrorism Information Awareness.<br />
When President Bush disbanded<br />
the President’s Critical Infrastructure<br />
Protection Board earlier this year following<br />
the resignation of its chairman,<br />
Richard Clarke, responsibilities for cybersecurity<br />
were transferred to DHS Secretary<br />
Tom Ridge. However, the subject<br />
was not given a sufficiently high<br />
profile or a sufficiently high-ranking<br />
executive to satisfy the industry.<br />
Turning the tables and taking a shot<br />
at the private sector, federal research officials<br />
told the Science Committee last<br />
week that if there is less-than-optimal<br />
attention devoted to cyber-security today,<br />
it is a result of problems in industry,<br />
not the government.<br />
“As a nation, our<br />
greatest vulnerability<br />
is indifference,” said<br />
Arden Bement, NIST<br />
director, citing recent<br />
surveys indicating that<br />
private enterprises “don’t<br />
really see themselves as<br />
a target.”<br />
“They just haven’t<br />
quite stepped up to ANDERSON<br />
the plate,” said Bement,<br />
in Washington. ´ STEPHEN<br />
MAY 26, 2003 n eWEEK 33
NEWS&ANALYSIS<br />
Sun, Oracle tighten alliance<br />
COMPANIES TO REDUCE<br />
DEPLOYMENT COSTS<br />
By Jeffrey Burt and Lisa Vaas<br />
It departments under<br />
pressure to keep costs<br />
down welcome a move by<br />
Sun Microsystems Inc. and<br />
Oracle Corp. to lower the cost<br />
of deploying the two companies’<br />
software and systems.<br />
Sun, of Santa Clara, Calif.,<br />
and Oracle, of Redwood<br />
Shores, Calif., are tightening<br />
their 20-year-long alliance<br />
with what officials said will<br />
result in a “no finger-pointing”<br />
service and support scenario<br />
for joint customers.<br />
“What this means is you<br />
have absolute, total choice<br />
across the two product lines,<br />
with only one throat to choke,”<br />
said Scott McNealy, president,<br />
chairman and CEO of Sun.<br />
At an event in San Francisco<br />
last week, McNealy and<br />
Oracle Chairman and CEO<br />
Larry Ellison spoke about how<br />
many data centers in the<br />
near future are going to run<br />
smaller servers linked by technology<br />
such as Oracle’s Real<br />
Application Clusters and<br />
running as one large system.<br />
In support of that vision,<br />
Sun has made available two<br />
new low-cost, rack-optimized<br />
servers, the Sun Fire V60x and<br />
V65x. The V60x is a 1U (1.75inch-high)<br />
one- to two-way system<br />
powered by Intel Corp.<br />
2.8GHz Xeon processors that<br />
can run either Red Hat Inc.’s<br />
Red Hat Linux or Sun’s Solaris<br />
x86 Platform Edition. The<br />
entry-level server—which is<br />
aimed at such jobs as Web<br />
serving, e-mail and caching—<br />
also features up to 6GB of<br />
memory and three Ultra320<br />
SCSI hard drives, according to<br />
Sun. The 2U (3.5-inch) V65x<br />
can run one or two 2.8GHz<br />
36 eWEEK n MAY 26, 2003<br />
or 3.06GHz Xeons and comes<br />
with up to 12GB of memory,<br />
six 36GB or 73GB hard drives,<br />
and up to six PCI-X slots,<br />
Sun officials said. In addition,<br />
McNealy said<br />
Sun has formed a<br />
global agreement<br />
with Linux developer<br />
Red Hat.<br />
At the event,<br />
McNealy and Ellison<br />
said Oracle<br />
software will run<br />
with the Solaris<br />
and Linux operating<br />
systems on all<br />
x86 hardware from<br />
Sun. The software<br />
includes everything<br />
from the Oracle9i database<br />
and Oracle9i application<br />
server to Oracle Collaboration<br />
Suite.<br />
The two companies are also<br />
going to ensure that Oracle<br />
software can be automatically<br />
deployed within data centers<br />
powered by Sun’s N1 strategy,<br />
an initiative to virtualize the<br />
data center, enabling the<br />
dynamic management of<br />
Ellison, left, and McNealy, right, are looking to<br />
populate data centers with smaller servers.<br />
resources within the centers.<br />
The two companies will<br />
also integrate Sun’s StarOffice<br />
suite with Oracle’s Collaboration<br />
Suite and will collaborate<br />
on joint marketing and<br />
support programs.<br />
Oracle users have been waiting<br />
a long time for Oracle software<br />
to run on low-cost Sun<br />
boxes, according to Richard<br />
Niemiec, president of the<br />
