vmware will benefit from the long tail
At vmworld 2009 one of the big announcements was the acqusition of Spring Source and how VMW was moving up the stack to provide platform as a service. One sees the power of platform as a service in action: for me personally it is the google app engine. If you want to write a python app or a java app the google app engine is a good place to start and definitely beats having a server hosted at ec2 and managing it. Not to mention that its free.
So the question is that if platform as a service becomes big, will vmware be the winner. It’s an interesting question and is driven by two parameters. First how many platforms will really exist. If the number is small, then the platform itself could support multi-tenancy. This has happened for example in databases and to some degree in python and java also. However if the number of platforms is large then mult-tenancy in the platform itself become more unlikely. From a performance perspective multi-tenancy in the platform will give you an order of magnitude more density than a fully virtualized stack. If we have a long tail of platforms that people develop for, vmware becomes more powerful.
The second parameter has to do with templatization and scalability. One of the biggest drawbacks of the platform providing multi-tenancy is the fact that it needs to be standard across all users. One user can’t have python 2.5 and another 2.6 on the same machine atleast. Usually the platform providers are slow to provide updates and new modules. In the traditional shared hosting world (at an infrastructure level) needing a customized environment was one of the biggest drivers to get your own dedicated box.
So one would say that yes thats why a virtualization stack like vmw will win: because people want customization. But here again customization and scalability are at cross-roads. Platform as a service has to provide scalability under the covers (otherwise its not PAAS it’s just IAAS with content). To provide scalability you have to templatize. It is impossible to support clusters of heterogenous nodes. Or even support clusters (logically speaking) where the customer has customized the configuration.
If the application is very large then you will cross over the customization boundary leading the applicaiton to be managed inhouse and the provider offering IAAS. If its too small the economics will drive it towards platform multi-tenancy. The ground in the middle where its larger than a single machine, but smaller than the largest is where PAAS should win, where the user gains more and gives up less. These parameters imply that if the market evolves in a manner where there is a long tail of platforms that can become the vmware sweet spot.
Re-branding netbooks: portable thin clients
There is a lot of debate about whether netbooks are enterprise ready or not? On the other hand the thin-client market is red hot. Tarkan, CEO @ Wyse mentioned that last year was their best every and this year is 40% higher, mind you in a down economy. NeoWare, now part of HP, is also doing really well. Originally the thin client market was primary task workers, but their base inside the enterprise is growing.
Netbooks on the consumer side are also hot. So if you combine the two trends, you get portable thin clients. Now what would be really cool, it will also get rid of all the negatives that are percieved in using netbooks in the enterprise. The odds are weighted in its favor. It also aligns with the VDI, Greep Computing, Save Money bandwagon really nicely.
From a price point perspective it makes sense: netbooks are 300-400 range, so are thin-clients (200-300). In addition thin-clients require a screen, keyboard and mouse (and ofcourse they are not portable). The one thing I don’t know is how durable netbooks are versus a thin-client as that can effect ROI. But I think if you make the employee owned, the durability will be the same. At 300 $ it is the price of a higher end phone.
From a consumer point of view, there are also interesting things you can do: yesterday I was in the car and it occured to me, that the GPS should probably be replaced with a netbook. The number of apps on these would explode with google maps etc. In addition location aware services could have a whole new meaning. The only differentiating feature that a GPS has today is aesthetic and touch screen. Some of the stylish netbooks are pretty cool.
Prediction: employee owned netbooks will become tomorrow’s portable thin clients!
Cloud Flavors
Filed under: Virtualization | Tags: .net, cloud, ec2, IAAS, java, PAAS, python, SAAS
Comments (2) 
Software as a Service (SAAS)
Salesforce.com (sales application)
wush.net (svn)
Platform as a Service (PAAS)
Java
Google App Engine
Rails
Joyent
Heroku
EngineYard
Python
Google App Engine
http://wiki.python.org/moin/PythonHosting
.net
Azure
Infrastructure as a Service (IAAS)
Amazon EC2
vmworld 2009: esx backup and recovery
Filed under: Virtualization | Tags: quest software, esx, backup, vranger, chris wolf, burton group
Leave a Comment I walked into a session by Chris Wolf @ Burton Group by mistake. I was looking for Trend Micro’s session on securing virtual environments. So here I was deciding whether to leave or not … and I noticed that the room was full and more people trickling in. Wow for backup? We know its important, but isnt it a solved problem?
