Now landed back in the UK after yet another very impressive VMworld event (3.30am start for a 5.50 flight – ouch!). It has been a whirlwind few days of executive meetings (a number of really fundamental catch ups), extremely concise and well-formed session content from the VMware team (congrats to all) and potentially our best customer event yet (every year we invite a number of our key customers to spend time with us at VMworld – with nearly 200 people at the Computacenter event I think you can say it was a success).
This VMworld may prove to be a watershed event. VMware reinforced the perspective a software defined future is no longer optional but instead the “new normal” – now. The business agility and operational flexibility essential for ongoing success through the current ever changing digital age is forcing enterprise IT environments to “act like code” to deliver services, consistently at warp speed. Common to other VMworld events, the VMware team demonstrated the technology is ready (and it has been for quite a while), but human inertia continues to stall the growth of the software defined enterprise as the very last few points of concern are digested and overcome.
NSX (the VMware advanced software defined networking layer) is moving from the background to a centre stage role in the VMware enterprise transformation strategy. As the digital data transport layer that simplifies and optimises traditional networking, delivers a policy based pathway from private, through hybrid to public cloud and back plus enhances security along the way – NSX may offer VMware one of the real keys to the enterprise kingdom. But this event wasn’t all about networking, major enhancements to core VSphere to make it enterprise robust but cloud ready arrived on mass and the additional light shone on the devops world with greater support for containers, workflow and API driven operations ensured a welcome and steady stream of impressive announcements.
The arrival of such a blur of product updates and developments are timely. I noticed a change in attitude and tone with the mass of attendees at this VMworld cramming into the rooms of the “how” sessions no longer deliberating over “why and when” – I think they are now ready!!
Does this sign post a VMware only world to realise the enterprise software defined IT dream, definitely not with the vendor village of eco system partners and past and present competitors all offering valuable services and solutions to enable effective completion of the software defined jigsaw puzzle. But it is clear VMware are leading the charge as they have been for many years and present a compelling end to end, top to toe story of software led transformational business change.
I think the needle has now shifted and the brave new world of enterprise IT still running on high performance hardware, but defined dynamically by software is now upon us and will deliver the hybrid cloud digital super highway that will propel businesses forward both now and into the future. Job well done VMware, the stage is now set for partner, customer and industry cast members to act.
Until next time
Chief Technologist Computacenter UK. Networking, Security and collaboration.
I have spent nearly 30 years in this frenetic but captivating IT industry. The mainframe presided over an era of computing where machine ruled man – we stood in awe of the immense power but in reality were not truly sure, capable or “ready” to harness it. The mini computer or baby mainframe followed and even with so much potential and an audience with the desire to unlock the magic within, missed the mark with the result a short lived tenure. But all was not lost and the door soon opened to a world of IT in the eighties kick started by IBM and Microsoft that still underpins the mode we embrace today. The personal computer (PC) and eventually the PC networking era signalled a change from intelligent IT systems and intelligent humans interacting in a less than harmonious existence to the computer and human in lock step. For the first time there was no dominant IT system looking down on the subordinate human, but a computer driven by the person for the person – personal computing was born. And with vastly simplified networking between computers and devices the intelligence of PC based IT systems, driven by human creativity delivered real value that was enhanced exponentially by the sharing that occurred amongst IT system users
But why the rambling, chronicle – a common thread throughout those heady and ever changing times was the need for continual learning and the creation of seemingly infinite knowledge. It was hard to academically and intellectually absorb so much unknown, with the emergent IT concepts nothing previously discussed or envisaged. It was that painful effort to know and then by knowing “do” (not always well, but still “do”) that helped to drive IT as an industry to where it is now, fundamental to both social and business outcomes.
However I fear things are starting to change and through this current time window, not all of the change is for the better. The availability of just enough knowledge and insight delivered via the world’s great search engines (invaluable) and the accessibility of “just enough” knowledge in digital form at every juncture may well have resulted in a state of “knowledge” malaise across the IT community. With an ageing population still coupled in many areas to an internal knowledge set from a previous era but with a depth of tacit experience that will be invaluable to future generations and a incoming worker population from the digital era bought up on the stable of “just enough” infinitely available knowledge we have a recipe for confusion (and in some cases failure).
