The Converging Network

Continued from a previous blog post…

The Digital Age Will Save Us… Uh Huh

If you haven’t noticed our world of software is changing right from under us. We rarely receive CDs or DVDs when you buy software. All the Microsoft products I use in my business all come direct via the web, downloading an installer or the ISO image of the DVD to my computer. We buy and download our music through Amazon and iTunes. Now customers have much greater access to products, and we have instant delivery of online services and software products to our customers. 

Fall 2008 at the Microsoft developer’s conference, Microsoft announced Windows Azure, their strategy for bringing applications and infrastructure services into the cloud. It’s a bold step but nothing short of bold will do to be able to compete against the lead created by Google and Amazon. We’re entering an age where computing power, storage and network bandwidth are services we can spin up or wind down as needed. That’s a product manager’s digital dream, right? Well, it’s never that easy.

Yes there are automated processes for provisioning services and bringing new servers online, and they work, but not always in peak situations. There’s always more to it than standing up a dozen or more servers and “bring them online”. Databases, load balancers, firewalls, application software, backup/recovery, bandwidth, failover schemes… it all plays into the equation.

Microsoft was down for nearly a full day reconfiguring their service to be able to handle the huge demand for the Windows 7 beta. We don’t yet think of Microsoft as hosting thousands of computers like a Google or Amazon EC2 and S3 (Amazon’s hosting and storage services). But Microsoft runs a huge infrastructure that delivers MSN Messenger, MSN email, MSNBC site content, Windows Update service (all those patches you keep receiving), automated anti-virus updates for OneCare…. see there’s a lot. So, Microsoft’s no newb at the online services hosting game and it still took them a day to get back on their feet delivering Windows 7 downloads on the Internet.

It’s Not A Successful Launch Unless The Order System Gets Hurt

I see a trend happening. It’s obviously not intentional but it may become one of the criteria for any mind blowing, gang buster style product launch. The trend: crashing the servers.

Apple’s iPhone 3G was plagued with enormous problems which revealed a single point of failure in their online and SmartPhone strategy – the iTunes service. Yes, that nice little program you have on your Mac or PC to play songs, sync up you iPod and iPhone, and buy digital songs and movies. Behind your desktop app are the iTunes service which not only provide the online store for buying digital content, it also is crucial to provisioning iPhones and delivering software upgrades. Apple unwisely chose to bring out a new iTunes and iPhone software upgrades, and convert the .MAC service to MobileMe… all within a few days of each other. Busted. When demand peaked, the iTunes servers couldn’t handle the demands and customers were impacted on all fronts.

Verizon’s Blackberry Storm was plagued with similar issues when their ordering system overloaded during the first day of product launch. Call me silly but I’m pretty sure they knew the demand was coming following several very public product launch date delays, tons of attention from online on technology sites and blogs (like mine) and Verizon’s own billboards plastered around town more than a month before launch. (A consequence of moving the launch date once too often.)

Don’t Do It To Yourself… or Your Customers

What’s the second most under appreciated component of any piece of software? Answer: The installer. And what’s the number one under appreciated component of any software product? Answer: The upgrade.

My mom used to say that you don’t get to go to kindergarten until you can remember three things. (I forget what the other two things she says are, but I digress.) My adage is a product team doesn’t really know how to ship a successful software product until they can reliably do software upgrades successfully at least three times consecutively. (And not just minor upgrades.)

Apple is notorious for really bad upgrades, the consequences of which are bricked iPhone, wiped out data and pissed off customers. It’s not happened with just one software release, but occurs time and again. I’ve personally had two iPods blanked from Apple’s software updates, one of them was totally DOA and not recoverable without sending it to Apple. The most recent episode smacked down my buddy Alan’s iPhone, wiping it and causing him to wait while fix was tested and posted. That one experience moved him from being an iPhone advocate to an iPhone protagonist.

In IT shops software upgrades might be something we do once or twice a year. They are well planned (or should be) and timed, and include a recovery strategy should something go afoul. But that’s become much different for consumers and PCs in small and medium businesses. An upgrade or patch to Windows or Mac OS X could happen at any time, resulting in our PCs being reboot overnight or creating a capability problem you didn’t have the day before.

