Archive for August, 2010

Ohio is turning upside-down it spending right-side up

August 31st, 2010

Two years ago, technology spending in Ohio was upside down. The state government spent 70 percent of its annual IT operations on maintaining infrastructure – servers, storage and network hardware – and just 30 percent on maintaining software applications. During his first days on the job, Ohio Gov. Ted Strickland realized that the state government needed an efficiency overhaul. Strickland engaged

The Hackett Group, which provides strategic consulting services, to conduct a benchmarking study of Ohio’s government operations. Upon conclusion of Hackett’s study, Strickland ordered a series of changes, including IT modernization, and tasked Department of Administrative Services Director Hugh Quill with implementing them. Responsibility for IT improvements ultimately fell to Quill’s assistant director, state CIO Sam Orth.

Orth, who had just been appointed to the CIO position, recognized the tremendous task that lay before him. With most of its IT operations costs locked up in infrastructure maintenance, the state struggled to cope with rising citizen expectations and growing budget challenges.

“We should be investing 70 percent in maintaining applications and 30 percent in maintaining infrastructure,” said Orth. “I don’t think taxpayers in Ohio care about what kind of servers, storage networks or e-mail systems we have. What they care about is education, jobs and health care.”

As the recession began to hit, state IT executives came under growing pressure to cut costs. In January 2008, state agency CIOs were asked to slash technology spending by 30 percent – a total reduction of $240 million statewide. Clearly Ohio needed a strategy for reducing the amount of money it spent on buying and maintaining computer hardware.

Part of the solution was a statewide consolidation initiative that would replace costly physical servers with flexible virtual servers. Using sophisticated server virtualization software from VM ware, Ohio government could dramatically cut IT maintenance and energy expenses – and it could acquire the agility it needed to quickly respond to new business challenges.

“Our move toward server virtualization is a way to rebalance our IT investments,” Orth said. “It helps reduce infrastructure costs, freeing up capital to invest in new applications and other needs.”

Rethinking Conventional IT

Like many states, Ohio operates a highly federated IT environment. Before the consolidation began, Ohio’s 110 largely autonomous agencies, boards and commissions ran more than 5,000 individual servers. The huge array of computer hardware translated into complexity and cost.

To help identify cost-saving opportunities, Ohio turned to an advisory council of CIOs from multiple state agencies. The council identified 126 strategies for cutting IT spending, and server consolidation was at the top of the list. The state then assembled a working group to focus on server virtualization, hammering out standards, guidelines and practices for the transition.

“The math is pretty straightforward,” Orth said. “In an environment like ours where you have 5,000 physical servers across the government, if you consolidate 60 percent of them, you can eliminate upward of 2,500 servers. So that’s substantial.”

The initiative kicked off last year with 26 of the state’s largest agencies participating. Ohio took several steps to ease the agencies’ shift to the new computing paradigm. For instance, a server virtualization help desk was created which offers planning and estimating tools, procurement assistance and extra resources. The initiative also consolidated buying power to negotiate state discounts with VM ware, making those discounts available to any state or local jurisdiction. Agencies used VM ware’s Capacity Planner tool to gather information about their current server environment and estimate their requirements with the new technology. A dedicated VM ware technical account manager also was assigned to help agencies complete the move. Nearly 70 planning sessions were held with the participating agencies.

Efforts like these are crucial to the success of Ohio’s virtualization initiative, Orth said, because the move toward having multiple virtual servers run on a single piece of server hardware is a dramatic change from conventional IT thinking, in which a one-to-one relationship between physical servers and software applications is the norm.

“We’ve had our heads organized around a certain paradigm for 20 years, so we really had to invest in understanding the requirements and implications of server virtualization – not just from the business perspective, but from the practitioners’ perspective,” he said. “With an environment the size of ours, we had to enable and foster the change.”

Virtual Environment, Real Benefits

Since launching the consolidation about a year ago, Ohio has virtualized nearly 1,400 servers, or almost 30 percent of the servers operated by the 26 participating agencies. Orth estimates that those virtual servers will cut IT costs by more than $10 million over the next three years. Virtualizing just 60 percent of the remaining physical servers will net additional three-year savings of $16 million.

“The payback is substantial and you can achieve it in a quick amount of time,” he said. “And these are extremely conservative estimates.”
Indeed, a report from technology analyst ID C says that organizations may be able to consolidate 80 percent or more of their physical servers using virtualization technology. “Encapsulating multiple physical servers into a single consolidated server through virtualization enables cost and resource efficiencies, including a reduced consumption of physical floor space in a data center,” according to the report.

“Today’s use of virtualization technology allows IT professionals to automatically manage the resources of a physical server to efficiently support multiple operating systems, each supporting different applications.”