International Oracle Users<br />
Group and CEO of TUSC (The<br />
Ultimate Software Consultants),<br />
an Oracle consultancy.<br />
“People [are saying that] this is<br />
huge and that it’s about time,”<br />
said Niemiec, in Chicago. “It’s<br />
good for Oracle. They need<br />
to be hardware-agnostic. They<br />
have a large contingent on Sun<br />
[hardware], and they need to<br />
keep that contingent happy.”<br />
Any ground gained at the<br />
lower end of the market will<br />
likely carve away territory now<br />
claimed by Microsoft Corp.’s<br />
SQL Server, Niemiec said.<br />
“It positions Oracle at the<br />
lower end to a much-greater<br />
degree than they were previously,”<br />
he said. “Another benefit<br />
is that many people, for<br />
their main server, have Sun.<br />
For their departmental,<br />
smaller servers, there’s now<br />
potential to consolidate on<br />
Sun as an alternative to SQL<br />
Server.” ´<br />
<strong>Cisco</strong> beefs up security tools<br />
By Paula Musich<br />
<strong>Cisco</strong> systems inc. continues to broaden<br />
its portfolio of security management tools<br />
with the introduction of 14 new and<br />
enhanced security management, threat protection<br />
and VPN offerings.<br />
Among the upgraded offerings is the<br />
<strong>Cisco</strong> IP Solutions Center Version 3.0 Security<br />
Technology Module, which allows users<br />
to set up common configurations for multiple<br />
virtual private network devices from a central<br />
location and push those out to remote sites.<br />
The tool, introduced last week, also allows<br />
the VPN tunnels to be pushed out from a<br />
central location to remote locations, according<br />
to early user Carol Henson, director of IT for<br />
the U.S. Department of Agriculture, Rural<br />
Development, in St. Louis. The organization<br />
is using <strong>Cisco</strong> IP Solutions Center 3.0 as part<br />
of a rollout of 2,500 VPNs to field offices, replacing<br />
more costly frame relay links.<br />
The module provides an audit trail function,<br />
ensuring that “every VPN we install will be<br />
installed the same way,” Henson said. “If we<br />
have to make a change, we can make it<br />
within the VPN and use [the <strong>Cisco</strong> Intelligence<br />
Engine 2100 Series] to keep them all in<br />
sync.”<br />
<strong>Cisco</strong> also introduced <strong>Cisco</strong> Security Device<br />
Manager Version 1.0, which manages Internetwork<br />
Operating System-based security functions<br />
for <strong>Cisco</strong> 830- and 3700-series access<br />
routers. <strong>Cisco</strong>Works Security Information<br />
Management Solution 3.1 adds enhanced event<br />
scoring, business impact and threat analysis<br />
to the base security event monitoring function.<br />
Version 2.2 of <strong>Cisco</strong>Works VPN/Security<br />
Management Solution integrates administrative<br />
control of the <strong>Cisco</strong> Catalyst 6500 Firewall<br />
and VPN services modules, monitoring<br />
of <strong>Cisco</strong> intrusion detection systems, and support<br />
for the new <strong>Cisco</strong> Security Agent. ´
Software links backup, SRM<br />
CA, VERITAS HONE DATA<br />
RESTORE UPGRADES<br />
By Evan Koblentz<br />
Summer upgrades for<br />
Computer Associates<br />
International Inc. and<br />
Veritas Software Corp. backup<br />
and recovery programs will<br />
help users link existing suites<br />
with other technologies.<br />
Features in CA’s BrightStor<br />
Enterprise Backup 10.5 and<br />
Veritas’ Bare Metal Restore<br />
4.6 are also part of the trend<br />
of focusing on data restores.<br />
With CA’s upgrade from<br />
Version 10, users can set up<br />
policy-based job scheduling,<br />
linked with BrightStor Storage<br />
Resource Manager and<br />
related products, said Ed<br />
Cooper, CA product manager,<br />
in Islandia, N.Y.<br />
Enterprise Backup also<br />
now links to Unicenter’s soft-<br />
ware distribution feature, for<br />
sending backup configurations<br />
to remote sites, and to<br />
Microsoft Corp.’s Windows<br />
Server 2003, through the Volume<br />
Shadow Copy Service,<br />
Cooper said. In<br />
addition, it works<br />
with software from<br />
switch makers BrocadeCommunications<br />
Systems Inc.<br />
and McData Corp.<br />
and now has a feature<br />
for verifying<br />