Upgrades are crucial to a positive customer experience. Their importance is drastically increasing. In my opinion, we’re not far from the day where every company needs to learn to do upgrades flawlessly or they get to go away.

The Fundamentals & Learning Faster

Shifting to the age of Software-as-a-Service (SaaS), online hosting, services on demand, and digitally delivered products are launch and delivery strategies we all are likely to consider and use at sometime. It opens up new possibilities, gives us access to new customers and markets, and drastically decreases the time to reach customers before, during and after the sale. It also means we need to be smart about learning from our experiences and the experiences of others in market.

Jumping onto some new technology often means we forget or ignore the fundamentals. Who’s the customer, what really are their needs, what will create a satisfying experience for them, positioning, messaging, the 5 P’s, etc. If anything technology accelerates and shortens the window between a buying a experience and a satisfying product experience. That means we have to learn faster, plan better and be prepared for more contingencies. We have to be open and transparent with our customers because they see the magnitude of product issues we experience and the age of whitewashing problems through some fancy PR campaign of CEO slight of hand are gone. Ask Jet Blue’s former CEO who is Passenger Bill Of Rights won over unhappy customers who sat in the plane grounded for hours.

Transparency. Something I’ll talk about at another time.

Just because many of us are in the tech industry doesn't mean we should proceed oblivious to the impact green product design is having on all industries, including ours. Software delivered through SaaS and virtualization are two of the more well recognized ways we as technology professionals, product creators and technology consumers see "green" happening in our industry. Virtualization and SaaS both help reduce the carbon footprint through power and cooling reduction of hosted and virtualized software. Downloadable and hosted software and documentation also reduce the paper, printing, transportation and other eco-unfriendly costs of creating and delivering products.

But the decisions we make in the creation and consumption of technology products impacts our planet's carbon footprint in many other profound and far reaching ways beyond just (and I am in no way minimizing these) saving some trees or conserving energy costs. Product designers are very often unaware of how decisions made early and throughout the product lifecycle can impact the carbon footprint of the products we create. Certain paints may require special ingredients having a higher carbon footprint manufacturing cost. Software the requires a large number of high speed, energy consuming disk spindles running 24x7 which could be better optimized for peak or infrequent usage. Computer hardware and accessories may have a high environmental impact because of their poor recyclability or the products they displace. Even how we organize or operate our businesses can have a smaller or higher carbon footprint because of travel and energy costs.

A new breed of entrepreneurs, called environmental entrepreneurs, have emerged focusing on creating greener products, services and businesses. I'm fortunate to be an advisor to one of the leading environmental entrepreneurs, Terry Swack, and her third (I believe it's third) "green" company, Sustainable Minds. Terry and the Sustainable Minds team launched a series of information services for product designers supported by companion decision support software created by the company. Here's how Terry describes their offerings:

“These are the first of our information services which deliver new knowledge, processes and strategies for a life cycle-based approach to product design, and are the counterpart to our decision support software. This combination is key for design organizations looking to innovate or differentiate through delivering more sustainable products or design services. Product design professionals can acquire new green skills, increasing their value on the job and having greater impact in organizations. Manufacturers can access new markets with innovative, environmentally superior products that meet customer needs, and increase brand value by credibly marketing ‘greenness’. Our aim is to cover the exceptionally broad topic of sustainable design with experts from diverse areas who drill down to specifics that practitioners will find illuminating.”

I like and believe in the pragmatic approach Sustainable Minds is taking to help advise and education product designers, and support the design process with data and tools. Terry likes to say, "The bottom line is, there is no such thing as a green product – all products use materials and energy, and create waste." See what I mean about Terry's pragmatic approach? To help designers throughout the entire process, the company created Okala, a lifecycle assessment tool for creating more ecologically sustainable products. She has also assembled some of the leading experts in creating sustainable products who are contribution to the Ask the Okala Experts blog.