Chris seemed very knowledgeable about the topic! The audience was taking copius notes. I was sitting there stunned. Here we enterpreneurs are thinking of the next big thing, most of these folks are struggling with basic stuff. In addition I learnt the following:
- A show of hands for how many people are running ESX vs ESXi had 20% with ESXi, which Chris claimed was very high!
- A lot of people were using vRanger for backing up (vranger was from visioncore acquired by quest software)
- There is no equivalent for VSS for linux. This makes doing backup for linux very difficult for linux guests. How are all those people backing up linux machines on EC2?
vmworld 2009: cisco ucs
It was amazing to see the Cisco ucs racks powering the 37000 VMs used for labs etc at vmworld. Before seeing the hardware it was not really clear to me, what is the UCS stuff, and why is Cisco doing this.
I learnt two things, first that Cisco for the first time in their history was not getting invited to data center deals! Thats shocking. The customer behavior has changed when they are building data centers, they are buying things by the rack, not server by server. So if you bought a rack from HP it was HP’s choice what switches and storage they put in it, and since HP oem’ed something else, Cisco was not getting invited. So this is as much a defensive move as it is an offensive move from cisco. It has also has implications on M&A as you would expect that storage would go the same way.
It still wires and hardware right? Well my other learning was that the sever is now an XML file! yes if you think that the PCI bus has been extended and now connects from a blade to a switch, as do the ethernet and storage ports. You can give a XML description which will translate into commands to the switches and can give you a server on the fly. If the switching is good enough you would not know the difference.
Solidcore FIM with EPO is in the works…
Filed under: PCI | Tags: File Integrity Monitoring, FIM, McAfee, MFE, PCI, tripwire
Leave a Comment I heard from couple of customers that they heard from our competitors that non-security products from Solidcore will not be supported by MFE going forward. This is completely UNTRUE.
We are busy integrating our FIM (file integrity monitoring) into EPO. This will be a 100% integration and will make it very easy for all MFE customers to use FIM with EPO to meet their compliance requirements.
We will release a technology preview of this capability soon for all to see and play with. In addition to real-time FIM that solidcore offered earlier, now you will have the power of EPO and integration with other reporting and search to give you a one-stop compliance, risk and security dashboard.
If you would like an early release feel free to contact me.
Understanding the McAfee (MFE) Power
Just before Solidcore was acquired by MFE, I went to hear Dave Dewalt’s (or DDW as he is called inside MFE) keynote at RSA. To be honest with you, I couldn’t understand what he was talking about. He was giving the analogy of weather and these global sensors and while the analogy kind of made sense but, most people I felt did not connect with what he was saying.
Today one of our customers was visiting and I was sitting through the executive briefing, mostly to learn about the different MFE products. And I had an epiphany, DDW’s talk suddenly made complete sense to me and it struck me that the vision was not only very powerful, but somehow the CEO had managed to get everyone in the company to think in the same direction.
The epiphany came from someone in the Network BU saying that a very large customer recently had a denial of service attack. The sites protected by the MFE firewall were not affected at all since they dropped all the packets. Why did they drop all the packets? Well the source IP addresses belonged to a set of servers which had been flagged as sources of spam over a year back. And I said WOW!!! Several amazing things happened here, the intelligence collected from the SPAM gateway was used to generate rules understood by the firewall appliance over a period of over 1 year. WOW!!!
Now it makes sense, you have so many security point products, and there will continue to be more, they all make decisions about good and bad. In some way they block the bad and let the good happen. Now they can share their definitions of good or bad with each other. In addition they can also share “maybe” — I dont know whether its good or bad. By using different dimensions of good or bad a more complete characterization can be developed.
The obvious question to ask is “who” are these attributes characterizing. For example in case of a firewall, they were characterizing the IP address. In case of SiteAdvisor they are characterizing a web site or a domain. They make be characterizing a user where a user is defined by an “web email address” or a “login id” or “a facebook/twitter id”. Or it could be an application such as the case for whitelisting. Or it could be a computer.