service-level agreements,<br />
officials<br />
added.<br />
The new version<br />
ranges from $5,000<br />
to $20,000, Cooper<br />
said. Available now, it includes<br />
five licenses for BrightStor<br />
Enterprise Portal.<br />
User reactions are mixed.<br />
“I really like the speed and<br />
console that allows me to<br />
manage all of the different<br />
machines,” said Greg Taffet,<br />
CIO of MxEnergy Inc., a<br />
natural gas reseller in Stamford,<br />
Conn.<br />
Conversely, “I haven’t been<br />
terribly impressed,” said Matt<br />
Paull, systems administrator<br />
at Redflex Traffic Systems<br />
Inc., in Scottsdale, Ariz.<br />
Web services get more options<br />
By Darryl K. Taft<br />
Two web services management<br />
software suppliers announced new<br />
products last week, approaching the<br />
issue of managing Web services from<br />
two perspectives.<br />
Both Swingtide Inc., of Portsmouth,<br />
N.H., and Blue Titan Software Inc., of<br />
San Francisco, unveiled new Web services<br />
management solutions, with<br />
Swingtide offering a more passive<br />
solution and Blue Titan delivering a more<br />
active product.<br />
Swingtide made its announcement at<br />
the annual Association for Cooperative<br />
Operations Research and Development<br />
conference in Orlando, Fla. The<br />
company announced two products,<br />
Swingtide Monitor and Swingtide Scorecard,<br />
which enable users to view, analyze<br />
and manage the data they send<br />
via ACORD, SOAP (Simple Object<br />
CA’s BrightStor portal manages rival Veritas’ backup.<br />
Access Protocol) or XML standards, officials<br />
said. Swingtide Monitor tracks<br />
the growth and business usage of Web<br />
services and XML networks and not<br />
the performance of the physical network.<br />
Swingtide Scorecard is a methodology<br />
for improving return on investment<br />
from XML-based Web services.<br />
Swingtide officials said the products<br />
can be tailored to industry needs. The<br />
first industry supported is insurance, for<br />
which Swingtide has incorporated<br />
complete ACORD standards into the<br />
products. Future support will be added<br />
for banking and securities trading.<br />
Meanwhile, Blue Titan announced the<br />
release of Network Director 2.0, its<br />
Web services management solution that<br />
delivers event-driven control for serviceoriented<br />
architectures (see review,<br />
Page 56).<br />
New capabilities in Network Director<br />
NEWS&ANALYSIS<br />
“For the most part, I can get<br />
away with Microsoft, the<br />
built-in backup.”<br />
For its part, Veritas, of<br />
Mountain View, Calif., last<br />
week announced Bare Metal<br />
Restore 4.6, which can restore<br />
a Windows server onto different<br />
hardware from the<br />
original, said Richard Harrison,<br />
Veritas product manager.<br />
With the new feature,<br />
administrators don’t<br />
have to wait for an<br />
identical server to<br />
arrive, and it is useful<br />
in cases where<br />
the original equipment<br />
isn’t made anymore.<br />
Bare Metal<br />
Restore 4.6 requires<br />
Veritas’ high-end<br />
NetBackup software,<br />
Harrison said.<br />
Until next quarter,<br />
the new version<br />
will cost $695 for<br />
Windows licenses and $895<br />
for Unix licenses. After that,<br />
licenses will cost $900 for Windows<br />
and $1,000 for Unix,<br />
Harrison said. ´<br />
2.0 include fabric services, which expose<br />
functions as Web services; active event<br />
messaging; adaptive policy execution;<br />
SOAP stack interoperability; and support<br />
for emerging standards such as Web<br />
Services-Security, Web Services-Policy<br />
and Web Services-ReliableMessaging.<br />
Jason Bloomberg, an analyst with Zap-<br />
Think LLC, in Cambridge, Mass., said he<br />
views Swingtide as unique in its category.<br />
“Instead of rushing the first version<br />
of their software product to market, they<br />
developed an extensive professional services<br />
offering to build relationships with<br />
their customers, build awareness within<br />
their selected target industry and to<br />
gather a detailed understanding of<br />
their customers’ needs,” Bloomberg said.<br />
“By ‘passive,’ we mean that it monitors<br />
XML activity without affecting it and<br />
provides visibility into the XML on a company’s<br />