This modern mode of “just enough” knowledge with a lacking human investment in really “knowing” to the level of depth required, may force IT through a period where the struggle for skills reaches a level more acute than it is today. Let me say at this stage I am not inferring laziness or delinquency on the part of the IT community I am also a part of. But I am worried the profoundly new skills required for the next 3 to 5 to 10 years have been underestimated by many (many are soft and emotional skills) therefore the long run up required to realise them no longer exists.
If you are an IT professional to any degree, ask yourself “do I have the technical understanding and tacit knowledge to remain effective and productive over the next five years?”. Many will answer “yes” but based on a cursory review of everything their undertake today remaining constant and relevant – however I fear it will not as we may embrace a greater level of IT, process and operational change in the next five years than the previous ten or fifteen.
There has been no better time (how many times have we said this) than now to reskill, “right skill” to lead the IT industry of today into an unknown but potentially lucrative tomorrow. It will require inspirational leadership, a relentless focus on learning and a maniacal desire to turn all of the learning into “new, relevant knowledge”. And that knowledge may be created and unlocked via a healthy amalgam of older experienced heads coupled with younger energised hearts – surely a recipe for long term success. Who knows, maybe this is the secret sauce we have always been looking for?
This brave new world won’t happen if we stand back and watch and wait – it’s time to get involved.
Until next time.
Chief Technologist Computacenter UK – Networking, Security.
(Doctoral student Worcester university 2016)
I started 2016 in bullish form with predictions for security based on the lows and highs of 2015. I touched on two on the many market catalysts set to transform both today and tomorrow’s worlds, enterprise mobility and the Internet of Things but highlighted I would mention three more. Part two of my security outline kicks off with my final three security focus areas for the first half of 2016, journey to the “cloud”, security for the SDDC and the need for intelligent people to “act smart”.
The enterprise journey to the cloud continues to be hindered by concerns robust enough to offset the unquestionable benefits. If enterprises are already challenged to secure local environments that benefit from additional levels of physical control and proximity, why would the need to secure information flowing through an external often multi tenanted service provider not highlight similar (and different) challenges. Pre 2016, it was straightforward for enterprises to deliver a blanket response “we don’t use the cloud” often citing security concerns and with no need for further explanation, but with shadow IT research validating authorised and unauthorised cloud usage exists whatever the policy, neither authority or ignorance seems to matter.
It’s therefore time to go “back to basics” and remove years of accumulated assumption of business functions and application flows and replace it with rigorous understanding. With a revisited / restated view of people, process, application flows controls and compliance expectations, “what” can be delivered via the cloud becomes clearer (“how is a whole different ball game”). Whether via internal or external assessment or audits, enterprises must obtain a robust and realistic “current state” view to calibrate the cloud trajectory and thus maximise the business benefits of cloud service delivery. This common sense view is my consistent response to mute the many often unfounded concerns of cloud service delivery or published negative cloud consequences. And I frequently pose the question “Can you really tell me now restated for now, the who, what, how of your business IT operations & applications calibrated by relevant controls”? If the answer is no, effective security for the cloud journey may have no effect at all. Time for change to make cloud service delivery a consistent, secure reality.
Following on from the cloud is the software defined datacenter (SDDC) snowball that continues to gather pace. SDDC ideals are no longer if or when for enterprise organisations with substantial workloads or IT services already delivered primarily via software elements. It’s the dynamic, frictionless, highly agile operational persona offered by a predominantly automated software driven environment that holds so much promise. But common to every “must have”, “must do”, “next big thing”, IT trend is the “what about security” question?
First off, will be a straightforward perspective – “avoid the security retrofit”, time for a security reset. Security must be the core deliverable of the SDDC outcome therefore can never be deemed an add-on or optional extra. When application dependencies and process workflows are in early draft mode (potentially in the earlier stages of the development cycle) the security expectations must be identified, qualified and externalised. Deferring security to later phases or accommodated via an assumption of inherent safety delivered by default is fundamentally flawed as applications and workloads become increasingly fluid in location and state.
A silver bullet of the SDDC ideology is the potential and proven reality of security moving always from a perimeter based ideal to an intelligent functional state as close to the workload as possible (in fact the workload is no longer a workload to be secured, but instead a “secure workload”). This new attitude to application and workload delivery must drive a “blank sheet of paper” review of security to ensure one of the most compelling benefits of the SDDC journey can be fully realised. An enterprise journey to the cloud presents the long overdue opportunity (and investment) to “get security right” – use it, don’t lose it.
