|
|
Simple-Talk Editor
Loves a good debate.
-
Posted Friday, January 14, 2011 8:59 AM |
When the age of SaaS dawned, and the first wisps of the cloud started to condense above our heads, much hype was made of the fact that you could put your "stuff" in the cloud, and then never have to worry about it again.
Sadly, that's only half true. You don't have to worry about the nitty-gritty details of provisioning hardware, scaling your applications, or managing hardware. Lovely. Unfortunately, for reasons best described as 'Compliance', 'Security', and 'future-proofing' (to name just a few), companies can't just fire-&-forget their data and applications into the cloud, and let the magic black box in the sky take care of everything.
"With Great Power comes Great Responsibility"
- Uncle Ben
Now, as the general understanding of the technical & legal challenges inherent in cloud computing matures, customers are looking for more control over how their bit of the cloud behaves, and interacts with more earthly infrastructure. A few SaaS providers are already offering management services / portals, and Microsoft is hot on their heels.
This should come as no great surprise, as Big Enterprise is a notorious control-freak, and dedicated SysAdmins and DBAs were never going to just stand aside and give someone else carte blanche to screw around with their systems. It doesn't matter how well-intentioned that "someone else" is, they're not standing next to you, so they cannot 100% appreciate or cater for your specific needs.
As with so many things, this has become a balancing act. While the core of what identifies The Cloud is not going to change, if users take too much control over the fine-grained operation of their SaaS setup, then they're going to start impacting how well their providers can perform. They'll also be putting quite a dent in the "You don't have to worry about this stuff" tagline. And that's just assuming that they know what they're doing.
Where's the line? You need to retain a certain amount of control (if only to make sure your cloud-based and on-premises environments play nicely together), but push that control too far and you may as well host everything locally. Everyone's situation is obviously going to be different, but I wonder if there's any kind of consensus on what the bare minimum of control is?
|
-
Posted Thursday, December 16, 2010 11:01 AM |
It has been an impressively brutal month in terms of security breaches, and across a whole range of fronts. The "Cablegate" leaks, courtesy of Wikileaks, appear to be in a league of their own. The "Operation Payback" DDoS attacks against PayPal, MasterCard and Visa (not to mention the less successful attack against Amazon) are equally impressive. Even more recently, the Gawker Media Network was subjected to a relatively sophisticated hack attack by Gnosis, with the hackers gaining access to some 1.3 million passwords and usernames, as well as internal credentials of Gawker employees, and a big block of users & staff email addresses. Pretty spectacular stuff. While DDoS attacks and truly skilled hacks are difficult (though not impossible) to defend against, information leaks should theoretically be under better control. It's hard to predict what's going to be thrown at you from the Lions and Tigers and Bears of the internet, but much more within our power to control information flows and potential leaks within our own domains. Not necessarily easy, but much more manageable. The confidential information recently exposed by Wikileaks was, with a few notable caveats, handled in much the same way as the average Enterprise might manage large amounts of communications data - with PST files. While the scale of the breach is impressive, the methodology is more mundane, and something we're all potentially at risk from. All of a sudden, Brien Posey's horror stories pale into insignificance! Ultimately, security is always your domain, regardless of whether your server environments are on-premises or in the cloud. Uptime is an obvious concern, and while your PaaS is probably in a better position than you to weather a storm, but it's also more of a target. There's the question of whether you're willing to trust your private data to a 3rd party, but that's evidently a problem you need to address closer to home as well. The fundamental nature of security challenges remain the same wherever your environments are hosted; it's only the fine details that change. Just because you're using a big PaaS provider (Amazon being the case in point), that doesn't mean you'll be immune from digital damage. You'll just find it easier to point the finger of blame.
|
-
Posted Monday, November 22, 2010 1:21 PM |
Well. sort of. Clearly, you are using a computer. If you are on this site, you are probably quite familiar with computers as artifacts of our modern society. Hopefully, you are also familiar with the fact that Alan Turing, logician and mathematician extraordinaire, was instrumental in laying down the foundations of modern computer science, and did a little work to help turn the tide of WWII in the Allies' favor. Hold that thought. A phenomenal collection of Turing's papers (including his first ever published paper, and some pioneering work on Artificial Intelligence) are going to be auctioned off in London tomorrow, and are expected to fetch something between $482,000 & $800,000. The reason I mention this is because supporters of Bletchley Park (Home of the code-cracking Colossus and, more recently the National Museum for Computing) are scrambling to raise enough funds to win the auction and keep these historically priceless papers available to the public. I know it's cutting it a bit fine, but I urge you to join me in paying our respects to Alan, without whom blogging, developing and database administration would probably be a lot harder. I've made a donation to Turing Papers fundraising page*, and I suggest you do the same. *Even if the funds raised fall short of the auction price, the money will naturally still go to Bletchley Park, which is doing sterling work to preserve and promote the history of computing.