network,” he said. “In contrast,<br />
Blue Titan has an active management<br />
approach that controls the traffic, ensuring<br />
reliability and actively managing<br />
security policies.” ´<br />
MAY 26, 2003 n eWEEK 37
NEWS&ANALYSIS<br />
Serena snaps<br />
up developer<br />
TeamShare<br />
By Darryl K. Taft<br />
Corporate developers are getting<br />
more collaboration capabilities<br />
in their development<br />
tools, thanks to acquisitions by Serena<br />
Software Inc. and CollabNet Inc.<br />
Serena, of San Mateo, Calif., which<br />
last week agreed to buy TeamShare Inc.<br />
for $18 million, sells change management<br />
solutions that automate<br />
changes to enterprise code and content.<br />
With TeamShare, a Colorado<br />
Springs, Colo., developer of collaborative<br />
software development solutions,<br />
Serena plans to bolster its product line<br />
with collaboration technology and<br />
extend its reach in application life-cycle<br />
management, company officials said.<br />
Serena’s acquisition followed by a<br />
few weeks CollabNet’s buyout of Enlite<br />
Networks Inc., of Mountain View, Calif.<br />
CollabNet is a Brisbane, Calif., provider<br />
of collaborative software development<br />
solutions; Enlite is an enterprise<br />
collaboration technology startup<br />
with a facility in Chennai, India.<br />
A variety of software makers are<br />
adding collaboration into core components<br />
of their offerings, according<br />
to Erica Rugullies, an analyst with Giga<br />
Information Group Inc., in Cambridge,<br />
Mass. However, “many vendors<br />
will have to set back their collaboration<br />
strategies as Microsoft<br />
[Corp.] and IBM provide collaboration<br />
tools,” Rugullies said.<br />
Microsoft is moving collaboration<br />
capabilities into its Windows operating<br />
system with Windows SharePoint<br />
Services, expected this year, and<br />
IBM is componentizing its collaborative<br />
offerings and making them<br />
available through the various IBM<br />
software brands, Rugullies said. “With<br />
these two big vendors coming into the<br />
market, it’s going to be harder and<br />
harder for proprietary collaboration<br />
tools to flourish,” she said. ´<br />
38 eWEEK � MAY 26, 2003
Storage: OS upgrade<br />
Bigger, better Linux<br />
LINUX 2.6 TO HANDLE MORE MEMORY, THREADS, STORAGE OPTIONS<br />
By Lisa Vaas<br />
Users of linux databases are<br />
drooling over the list of features<br />
promised by the forthcoming<br />
upgrade to the Linux kernel,<br />
Version 2.6.<br />
The Linux 2.6 production kernel,<br />
expected to be released later this year, will<br />
enable Linux to handle big, enterpriseclass<br />
database applications. New features<br />
integrated into the main kernel will spare<br />
users the need to adopt<br />
them as back-ported capabilities<br />
in the 2.4 production<br />
kernel. Such abilities<br />
include support for much<br />
larger amounts of memory,<br />
support for a larger number<br />
of threads, improved<br />
networking performance,<br />
increased storage and types<br />
of storage, and better volume<br />
management.<br />
Tim Kuchlein, director<br />
of IS at Clarity Payment<br />
Solutions Inc., a developer<br />
of prepaid electronic payment<br />
systems, said the<br />
ability for the kernel to support<br />
extra memory will<br />
enable his company to<br />
work its database like<br />
Google—running on all<br />
memory, all the time.<br />
Clarity will soon move<br />
to the IBM DB2 8.1 database<br />
running on Red Hat<br />
Inc.’s version of Linux. To<br />
get it all running with maximum<br />
affordable memory, managers<br />
plan to move to a 64-bit architecture and,<br />
to that end, are checking out Advanced<br />
Micro Devices Inc.’s 64-bit architecture.<br />
The move could mean that Clarity<br />
could kiss writing to disk goodbye.<br />
“We want to have as much memory in<br />
our systems as we can,” said Kuchlein,<br />
in New York.<br />
The ability to support 64 bits isn’t new<br />
to the Linux kernel, but the affordability<br />
of 64-bit boxes is, Kuchlein said. “Only<br />
recently have you been able to buy<br />
hardware without having to mortgage<br />
your life to make use of [64 bits],” he said.<br />
Kuchlein has priced IBM pSeries servers<br />
with 16GB of memory at about $230,000,<br />