I believe we as product creators and designers should be responsible for educating ourselves about designing more sustainable products. Terry talked at PARC prior to launching Sustainable Minds and this video gives you some good basic information about sustainable design. The Ask the Okala Experts blog is a blog you can also follow to hear from thought leaders in the space. I appreciate your checking this information out and sharing it with other friends who might benefit from this information. I'm learning right from Terry and the Sustainable Minds team right along with you.

Alan and I finally got off our duffs and recorded a podcast. Can you believe it? We have the evidence right here in our grimy little podcasting hands to prove it. But, you'll have to listen to believe it for yourself.

In podcast #54 Alan and I are back to our old antics, and discuss:

• How the FBI's network easily got p00ned by a pen tester in just a few minutes, right up to the NCIC crime database
• Hot off the presses Barracuda unsolicited (serious?) bid for Sourcefire
• Mac's nasty track record for security vulnerabilities (we won't see those commercials anytime soon, will we)
• Some new fangled service called G.hos.st that Alan's all hot about
• The ethics of security issues, or, how to get fired from TJX without really trying

Alan and I also take some time to put a plug in there for the news about the origins of Stonehenge, and NASA's Mars Phoenix lander. We also pay homage to two greats who passed in the last few days, comedian Harvey Korman and director/actor Sidney Pollack. "That's Headley!" Thanks for the wonderful years, guys.

Enjoy the podcast and please drop us any suggestions or questions at podcast@stillsecure.com.

mp3 file

This week my company where I’m CTO, Absolute Performance, made a couple of announcements. First, we are attending the Parallels Summit 2008 conference in Washington D.C. where Absolute CEO Jerry Champlin had a talk today about exploiting the explosion of opportunities in the SaaS market. At the show we announced Absolute is adding support for Parallels Virtuozzo Containers, which is how Parallels virtualizes applications above the operating system level, sometimes referred to as OS virtualization. Containers abstract the OS from the application, rather than just the hardware as hypervisors do, allowing you to use the OS as a service to applications in multiple containers. Absolute has already announced support for instrumenting VMware ESX and with the addition of Virtuozzo Containers we’ll begin to provide deep instrumentation of virtualized Parallels environments.

How do you rapidly deploy applications, when they all install, have various requirements, and are managed differently? The effort to install applications can be complex and time consuming. The Application Packaging Standard is a standard, created by Parallels which they are now turning into an industry supported standard, which allows you to package an application once. Control panels, provisioning information, etc., are all standardized through APS. There are also useful services within APS, such as the APS Catalog (lists applications in one place with all their associated updates), APS Identity Service for single sign on for APS apps, and APS licensing (under development) for centralizing and standardizing licensing. There are about 150 applications within the APS catalog today. Absolute Performance announced our support for the APS standard, and also that we will have templates for instrumenting some APS right out the box. After some more research into which are the most widely utilized, we’ll start releasing templates for APS apps in the APS Catalog. Lastly, we announced we are deepening our partnership with Parallels and will work together on future initiatives to help managed services and hosting partners effectively thrive in the world of SaaS.

We also announced our partnership with FORTRUST, a Colorado data center services and collocation facilities provider, who brought out their FORTRUST Managed Services. We’re exciting about partnering with them because they clearly recognize the move towards providing high value services to customers. And not just the typical basic monitoring either, but the full suite of monitoring, management, pre-production load testing, end user experience validation and reporting functions of its managed services offering. FORTRUST has some of the highest quality facilities you’ll see and I think you’ll find the same true of their managed services offerings. All my best to the team there and the new managed services offerings.

As I’ve talked about previously in my NWW blog, SaaS is all about partnering and without effective partnering strategies, it’s a tough go to be a one-vendor show. Partnerships, like those we announced this week, show why it’s the case.

With the eminent round of additional layoffs coming at Sun, there have to be some real rock stars out their looking for their next move. So... if you are a rock star pre-sales engineer who knows how to sell solutions and would like to get into the exploding SaaS market... or you are a top QA engineer who loves testing, automation, and digging out the toughest to find bugs... you owe it to yourself to check out these open positions at my new company, Absolute Performance.