And lastly its “people time”. The rise and rise and continued rise of the digital enterprise will fundamentally shift the way business services are operated, consumed and ultimately secured. We are venturing into the unknown and therefore wrestling to find answers to an endless stream of security questions. But is this state really unknown, I suggest not. The “enterprise” digital enterprise may be no more than the digital DNA already the vital fluid of the modern social network driven arena spilling over to and thus redefining the enterprise. Create and destroy data information instantaneously, join and graft multiple and previously unconnected data sources together to create new insight / new opportunities, always on, always now – isn’t this the digitisation defined “social world” already our norm.
And possibly with that Eureka moment appears an equivalent reality check, we still haven’t solved the security problem (s) in the digital social network world, in fact we at times we are not even close. And the main reason – “people”. As technology improves (both systems and security) people reduce their level of vigilance & diligence and increase their expectation that the “system will deliver protection”. Nothing could be further from the truth. I fear we may arrive at a state where there is little more that can be done from a security systems based neural or autonomic perspective. In other words, we have put as much logic and decision making in the system to determine and remediate as much as it can from a security perceptive in an acceptable timeframe. And then what or who is left in the chain as the primary attack vector, the same primary attack vector that has always existed – “people”.
Which drives me to highlight that 2016 may be the year enterprises revisit and reinforce the level of individual accountability that all system users are vigilant, diligent and aware of the security implications of their actions. Or sadly those same users may be affected by the double edged sword of compliance and personal liability. This is a step change forward from the never read acceptable use and security policies. Tough talking and a disappointing road to traverse, but the enterprise may no longer have a choice – systems cannot secure the organisation alone. With flexible working, dynamic workplaces, fluid workloads set to be a normal business state, every corporate endpoint whether human or system has the same responsibility to evaluate and maintain a company desired security state.
And this closes the security predictions overview for the first part of 2016. Whether it’s the increasingly mobile user or interaction with intelligent devices or “things” or dynamic services delivered by highly innovative new market entrants, optimum security will ensure the unquestioned benefits of this increasingly “digital” world arrive with minimal sting in the tail. I am not inferring optimum security has never been important before or isn’t delivered today by highly effective practitioners, it is and that fact it is, minimizes the negative consequences only a mouse click away. But everything we have delivered before is now under attack in a manner beyond our traditional level of understanding with the result it’s time to “deliver now” but with tomorrow’s expectations in mind. Time to change (ps, I am not advocating “patch management” for people – or am I?).
Until next time
Chief Technologist Computacenter UK, Networking, Security and Digital Collaboration.
The Software defined datacenter (or enterprise) is now the must have discussion topic within the enterprise IT arena. It describes the evolution of IT services and solutions to leverage the power and flexibility of software to drive ever changing business outcomes.
But has anything really changed, hasn’t software always supplied the intelligence to hardware, whether it’s microcode on a piece of firmware, software that programs hardware dynamically, a basic operating system or ultimately a front-line application. In a word, Yes – but this time things may be slightly different. Software defined to varying degrees incorporates all of the above but this time with the onus on maximising the intelligence within software (and the speed new or different intelligence can be add in cycles a magnitude quicker than a hardware orientated design) and for many reducing the intelligence within hardware.
But as software defined starts to gain real momentum with valid use cases more prevalent, many of the earlier perspectives are shifting. The Holy Grail may not be a world of intelligent software and dumb hardware but smart everything (both hardware and software). The key to real software defined success moving forward, is an IT landscape built via systemic thinking delivering almost living or neural IT. This infers the need for greater intimacy between software and hardware, real intelligent intimacy that uses intelligence to be “intelligent”.
Picture a modern smartphone – at present one of the best exponents of software and hardware working tightly in sync to deliver an end user experience (or service). Now think again at the real market leaders in the mobile space, emotion aside aren’t they the vendors where software and hardware (and both are highly optimised) operate in such a seamless and simple manner that enhanced agility and productivity become a by-product of it.
Does this challenge and dilute the possibly over hyped dreams of cost reduction and normalisation aligned with the software defined moniker, not really as commoditisation, the increased speed of virtually everything and improved inherent reliability within modern IT elements are resulting in more for less more often. But for software defined to really be the road ALL traverse, the magical amalgam of software and hardware working together with a level of almost human intimacy and intelligence is the journey that will compel the masses to join and accelerate.
Times are changing, changing times.
Until next time
Colin Williams is a Networking, UC and Security Chief Technologist for Computacenter. Please note the the content of this blog reflect the personal perspective of Colin Williams and not necessarily the viewpoint of Computacenter UK.