compared with AMD boxes with two<br />
CPUs and 8GB that sell for about $6,150.<br />
But perhaps the most enticing lure<br />
of the 2.6 kernel is its promise of better<br />
volume management. “Sizing of partitions<br />
and stuff is always a pain in the<br />
[neck],” said Kuchlein. “You have what<br />
you think will happen [with partitioning<br />
needs], and you make plans, and two<br />
NEWS&ANALYSIS<br />
weeks later it changes. Just being able to<br />
dynamically resize partitions is obviously<br />
a very good thing.”<br />
Officials at Aventis Behring—a company<br />
that develops therapeutic proteins<br />
to treat people with immune and<br />
protein deficiencies, such as hemophiliacs—are<br />
also itching to get their hands<br />
on the 2.6 kernel. The reasons: better volume<br />
management, asynchronous I/O<br />
and better management of multiple<br />
applications on one server.<br />
Asynchronous I/O is appealing<br />
because the company, based in King of<br />
Prussia, Pa., is considering a project<br />
deploying Web services on Linux that<br />
requires scalability. “[Asynchronous I/O]<br />
allows command queuing to improve<br />
CPU utilization, which can result in performance<br />
improvements for Web servers<br />
and databases,” said Jesse Crew, manager<br />
of global systems.<br />
The ability to better manage multiple<br />
applications on one server running<br />
separate logical images<br />
can help administration and<br />
consolidation, as well as<br />
reduce complexity and<br />
lower costs. “From experience<br />
with the Windows<br />
environment, running two<br />
applications on a single<br />
server can cause coexistence<br />
nightmares during future<br />
upgrades of either one,”<br />
Crew said. “With Linux,<br />
we may be able to put an<br />
end to these types of issues.<br />
Running multiple applications<br />
on the same server<br />
knowing they are logically<br />
partitioned makes things<br />
easier to maintain.”<br />
Vendors are just as excited<br />
about the 2.6 kernel. For one,<br />
Gary Ebersole, president of<br />
ANTs Software Inc., maker<br />
of a new high-performance<br />
DBMS, said the company<br />
will snap up 2.6 as soon as<br />
possible. Motivating his decision<br />
is, again, 64-bit address<br />
space. Another draw is support for a large<br />
number of threads, which will allow the<br />
company to scale up on symmetric multiprocessing.<br />
“We’ll grab as many threads<br />
as there are microprocessors in the system,”<br />
said Ebersole, in Burlingame, Calif.<br />
“Good thread management in the kernel<br />
is good.” ´<br />
PAUL CONNOLLY<br />
MAY 26, 2003 n eWEEK 39
NEWS&ANALYSIS<br />
Peter Coffee: Port Scans<br />
The case for rest<br />
As i looped around the east edge of phoenix,<br />
heading home from the GigaWorld IT Forum,<br />
I heard NPR’s salute to National Night Shift<br />
Workers Day conclude with a poem by Karen<br />
Jane Glenn. “Let us now praise the night shift,”<br />
she began. “Those on the 8-to-4, the 10-to-6 ... the sleepdeprived<br />
... the wired.” I could relate. It seems as if every<br />
week brings me more e-mail messages that are timestamped<br />
during the interval that Navy men call the midwatch,<br />
from midnight to four in the morning. And I<br />
have to admit that I’m also sending more of those<br />
midwatch messages myself.<br />
As it happened, the theme of the conference I’d<br />
just attended was “Deliver more with less.” I don’t remember seeing “less sleep”<br />
as a formal part of the agenda—but as I listened to Glenn’s poem, it seemed as if<br />
that topic should have been addressed. After all, National Science Foundation<br />
statistics estimate U.S. adults averaging<br />
less than 7 hours’ sleep at night;<br />
other studies point to sleep-deprivation<br />
effects that include difficulty following<br />
discussions; poor judgment in complex<br />
situations; difficulty in devising a<br />
new approach to a stubborn problem;<br />
and failure to notice changes in situations.<br />
In practical terms, this means that<br />
people aren’t functioning as well as<br />
they should in everyday situations<br />
such as planning a project, responding<br />
to a cyber-attack, debugging an application<br />
or monitoring network operations.<br />
Spread thin by staff reductions, and<br />
losing formerly productive time to diversions<br />