Send your information to jobs@absolute-performance.com. Tell 'em you read about it on The Converging Network blog.

Rock On!

With the soaring interest in Software-as-a-Service (SaaS), we are already seeing the same metaphor used for other service offerings. Platform-as-a-Service, or PaaS, is becoming a common place term. Now I've also seen IaaS, or Infrastructure-as-a-Service. As I like to say, no good idea goes un-copied. What that means is we should all expect to be overrun by the use of XaaS terms, where X equals whatever word or phrase any vendor, analyst or marketer chooses to promote their product or service. If Sausage-as-a-Service will help sell more processed meats, you can bet someone will jump on the bandwagon and leverage XaaS to their benefit.

If imitation (being copied) is the most sincere form of flattery, then I'd say SaaS is gaining enough traction that others are coping the XaaS term for their use. But we shouldn't forget, what this all really means to us is that software, infrastructure, data, etc., etc,. are all moving into the cloud, being offered as a service.

So if anyone needs any Blogging-as-a-Service, you know where to contact me. :)

One of the things I was interested to investigate at this week's RSA conference was whether SaaS and cloud services (compute, storage, etc.) had entered into the horizon of the security market. The answer is easy. NO. Not even close. Security doesn't get where the software market is headed and we need to get after it now.

There's two perspectives to assess this from; What are security vendors doing to build products for the On Demand, SaaS and cloud computing world we are rapidly moving into? And, are security vendors moving into offerings based in the cloud themselves? Again, with a very few exceptions this isn't something that even appears on the radar screen of RSA exhibitors.

Regarding the first question, the themes of RSA is still very much in the world of data protection, data lose prevention, network access control, USB storage containment, and infatuation with the latest 10 gigabit doodad appliance box.  Maybe its too early for security in the cloud to be the issue of the day - security in the virtualized world isn't even a topic for conversation. At least a few smart people like The Hoff are playing virtualization MythBuster, keeping us honest about what challenges and interesting problems need to be solved as virtualization continues its march into data centers, storage and applications.

How about those offering their security wares via the cloud? Clearly Qualys suffered the arrows of being an early SaaS security vendor but crazy frenchman Philippe Courtot is still riding high knowing the SaaS market is doing well within other segments of IT and security will eventually get there. But they are still pretty much a lone SaaS delivered security player. Another company doing SaaS delivered security products is Alertlogic, providing log management, analysis, and compliance software On Demand. I spent some time with Alertlogic CTO Misha Govshteyn, someone who has been through the transition to SaaS and learned the lessons needed to scale a multi-tenant product. (Misha's a smart guy, btw. You sooooo need to start blogging dude!)

I think Misha's approach also shows some insight into where we'll see SaaS enter into security - in the mid-enterprise and SME markets. Those are buyers who don't necessarily have access to full time security, storage or other specialized resources. They also are more accepting and can get over the perceived privacy concerns that surface when considering an On Demand service, especially private companies who don't fall under SOX compliance. I still recall selling against Qualys and pushing the issue of your vulnerability data being stored in the cloud - many saw the advantages and convenience from an On Demand offering, and for yet many others it was a no-op. But mid-enterprise and SME's adoption of On Demand software solutions could show us this is where security will make it's first SaaS market beachhead.

As security professionals, we can't wait for the market and vendors to catch up. We need to be creating the security dialog and debates about virtualization, on demand and cloud based services. While Microsoft may be trumpeting the call of End-To-End Trust, trying to get the other elephants to tap dance with them, we've got to working ahead of the curve on the tough problems, vocalizing the security needs while services are being created and moving into the cloud, not after. I'm glad that Hoff, Misha and others are thinking ahead of the curve.

I know that not everyone who reads blogs also likes to listen to podcasts, and visa versa. So I decided to try something different and see how readers and listeners like it. I call it a "micro-podcast". (Let me know if you think of a better name.)