Tim Stephan, senior director of product marketing for VM ware, said the typical server running a single application often uses less than 10 percent of its computing capacity. By using computing power more efficiently, virtualization technology can enable a single physical server to run 10 to 20 virtual servers. “You can increase the utilization of a physical server from 8 percent to 80 percent very safely,” he said. “You’ll realize no performance impact and you’re able to deploy, configure and maintain virtual servers much more easily and effectively than you would in a physical environment.”

In Ohio, virtualization is paying off in a number of different ways. Reducing the amount of server hardware has cut capital expenditures and ongoing maintenance costs associated with operating physical devices. It also has lowered power consumption by reducing the amount of electricity consumed by physical servers and cutting the energy needed to cool the data center where they are housed.

This was a boon for Ohio, where the uninterruptible power supply in the state’s primary data center is taxed nearly to its limit. So far, 180 physical servers have been removed from the facility, reducing power consumption by 105 kilowatts annually and generating an estimated $255,360 in energy savings over the next five years.

“That translates into a carbon reduction of 8,667 tons per year,” added Orth. Ohio’s virtualization efforts even earned the state a $38,000 power rebate from a local utility company.

Faster Deployment, Better Business Continuity

Beyond these savings is a dramatic improvement in business agility. Tasks that once took weeks or months can now be accomplished in hours or days, Orth said. “The bottom line is that you’re really able to move from concept into production a lot more quickly in a virtual environment.”

In the old environment, deploying a new application – whether it was to meet federal requirements, solve a business problem or launch a new citizen service – meant engineering and procuring new servers, configuring them, loading the operating system and application, and testing them to ensure everything works. In a government setting, buying the hardware alone could take weeks or months.

In a virtual environment, server resources can be quickly allocated to support new applications. “You’re just essentially turning on a new virtual machine in your server cluster,” Orth said. “It really makes server deployment a lot more flexible from the business perspective, because you can respond to the business much more quickly when the need for new applications pops up.”

The same is true for disaster recovery and business continuity. Virtualization dramatically cuts costs and improves resiliency compared with traditional methods. VM ware technology automatically shifts applications from one physical server to another to compensate for failing equipment or to accommodate system upgrades and maintenance. This reduces the need for duplicate disaster recovery hardware, and protects critical systems from interruption.

“The fact that a server is reduced to a file that contains the operating system, the application and the data greatly enables disaster recovery and high availability,” Orth said. “It allows you to share underlying physical resources, so that if the primary production environment is lost, it automatically fails over to the secondary environment, and users don’t know anything went wrong.”

By contrast, restoring applications from a tape or disk to new physical hardware can be a much longer process. “Reinstalling the operating system, the application, the data, testing it and putting it back into production – that all takes time, which can be detrimental to the business depending on the criticality of the application,” Orth said.

On the Road to Statewide Cloud Computing

Besides its immediate benefits, virtualization positions the Ohio state government for the future. The current initiative forms the foundation for cloud computing and shared services efforts that will further boost efficiency and effectiveness.

The Ohio Department of Administrative Services’ Office of Information Technology is building capacity to host shared infrastructure services that can be consumed by multiple state agencies, eliminating duplicative hardware and applications. The state also is investigating emerging virtual storage technology, which could dramatically improve data storage flexibility and reduce expenses.

“These are the building blocks of a statewide government cloud,” said Orth, adding that network upgrades are under way to strengthen agencies’ ability to use cloud-based applications. “We’re not going to get there overnight. But that’s the direction we’re going.”

In the meantime, Orth continues to help turn Ohio’s upside-down IT spending right-side up. With the help of VM ware’s server virtualization technology, the state steadily is reducing the amount of money it spends on IT infrastructure support, allowing it to invest more in innovative and cost-effective services.

“We always have to remember that servers aren’t really about wire, plastic and silicon in a box,” he said. “They’re devices that provide applications to the end-users – the business agencies and citizens. As IT professionals in government, that’s the value we need to deliver.”


Security-as-a-service growing

August 31st, 2010

When you ask IT professionals if they use cloud computing or software-as-a-service, most start by saying “no”. But if you ask some follow up questions, you will quickly find out about “that one application” that is a SaaS application.

In security, this effect is even more pronounced. Companies don’t think they use security-as-a-service or “cloud” security. Yet, many do, in the form of messaging security: e-mail antispam and antivirus. This type of security outsourcing, where security is delivered as a service from the cloud and without on-premise hardware, is growing 12% year-on-year. It’s becoming a great outsourcing option for companies that lack the skills or do not want to retain and maintain the skills in some security function.

Of course, not all security functions are suitable candidates to move into a cloud environment. Messaging security is particularly suited to cloud delivery for two reasons. Firstly, e-mail travels through external gateways anyway, so security professionals don’t have to worry too much about putting their data “out there”. Secondly, e-mail transmission has variable latency measured in minutes, so adding an external gateway won’t delay things noticeably.

In our research we’ve found that e-mail antispam accounts for the vast majority of cloud-based security services. Of those companies using some form of security-as-a-service, 84% used e-mail antispam services. Antivirus was the second most common with 42% share among security-as-a-service users. Other services include cloud-based firewalls, intrusion-prevention systems (IPS), protection against distributed denial of service (DDoS) and vulnerability scanning.