such as extra security delays in airports,<br />
people are putting in 10-hour and<br />
even 20-hour days for what used to be<br />
considered 8 hours’ pay. That may not<br />
be as good a deal for the employer as<br />
it first seems, if the extra hours represent<br />
neutral or even negative contributions.<br />
Yes, it’s great that people can work<br />
at any time, from anywhere, but sleepdeprived<br />
zombies aren’t the shock troops<br />
40 eWEEK n MAY 26, 2003<br />
of enterprise success—whether they’re<br />
“the wired” of Glenn’s poem or not.<br />
International operations can approach<br />
the 24-hour day as a relay race, rather<br />
than a marathon. IBM, for example,<br />
has adopted a two-shift approach to some<br />
of its software development efforts, with<br />
teams in Seattle setting daily work<br />
specifications for offshore teams in India,<br />
China, Latvia and Belarus. Overnight offshore<br />
development returns product to<br />
Seattle the next day for review, and the<br />
cycle continues.<br />
The company says this process<br />
reduces development cycles by 35 percent,<br />
yielding time-to-market benefits<br />
that are worth even more than the reduc-<br />
tions in development cost. Note well that<br />
this is not about stretching a given number<br />
of people across a greater number of<br />
hours: It’s about taking advantage of<br />
the 24-hour day in operations that circle<br />
the globe.<br />
The problem with success stories like<br />
this is that smaller companies may feel<br />
that they must do likewise. I’m reminded<br />
of former Avis CEO Robert Townsend’s<br />
warning that some corporate behaviors<br />
don’t scale well from large to small organizations.<br />
The smaller company that<br />
decides to open an office in Bangalore,<br />
or outsource some of its operations to<br />
a contractor in Tel Aviv, may find that<br />
it has blunted its competitive edge of<br />
being able to get close to its customers<br />
and thoroughly understand their needs.<br />
Being just like IBM, only a hundred<br />
times smaller, is like being a miniature<br />
elephant in an ecological niche that’s better<br />
suited to a fox.<br />
In organizations of every size, managers<br />
need to avoid letting IT push their<br />
people across the line that separates anytime/anywhere<br />
flexibility from all-thetime/everywhere<br />
expectation. When<br />
intermediate deadlines start being<br />
regarded as purely pro forma, and everyone<br />
knows that the real schedule<br />
squeezes three days on the timetable<br />
into a 24-hour all-nighter at the end of<br />
every product cycle, that’s a cultural<br />
problem that has to be solved by cultural<br />
forces. When managers treat<br />
crash-and-burn schedules as a sign of<br />
commitment and not as a problem to<br />
be fixed, that’s a cultural force that<br />
PETER_ COFFEE@ZIFFDAVIS.COM<br />
Sleep-deprived zombies aren’t the shock<br />
troops of enterprise success—whether<br />
they’re wired or not.<br />
pushes in the wrong direction.<br />
C. Northcote Parkinson was right:<br />
Work does expand to fill the time<br />
available. IT can make that available<br />
time appear to be “all the time.” I’m not<br />
saying that our e-mail systems need a<br />
curfew. I am saying that the human side<br />
of management includes making it clear<br />
that you want good hours, not just more<br />
of them. ´
NEWS&ANALYSIS<br />
SPARC workstation<br />
is going mobile<br />
By Jeffrey Burt<br />
Tadpole computer inc.<br />
is making good on its<br />
promise to extend beyond<br />
its high-end Unixbased<br />
desktops with a line of<br />
less expensive mobile computers.<br />
The Cupertino, Calif., company,<br />
whose primary customer<br />
base has been<br />
government<br />
agencies, is<br />
shipping<br />
the first of<br />
these products,<br />
a 64-bit<br />
Unix mobile<br />
workstation<br />
called the Spar-<br />
cle.<br />
The new notebook<br />
is binarycompatible<br />
with<br />
Sun Microsys-<br />
The<br />
Sparcle<br />
notebook has a<br />
fast chip and low price.<br />
tems Inc.’s SPARC chip technology<br />
and Solaris operating<br />
system. A high-end<br />
version offers a 650MHz<br />
SPARC IIi chip, 2GB of<br />
memory and an 80GB hard<br />
drive. It weighs in at 6.5<br />
pounds, offers up to 3 hours<br />
