IBM and Microsoft seeing a (virtual) appliance future?
Microsoft recently hired an IBM Fellow named Don Ferguson to be an office-of-the-CTO type. In his last blog post at IBM, he outlined the top ten issues he saw in his area over the next five years. #1?
Software appliances and SW configurations integrated with virtual middleware
You can see the whole list here. Here’s more about Ferguson and his role.
| Categories: Computing appliances, IBM, Microsoft, Platforms, Virtualization | 1 Comment |
Guide to my recent research on computing appliances
My recent flurry of research into computing appliances was spurred by a column I just submitted to Network World. In that column there’s a URL – pointing to this post – promising a guide to more details on that research. Thus, here’s a set of links to my posts of the past few months on computing appliances, both here and on DBMS2.
Half or more of the computing appliance vendors I’ve looked into follow very similar hardware strategies: They use mainly standard parts; they include uncommon but off-the-shelf networking (and sometimes encryption) accelerators; and they of course optimize the mix of those parts and general hardware architecture as well. (EDIT: I actually gave names to three strategies — even if they were just “Type 0”, “Type 1”, and “Type 2” — in this overview of data warehouse appliance vendors. And in another post I considered arguments about whether one would want a data warehouse appliance at all.) Examples I’ve posted about recently include – and I quote the forthcoming column – “DATallegro and Teradata (data warehousing), Cast Iron Systems (data integration), Barracuda Networks (security/antispam), Blue Coat Systems (networking), and Juniper (security and networking).” (ANOTHER EDIT: But I think DATAllegro’s strategy has changed.)
By way of contrast, there’s also a group whose stance is more along “hardware/schmardware” lines. Sendio and Proofpoint (in most cases) don’t really do anything special at all in their boxes; what’s more, Proofpoint actually has significant software-only deployments over VMware’s virtualization layer. Kognitio and Greenplum think their software-only data warehouse offerings are appliance-equivalents too; indeed, Greenplum’s software is sold mainly bundled with Sun hardware (to the extent it’s sold at all), and Kognitio is hinting at an appliance-like offering for competitive reasons as well. Check Point Software plays both sides of the field; it offers its own kind of “virtual appliance,” but also gets many of its sales through appliance vendors. Its most interesting such partner, if not its biggest, is Crossbeam Systems, which in my opinion may very well represent the future of appliance technology.
Crossbeam Systems — the future of appliances?
Crossbeam Systems is the closest thing I’ve found to what is – at least tentatively — my vision of the appliance future. It offers a blade-based computing box that differs from standard boxes in the same direction that appliances typically do. I.e., Crossbeam systems boast beefed up networking, maybe some beefed-up reliability as well, and maybe other beefed-up security processing in the future. Then they offer a software infrastructure (virtualization, robustness, etc.) to let various pieces of software – in Crossbeam’s case, security and security-like tools – run on the box. Read more
Check Point Software’s unusual appliance strategy
Check Point Software is the traditional leader in the firewall market, having seized large market share in its early days by innovating convenient, GUI-based policy management tools. Except in niches, its competitors today are mainly networking giants Cisco and Juniper. (Juniper acquired Netscreen in 2004.) Unlike most other security software vendors, Check Point continues to focus on being a packaged software vendor (but see below). Even so, almost all Check Point software is sold either on appliances or as a “virtual appliance.” I’ll explain.
Check Point started out selling software on Sun boxes and the like. Rather than get into appliances itself, it formed partnerships with hardware vendors who’d roll its software into appliances, and soon a lot of its business came from this channel, especially via Nokia. This strategy has continued, with Crossbeam Systems joining Nokia in providing large chunks of Check Point’s overall revenue.
While not liking to disclose much in the way of revenue breakdowns, Check Point admits that appliances dominate its business at the high end of the market, where high-speed networking, extra reliability, and so on are important (especially the reliability). Appliances also dominate at the low-end, where ease of deployment is crucial. (“Custom” hardware in this case is best represented by an accelerator card called “VPN-1,” made by Silicom, Ltd.) But in the big middle, packaged software is still highly competitive, accounting for (according to outside estimates that the company doesn’t laugh at) half or so of Check Point’s business.
But here’s the thing. Relatively little of that software is still, say, a firewall you can install on a Linux server. Rather, Check Point sells many more firewall/OS bundles, which are (it is claimed) super-easy to install on random Intel-based boxes. These are the “virtual appliances.”* Is this cheaper than a tailored appliance? Well, that depends a whole lot on whether you had an extra box lying around, or whether you have a master maintenance contract with a standard box vendors, and so on. Evidently, many customers think it is, while many other customers prefer physical appliances.
*Check Point also has VMware-based virtual appliances, but so far isn’t getting much uptake of those except for demo purposes.
| Categories: Check Point Software, Computing appliances, Crossbeam Systems, Security and anti-spam | 3 Comments |
Juniper’s integrated appliance story
Juniper Networks acquired super-hot security appliance vendor Netscreen in 2004. At the time, Netscreen’s products were ASIC-based. But as of the 2006 release of its SSG product line, Juniper has come in line with what is pretty much the standard appliance vendor technical strategy. It builds its boxes from standard parts, with the exception of some unusual but still off-the-shelf networking accelerators (most notably an IPsec and encryption accelerator chip from Cavium). It has its own OS, with unneeded services left out both for performance and security. One cool point – Juniper’s security products and routers run in some cases on literally identical hardware, despite having different operating systems, let alone “application” software. The customer can, for example, keep one set of spares for both classes of product. Read more
| Categories: Computing appliances, Juniper Networks, Security and anti-spam | 1 Comment |
Proofpoint and VMware – an apparently non-trivial virtual appliance success story
I talked with Proofpoint today, and got a more positive view about VMware’s virtual appliance strategy than I’ve gotten from other appliance vendors. They cite over 500 downloads in the past couple of months, of which a significant fraction have turned into actual sales. Specific deployment scenarios they mentioned include:
- Demo (of course).