|
-
Posted Thursday, November 18, 2010 2:04 PM |
"Systems Administrators, I come in peace. You have nothing to fear from me"
- Office 365 Microsoft Business Productivity Online Suite recently absorbed a few other services and has been rebranded as Office 365, which is currently in private Beta and NDA-d up to the eyeballs. As Microsoft's (slightly delayed) answer to Google Apps Premier Edition, it shows a lot of promise; MS has technical expertise, market penetration, and financial capital all going for it. On the other hand, Google has its fair share of brainpower, and is built from the ground up with network uptime in mind. That is, after all, what their business completely relies on. Office 365 is also an implicit brand promise (backed up by an explicit 99.9% uptime SLA), and it's already looking like Microsoft might have to work a little harder to honor that promise. Unsurprisingly, I've seen it argued that even 99% is still pretty darned good, and that plenty of enterprises with in-house IT support suffer much worse than 90 minutes of downtime in 2 months. This is all true. It also doesn't take into account a few points: - With in-house IT, downtime doesn't mean users can't work, it just means they can't work online. If you're using the full Office 365 suite (i.e. with hosted versions of Office itself), then you've potentially got a bigger problem.
- It's damaging to the Microsoft brand if they can't honor this promise. They're presumably trying to sell this SaaS suite to managers and executives, and in that arena, confidence is king.
Speaking of confidence, their support for SME's seems to be of the "moderated community-based" variety. So, forums and twitter, then. This suite is designed to appeal to smaller businesses who are likely to not have the in-house expertise to recognize bad advice - that's why they're going down the cloud route. It's designed to put them on an equal software footing with larger enterprises, except when things go wrong, apparently. To add fuel to that particular fire (and it's a fire that you should draw warmth from), given that they're supporting IE6 (oh, the humanity!), one assumes that they're hoping to attract users who are firmly near the bottom of the IT knowledge histogram. Do SysAdmins need to worry about their jobs? I doubt it. Particularly as this opens up new opportunities to specialize in network administration, or to rebrand yourself as a Downtime Troubleshooter. Either way, I suspect there will be plenty of call for your expertise in the near future.
|
-
Posted Thursday, October 21, 2010 2:02 PM |
The best IT articles and suggestions come from the grizzled front-line veterans, and the best grizzled front-line veterans are the ones who are willing to listen to the suggestions of their peers. Wesley David may not be grizzled, but he is on the proverbial front line, and has recently kicked off a series of articles with his "top tips" for what tools a SysAdmin should have on hand at any given moment. Of course, tips and tricks are not a new format, nor necessarily objectively true, but they are no less useful because of that. So rather than make this about what I think, I want to open the floor and make this about you.
Given that I had "tips for boosting network performance" in mind, I went to our own SysAdmins yesterday and put them on the spot, asking them what their suggestions might be. After they made it very clear that I was asking a slightly silly question, and that there was no conclusive answer to my painfully open-ended question, here're some of their suggestions:
- Not all cables are created equal; check them often: Occasionally a cable will be damaged, or sometimes you'll just be plain unlucky and get a 'bad' cable. Either way, packets get lost.
- Build in network redundancy: There are arguments both for and against deduping the data in your network, but multiple physical paths are always a good idea.
- Make sure you Subnet properly: It shouldn't need saying, but sometimes it does. To borrow a line from a Slashdot user, "Segment your traffic according to where the load is, not where the politics are"
- Keep an eye on those broadcast-heavy apps: And don't be afraid to engage in a little traffic-shaping.
- Look at teaming / load-balancing your network cards: It just makes sense.
- Make sure your switches are consistently configured: Not only will this make initial setup easier, but reducing network variables will make your life easier when the time comes to troubleshoot.
- Educate your users: This one might be an uphill battle, but it'll (hopefully) pay off in the end.
Naturally, you'll be a staunch supporter of some of these tips, and consign others to the "unimportant" or "well, duh" pile, but I'm hoping you'll also share some of your own pearls of hard-earned wisdom, because I don't think #1 Tip is technical; it's professional - Listen (debate) and Learn. A quick glance at the Slashdot comments thread suggests that for every SysAdmin tip, there is an equal and opposite opinion, and I'd love to hear some of both.
|
-
Posted Thursday, September 23, 2010 7:19 AM |
Whilst we at Simple-Talk naturally support PowerShell’s use as a scripting medium, and agree with Microsoft’s policy of encouraging its use as a scripting language, it’s a little unsettling when encouragement turns into compulsion. Powershell is potent magic for the PowerShell priesthood, but mumbo-jumbo for ordinary mortals and, unlike VBA, makes no compromises with the user.
VBA in Microsoft Office was originally introduced as the scripting language that anyone could use, but even this hasn’t been adopted as hoped. Technologies such as the macro-recorder would, you’d have thought, made VBA the logical scripting medium for all of us. Yet I can still count on one hand the number of people I know who are even remotely inclined to script their own macros. There’s definitely an audience for this sort of thing, but that audience isn’t everyone.
I’ll be the last person to suggest that PowerShell isn’t useful, but the time it takes to learn is a non-trivial barrier to entry, and not everyone likes to script. Unless you’re already a PowerShell guru, there’s often a certain amount of pain involved in scripting an operation, as James Allison demonstrated when it took him, literally, days to set up, debug, and perform a PST Import into Exchange Server 2010. The (debatably) braver system administrator with no PowerShell knowledge might download a script from the internet *gulp* and hit ‘run’, but the rest of us will opt for the safer option of a 3rd party tool to solve the problem in a fraction of the time it would take to tinker with scripts.
|
|
|