of battery life and comes with<br />
StarOffice productivity applications<br />
installed, said Tadpole<br />
officials.<br />
They said the Sparcle<br />
should not be viewed as<br />
just a notebook but more as<br />
a server with notebook capabilities<br />
that can run Java<br />
applications. In addition, a<br />
CPU-sharing technology lets<br />
users run tasks in a background<br />
mode via a wireless<br />
802.11b Wi-Fi network.<br />
The new laptop will be<br />
available in several models<br />
that range in price from about<br />
$3,000 to $6,000—about<br />
half that of Tadpole’s earlier<br />
least expensive notebook, the<br />
SPARCbook 5000. The average<br />
price of a Tadpole product<br />
until now was $25,000<br />
to $30,000, officials said.<br />
“The opportunity here is<br />
to leverage the technical<br />
piece and get a product out<br />
there to the market, and a big<br />
step in that is the price,” said<br />
Mark Johnston, president<br />
and CEO of Tadpole.<br />
Though Tadpole traditionally<br />
works in<br />
the Unix space,<br />
officials<br />
said the<br />
company<br />
will keep an<br />
eye on how Intel<br />
Corp.’s 64-bit<br />
Itanium chip and<br />
Advanced Micro<br />
Devices Inc.’s 64-bit Opteron<br />
processor develop and<br />
will consider them in the<br />
future.<br />
The Sparcle’s support for<br />
64-bit processing is a first for<br />
a mobile workstation, said<br />
Kate Sullivan, an analyst with<br />
International Data Corp., of<br />
Framingham, Mass. Others,<br />
including Dell Computer<br />
Corp., Hewlett-Packard Co.<br />
and IBM, offer only 32-bit<br />
systems. As a result, Tadpole<br />
will find its customers<br />
among companies such as<br />
oil and gas firms that run 64bit<br />
Unix workstations and<br />
haven’t yet ported their work<br />
onto Linux or Windows, Sullivan<br />
said.<br />
Tadpole “will be trying for<br />
different customers,” Sullivan<br />
said. “Sixty-four-bit is a<br />
very special requirement.” ´<br />
eWEEK � MAY 26, 2003 41
NEWS&ANALYSIS<br />
<strong>Cisco</strong> switching gears<br />
UPGRADES, COST CUTS<br />
KEY TO ITS STRATEGY<br />
By Paula Musich IN SAN JOSE, CALIF.<br />
<strong>Cisco</strong> systems inc.’s strategy<br />
for switching—which<br />
makes up 41 percent of<br />
the company’s revenues—<br />
includes a number of planned<br />
upgrades as well as efforts to<br />
streamline product development<br />
and reduce costs, according<br />
to company officials here.<br />
Most new developments<br />
focus on the high-end Catalyst<br />
6500 chassis switch,<br />
although many innovations<br />
trickle down to other switching<br />
platforms from there,<br />
according to Charlie Giancarlo,<br />
senior vice president<br />
and general manager of product<br />
development at <strong>Cisco</strong>.<br />
<strong>Cisco</strong> is focusing its innovation<br />
efforts on continued<br />
manageability improvements<br />
for this year and beyond—<br />
especially on centralized management<br />
functions that can be<br />
“pushed out” to remote sites,<br />
according to Andy Bechtolsheim,<br />
vice president and general<br />
manager of <strong>Cisco</strong>’s Gigabit<br />
switching business unit.<br />
Most often with security<br />
functions, “there is a shortage<br />
of experts,” Bechtolsheim<br />
said. But <strong>Cisco</strong>, through its<br />
experience running a large<br />
global network, can “advise<br />
customers on how best to<br />
organize the security functions,”<br />
he said.<br />
Bechtolsheim acknowledged<br />
that <strong>Cisco</strong> is working<br />
on more global authentication<br />
systems that can better safeguard<br />
company secrets from<br />
internal threats. For such protection,<br />
a multilayer system is<br />
required to ensure the right<br />
people get access to appropriate<br />
information.<br />
In tackling configuration<br />
42 eWEEK n MAY 26, 2003<br />
management, which will<br />
become more complex as<br />
<strong>Cisco</strong> adds more switch functions,<br />
Bechtolsheim said<br />
<strong>Cisco</strong>’s goal is to automate<br />
setup, configuration and maintenance<br />
“as much as we can.<br />
We want to give a single person<br />
a view of the whole thing.”<br />
In switch architecture, Luca<br />
Cafiero, senior vice president<br />