Many of the above-mentioned security services are well suited to cloud delivery. Controls like firewall, IPS and DDoS protection are best applied on the far side of an Internet or WAN connection as they result in a reduction of transmitted data. Filtering the unwanted traffic means less traffic to carry across expensive links and less pressure to upgrade congested links. Another advantage of cloud delivery is the external perspective of the service provider, as is the case with vulnerability scanning, where those buying the service want to know what vulnerabilities are visible from the outside (this is often a specific regulatory requirement).

So why are companies buying security-as-a-service or “cloud” security? As with most outsourcing, there are a number of business drivers that may be influencing the decision to purchase these services. Conventional wisdom would point to “cost” as the top reason and as in many other situations the conventional wisdom is wrong. In fact, the primary driver for adoption of security-as-a-service is that companies see these external services as more effective than in-house solutions. Antispam for e-mail is a good example — it’s at the front lines of the security “war” and involves constantly changing attacks and countermeasures. What worked a few months ago and gave your company pristine mailboxes will almost certainly result in a tsunami of spam a few months later. So hiring, retaining and re-training people to fight this battle is expensive and less effective than hiring an external company to do it for you.

Cloud computing has already arrived for security. It’s often overlooked because antispam-in-the-cloud may not be as glamorous as “cloud computing” implies, but it is a practical, effective and cost-effective solution.


CA technologies to acquire arcot systems, inc., a visionary in fraud prevention, advanced authentication

August 31st, 2010

CA Technologies today announced it has signed a definitive agreement to acquire privately-held Arcot Systems, Inc., a leader in providing advanced authentication and fraud prevention solutions through on premises software or cloud services, in an all-cash transaction valued at $200 million.

The acquisition of Arcot adds visionary technology for fraud prevention and advanced authentication to CA Technologies leading Identity and Access Management (IAM) offerings.

Arcot’s solutions – delivered as cloud services or deployed on premises – help prevent fraudulent transactions for about one million online credit card transactions each day. In addition, by combining Arcot’s technology with CA Technologies market-leading CA SiteMinder portfolio, the company will provide advanced capabilities to help customers further reduce risk, support regulatory compliance and confidently secure business transactions.

“Arcot brings to CA Technologies a strong business in fraud prevention and unique capabilities in advanced authentication using a software-only approach,” said Dave Hansen, general manager for the Security business at CA Technologies. “This acquisition adds industry-leading technology that extends the breadth and depth of our strong IAM portfolio and gives our customers more first-class options for securing their Web-based business.”

The acquisition builds on CA Technologies cloud security strategy, providing the on-ramp to accelerate its delivery of IAM solutions as a comprehensive service from the cloud. The CA Technologies cloud security strategy is a three-fold approach: enable organizations to extend existing on-premises IAM systems to support cloud applications and services; provide IAM technology to cloud providers to secure their services – whether public, private or hybrid; and enable IAM services from the cloud.

In addition to helping customers leverage the value of cloud computing, this acquisition is compelling from several market perspectives:

• The Advanced Authentication market, a segment of the overall IAM sector, is expected to grow at low double digits over the next four years. The transaction is expected to drive new revenue streams for CA Technologies IAM business by growing Arcot’s eCommerce transaction business and growing sales to managed service providers that serve emerging enterprises. • The synergies and customer benefits gained by combining solutions from Arcot with leading IAM solutions from CA Technologies, open strong cross-sell opportunities into both companies’ existing customer bases, as well as opportunities for net new sales. • The acquisition fast-tracks CA Technologies IAM cloud service offering, with 120 million identities already verified using the Arcot technology today.

“Identity is a critical area for security whether you’re talking about in-house or the cloud, and with 120 million identities verified by our solutions today, we bring a strong, solid recurring revenue base as well as sources of new growth opportunities for CA Technologies,” said Ram Varadarajan, President and CEO, Arcot Systems, Inc. “Arcot’s strong established knowledge and expertise in core security and fraud prevention technology — coupled with IAM solutions from CA Technologies — will offer robust capabilities to our numerous shared customers, particularly in the financial industry.”

Arcot’s business features a subscription-based model, with almost 90 percent of revenue recurring and nearly 100 percent customer retention rates. Arcot has been cash-flow positive since the second quarter of 2009, which ended June 30, 2009.

The all-cash transaction is expected to be dilutive in fiscal 2011 to CA Technologies GAAP earnings per share and slightly accretive to non-GAAP earnings per share. The transaction is expected to close by the end of CA Technologies second fiscal quarter, ending September 30, 2010, and is subject to certain regulatory approvals and customary closing conditions. Founded in 1997, Arcot is a recognized visionary in the Web fraud prevention sector. With 35 patents awarded and pending, Arcot co-invented with Visa the 3-D Secure protocol for online payment security.


Get Adobe Flash player