Last week while at the SaaS Summit conference in San Francisco, I interviewed Michael van Dijken, head of marketing Microsoft's efforts to support the hosting and SaaS software market segments. I posted the interview with Microsoft's van Dijken up on my Network World Converging On Microsoft blog using this new format. The interview was recorded with my micro-recorder podcast unit.

What I've done is break up the interview recording into snippets, or micro-podcasts, wrapped in blog narrative with my lead in and comments for each portions of the interview. The idea is just to listen to the parts of the recording you want to hear, rather than listen through the entire recording just to get to the topic you're interested in. And, if you wish to hear the full, unedited interview recording, just go to the bottom of the blog post and listen to the full interview instead of the broken up segments.

If you have a moment to check it out, please do so and let me know your feedback about this idea. Do you like it? Is it easier to read and listen to? Does that format work for you? What suggestions do you have for improving it?

Let me know your thoughts. Thanks.

While attending the 2008 SaaS Summit last week, I was fortunate to listen in on a panel discussing venture funding of SaaS companies in today's market. The panel had a mix of early stage, mid and corporate, corporate investors and a view from the public markets perspective.

Panel: Ann Winblad, Partner - Hummer Winblad Venture Partners, Jason Maynard, Research Analyst - Credit Suisse First Boston, Jason Green, General Partner - Emergence Capital Partners, and Jon Krause, Investment Manager, Intel Capital. Moderator: Treb Ryan, CEO, Opsource.

Several things stuck with me from the panel discussion. First is the divergence of business funding models that have been funded in the current and past years. SaaS isn't just about funding investments of $50m, $75m or $100m in capital mega startup or roll up companies. Several companies were mentioned who bootstrapped, acquired a bevy of good customers, and then seek capital to increase growth. These aren't the days of "build it and they will come". SaaS and On Demand software enables companies to get products to market with fewer barriers, benefit from customer and market feedback, to more quickly prove out their business model, or at least spend less money doing so.

Another common theme was the patience that investors must have these days. Few startups are going to go from series A to a buyout or IPO in 3 years or so. Most take much longer for a liquidity event. Venture cycles are running 6.7 for a company IPO, and 5 years for a company is acquired, according to Ann Winbald, of Hummer Winblad. Though the VCs know this, most entrepreneurs are still learning that these timeframes are typical, not the quick pops during the '90s bubble.

A few other themes resonated with me. The importance of partners, and extending your reach through those partners, sales organization, branding and technology. My experience is that product managers, CTOs and product developers often overlook opportunities for rebranding and OEM products early in their development. I know I've been guilty of that lesson myself, and it's something I put a lot more emphasis on in the companies I work with today.

The other was the investment in the front end of the business that is necessary, sales and marketing. Some of the panel members felt it should be a 1:1 ratio, $1 of sales and market for every $1 of the most recent quarter of revenue. That's sounds like the spend of one of those capital intensive mega companies and seems pretty heavy to me, but I do believe you've got invest significant dollars in the front end. Products rarely market or sell themselves, and when they do, no one knew it would happen up front -- I'm saying they are lucking more often than smart. So don't put too much faith in luck and invest in the business.

Is your product aspirin or vitamins (metaphorically)? That's one prescription for telling how important your product or service is to the customer. How sticky is what you provide your customers and could they walk away during a downturn of the economy. That was some other sage advice from Ann, who talked about how they evaluate the customer portfolio of companies they consider for investment.

Note: I'm requesting permission to post the mp3 recording of the panel discussion. Stay tuned.

Last week's SaaS Summit in San Francisco was a resounding success on multiple fronts. The conference was very well attended (about 600 or more attendees.) I was able to score interviews with Microsoft's Michael van Dijken, Lead Marketing Manager for Microsoft's hosting and communications sector, and with Treb Ryan, CEO of Opsource, who put on the SaaS event. I also attended a very interesting and very informative VC panel on funding companies in the SaaS space (I'll put up a recording later), and the Absolute Performance showing at the conference went over very well.

I'll be blogging some more about the event, including putting up some of the interviews and recordings, in separate blog posts on The Converging Network and on my Network World Converging On Microsoft blog. Keep an eye out for more posts in the next couple of days.