and general manager<br />
of switching, voice and storage,<br />
outlined <strong>Cisco</strong> investments<br />
in high performance.<br />
Cafiero said that a new chip,<br />
code-named Sacramento, will<br />
contain 180 million transistors<br />
on a single chip—four<br />
times as many as that of the<br />
On tap at <strong>Cisco</strong><br />
Pentium 4 chip at the same<br />
size. That is among 29 other<br />
application-specific integrated<br />
circuits in development at<br />
<strong>Cisco</strong> today, Cafiero said.<br />
<strong>Cisco</strong>’s new Catalyst 720<br />
Supervisor module delivers<br />
for the Catalyst 6500 chassis<br />
the ability to support 40G-bps<br />
throughput per slot today.<br />
Cafiero said he expects to be<br />
able to double that to 80G bps.<br />
The time frame for release<br />
of such capability is dependent<br />
on customer demand,<br />
he added.<br />
Cafiero, as an aside, said<br />
he does not expect to see<br />
Ethernet data rates increase<br />
by another factor of 10—<br />
breaking into 100G bps, but<br />
he does expect to see 40G bps<br />
in the next two years. ´<br />
SPSS, SAS take predictive paths<br />
By Dennis Callaghan<br />
Data mining stalwarts spss inc. and sas<br />
Institute Inc. are each planning to add<br />
more predictive capabilities to their<br />
respective Web analytics software offerings.<br />
SPSS announced last week a product called<br />
Predictive Web Analytics, which will combine<br />
the Chicago-based company’s NetGenesis Web<br />
analysis software with its flagship Clementine<br />
data mining software.<br />
SAS, of Cary, N.C., is developing a bundled<br />
offering of its own, to be known as SAS Web<br />
Analytics. It is expected to be generally available<br />
by the second quarter of next year, after a<br />
limited test rollout in the first quarter. The application<br />
is expected to combine elements of<br />
five existing SAS products to enable predictive<br />
analysis of Web site visits, officials said.<br />
Most Web site analysis tools have usually<br />
focused on historical analysis of visitors’ activities<br />
at the site, such as page views, clickthroughs,<br />
and the sites users came from or went<br />
to. But predictive capabilities could take that<br />
analysis and build customer segmentation models<br />
that could build better sites and marketing<br />
campaigns, as well as e-mail marketing<br />
campaigns, to generate maximum response.<br />
SPSS’ Predictive Web Analytics will add<br />
Clementine’s data mining engine to<br />
NetGenesis Web analytics so that users will<br />
be able to detect patterns in large volumes<br />
� Manageability enhancements<br />
for the Catalyst 6500<br />
chassis<br />
� Sacramento chip to contain<br />
180 million transistors<br />
� Catalyst 720 Supervisor<br />
module for the Catalyst<br />
6500 to support 40G-bps<br />
throughput<br />
of Web data and predict the best way to<br />
serve customers via the Web, officials said.<br />
Clementine performs advanced predictive<br />
analysis on customer behavior data in the Net-<br />
Genesis eDataMart and reports the results of<br />
that analysis to the NetGenesis reporting environment.<br />
Users of Predictive Web Analytics will be<br />
able to segment site visitors based on their<br />
behavior; detect content and product affinities;<br />
identify the most significant paths taken<br />
through a Web site; and predict visitors’<br />
propensity to purchase, view particular content<br />
or to churn, officials said.<br />
Predictive Web Analytics is available now,<br />
with pricing starting at $135,000 plus services.<br />
SAS, meanwhile, is developing a bundled<br />
solution for predictive Web analysis that will<br />
offer similar capabilities. While the company<br />
already delivers predictive Web analysis<br />
through its IntelliVisor hosted services for specific<br />
vertical industries such as pharmaceuticals<br />
and financial services, this bundled<br />
solution will add predictive capabilities to SAS’<br />
WebHound Web analysis tool, officials said.<br />
Plans call for SAS Web Analytics to include<br />
technology from WebHound as well as SAS’<br />
Enterprise Miner, Web Report Studio, Portal<br />
and Interaction Manager applications, although<br />
the exact product bundling has yet to<br />
be determined, officials said. ´