- Tweak, test, deploy – between patches and new anti-spam rulesets, Proofpoint users seem to have a rapid change/test/deploy cycle. Virtualization makes it possible to do that without having multiple copies of an appliance.
- Disaster recovery – this seems to be a big one.
- “Surges” – depending on what the bad guys are doing, one’s need for anti-spam servers can go up and down in a hurry. Virtualization makes it easy to respond.
| Categories: Companies and products, Computing appliances, EMC and VMware, Platforms, Proofpoint, Security and anti-spam, Virtualization | 4 Comments |
Sendio — no effective response to the niche-forever challenge
Sendio is something of an exception to the appliance vendors I’ve been chatting with. There’s nothing particularly unique about their hardware or software architecture, and ease of deployment isn’t a big deal for them either. Indeed, it’s a little unclear to me that they really need to be an appliance vendor at all – but what the heck, they’re in the anti-spam market, and appliances are popular there.
So let’s go straight to their anti-spam technology, which is challenge/response. Read more
| Categories: Computing appliances, Security and anti-spam, Sendio | 5 Comments |
Typical nonsense from SAP
Below, essentially in its entirety, is an e-mail I just received from SAP, today, January 3. (Emphasis mine.)
Thank you for attending SAPs 4th Annual Analyst Summit in Las Vegas. We hope you found the time to be valuable. To ensure that we continue meeting your informational needs, please take a few moments to complete our online survey by using the link below. We ask that you please complete the survey before December 20. We look forward to receiving your feedback.
What makes this typical piece of SAP over-organization particularly amusing is that I didn’t actually attend the event. I was planning to, but after considerable effort I think I finally made it clear to VP of Analyst Relations Don Bulmer that I was fed up with being lied to* by him and his colleagues. In connection with that, we came to a mutual agreement, as it were, that I wouldn’t go.
*and lied about
Obviously, administrative ineptitude and dishonesty are two very different matters, united only by the fact that they both are characteristics of SAP, particularly its analyst relations group. Having said that, I should hasten to add that there are plenty of people at SAP I still trust. If Peter Zencke or Lothar Schubert tells me something, I expect it to be true. And it’s not just Germans; I feel the same way about Dan Rosenberg or Andrew Cabanski-Dunning, to name just a couple non-German SAP guys.
But I have to say this — both SAP’s ethics and its internal business processes are sufficiently screwed up as to cast doubt on SAP’s qualifications to “run the world’s best-run businesses.”
| Categories: Enterprise applications, SAP | 12 Comments |
Virtual appliances, virtual SaaS?
I chatted with VMware today about virtualization, virtual appliances, and so on. But first we covered some basics:
- VMware quotes a figure of 20,000 enterprise customers, if you count everybody who is at least testing the software and so on; i.e., it’s a somewhat inflated figure. Still, the “real” number is surely big.
- They claim ¼ of those have a “VMware first” policy, to deploy new apps on a virtual rather than dedicated machine. That’s impressive until you realize enterprise try to roll their own apps as rarely as possible these days.
- They suggest VMware is extremely helpful at times you’d like to have two copies of the same platform – e.g., for development, or when you have to take the system down for brief maintenance. It’s hard to argue with that claim.
- We didn’t have the time to talk about my performance concerns.
As for how this all plays with appliances and SaaS – that’s largely a future, but potentially a very interesting one. Here’s what I mean. Read more
| Categories: Computing appliances, EMC and VMware, Hardware, Platforms, Software as a service, Virtualization | 4 Comments |
Some thoughts from Blue Coat Systems
Another vendor I spoke with in my research into appliances is Blue Coat, who offer systems that help with caching (not a recent emphasis), proxy, “performance enhancement,” and/or “WAN optimization.” Details differ, but their story is generally consistent with what I’m hearing elsewhere.
- They use pretty generic computer parts. The biggest exceptions are specialized but still off-the-shelf cards for networking (fail-to-wire capability) and encryption. They think – as do I – that this is pretty typical for appliance manufacturers. However, different appliance vendors in the same market differ greatly in the mix of parts they use. (This is also true in data warehouse appliances.)
- They wrote their own OS. With fewer services than general operating systems, it’s inherently more secure (they fondly and credibly believe).
- They think there’s a general trend for specialized appliances to merge into more general ones. In the security/networking space, I’ve seen this too, but I don’t know whether the point has broader applicability.*
- Their maintenance fees as a percentage of purchase price are a lot lower than those typical for packaged software.
*But then, the vast majority of enterprise computing appliances are in the security/networking space. Data warehouse appliances are probably the biggest exception, at least if we define “appliance” loosely enough to include Teradata.
| Categories: Blue Coat Systems, Computing appliances, Security and anti-spam | 1 Comment |