The last part of the piece that fell into place for me was why couldn’t somebody do this and go after MFE. After all it seems obvious once you know it. And the answer which popped up was its because of “history”. Imagine you want to open a credit rating service. It would be no good if you did not have the historical data for all the transactions that a person had done. Similarly MFE has historical data for websites, IP addresses, programs going back 2 decades. That you can’t buy and is one of the crown jewels that the company owns. As we begin to see the transformation of that data to build out intelligence and a more complete picture of the “trust model” this company has a long way to grow.
Symantec versus McAfee
Filed under: Kitchen Sink, Who Buys Who | Tags: McAfee, MFE, symantec, SYMC
Leave a Comment Great Article
http://harbor.typepad.com/analysis/2009/07/symantec-vs-mcafee.html
Symantec (SYMC) and McAfee (MFE) are software companies known best by consumers for their antivirus packages. Symantec is the market leader in almost every segment it operates in, whereas McAfee is generally number two. Partly due to recent strong revenue growth and partly due to an aggressive marketing strategy to get its software installed on computers by the original equipment manufacturer, McAfee shares are trading at about twice the earnings multiple of Symantec. Given that Symantec has historically outperformed McAfee, McAfee’s strategy is risky, and the current valuation implies that McAfee will outperform even beyond the horizon visible to analysts, I see an interesting long/short opportunity.
Overview of Thesis
SYMC and MFE are nearly identical companies with the primary difference being that Symantec is larger and involved in data storage, management, and backup. The key short-term strategic difference is in growth strategy. A few years ago, SYMC seemingly choked on the acquisition of Veritas, a large data storage and management company, but they have since been able to integrate Veritas into a coherent Symantec. During this integration process, McAfee has been able to gain market share by bundling software into easily used suites for consumers and small businesses, a trend SYMC missed in 2006. MFE is now attempting to steal market share from SYMC by entering into agreements to have a free-trial of MFE software pre-installed on PCs. While management and many analysts are optimistic that this will produce strong results, the long-term benefits are limited. The average user that pays for antivirus software after a free-trial period remains a customer for approximately three years. If SYMC decides they are loosing valuable market share to MFE’s OEM strategy, they can simply compete by offering OEM’s an equal or better deal than that offered by MFE. Oligopolies naturally form for a reason, and number two players generally don’t have much success waging turf wars against the number one players by spending more money on distribution. MFE doesn’t have any sort of a long-term competitive advantage with the OEM strategy. However, SYMC has an established data storage and management business that offers something unique to customers and will take a while for competitors such as MFE to duplicate.
Analysts’ forecasts for revenue growth from 2008 to 2010, according to Bloomberg, are 29% for MFE (65% earnings growth), and 4% for SYMC (22% earnings growth). This leaves MFE trading at 23x 2010 earnings, compared to 14x 2010 earnings for SYMC, indicating that either McAfee will outperform well beyond the horizon visible to analysts or they will grow earnings by more than 65% over the next two years and maintain it.
To read more: http://harbor.typepad.com/analysis/2009/07/symantec-vs-mcafee.html
XPM & Business Models
As some of you might be aware Microsoft has announced (you can download it) windows XP mode, which is a virtual machine with fully functional XP SP3 & free. It makes sense for MSFT to give this for free, because it helps you migrate to windows 7 faster (or atleast that is the theory). But what about vendors who have software for XPM, backup, security, vpn, compliance among others?
Its a difficult one because with the precendent that MSFT has set, customers would expect that you charge for windows 7 but give the functionality in XPM for free. In reality vendors may have to do a lot of work to make the solution work well inside XPM for the solution to really work well.
The other angle is that a lot of customers have enterprise agreements. So if you customer is on an ELA or equivalent does it really matter. Most likely XPM will be used by the largest organizations which have custom applications. These are the same customers for which applicaiton virtualization didn’t work well, because the custom apps broke the app level virtualization.
I have not seen any pricing come out yet for XPM but will keep you posted!
