Home > Intel Communities > Open Port IT Community > IT@Intel > Blog > 2008 > September
Up to Blog Posts in IT@Intel
Previous Next

IT@Intel Blog

September 2008
David Buchholz
2

As I sit here fresh from a leadership conference for IT employees, I find myself thinking about that. Does IT need radical change? After hearing several examples of how people engineered solutions to solve specific problems or reviewed projects they had developed over the past year, I can answer with a definite yes. While it wasn't simply this experience that pushed me to realization, it definitely helped complete the pattern I had noticed in today's IT.

 

I spend most of my normal role investigating and researching emerging and next generation technologies. With this role came many headaches from pounding my head against the wall of established processes, procedures and preconceived notions. But to borrow an idea from Gene Meieran, that is simply the toll I am paying on this road to my success. But I look at this and ask a simple question, why?

 

When pushing to adopt a new technology, why do we have to wait until it meets all of our established requirements? Why do we try to make vendor's products adapt to us, versus us considering the possibility to adapt to them? Why does it take us 2 years to adopt a new operating system or major product? Why do we run projects for 18-24 months to implement a product that exists out on the shelf today? In looking at several examples of what people consider successful products today, I look to see what makes them different, attractive, and a must have. I then ask what would it take to make IT different, attractive and a must have for any corporation.

 

Five or six years ago, people came to work and looked to IT to get the latest hardware, OS and innovations, because we had it here. We spent the dollars and time to solve problems and innovate. But in the last few years, people have adopted technology must faster at home than we do at work. They use the iPhone, a Wii, social networking tools, cloud based services, etc. They are enabled at home with more options than we provide as an IT shop. We use instant messaging in IT, not because we developed it as a way to eliminate small emails, but because instant messaging was a consumer product that grew so fast, that IT had to adopt it. Social networking is doing the same thing. So I wonder, what would it take to get IT back ahead of the curve and become an enabler of new ideas and solutions, rather than an implementer & reinventer of existing technology?

 

We need to get back to freethinking and innovation that is core to our roots. Companies like Intel were founded on thoughts like the famous quote from Robert Noyce - "Don't be encumbered by the past, go out and do something wonderful" yet in our day to day life I see many encumbered by the past and am waiting for the wonderful. We choose solutions that have more of the one size fits all. Instead of picking the best solutions for the roles that exist; we try to find the one item that can solve all of our problems. Rather than choosing the optimal product for the "one size", we should look at the product that enables the end user to perform optimally. Imagined if corporations took this approach with their products. Image a shoe manufacture that developed the one size fits all. It would be an opened toe, ¾ shank athletic tread, men's size 10, 3-inch heel, sneaker pump. It would meet most of the needs of the shoe-wearing world, but wouldn't be the right shoe for many, if anyone. So why do we settle for the same model in IT? We need to be innovative. We need to look at Apple, Google, Nintendo and others. They didn't just develop products that do what everyone else's products do today, but they did them differently & in many cases better. What does it take to make your part of IT the next iPod, iPhone or Wii? How can we enable our partners to perform optimally? What does it take to just go out and do something without worrying about how many existing committees; review boards, processes and groups have to be engaged to just get it going? The answer is radical change. We need to change how we work. We need to change the level of control we have today. We need to shrink what we try to manage. We need to strive to enable the partners versus totally control their work life. We need to ask so what every once in a while. When someone says if we do A then B might happen. Ask the question, so what? We spend all this time doing the day-to-day moving from spot to spot, never worrying about the resources, costs and effort put into the status quo. When we try to implement something new, it goes under the microscope and quite often is held to a different standard than existing solutions. Requirements seem to be a never-ending monster of growth, instead of the simple point-by-point items they should be for solutions. Many times the solutions themselves are actually listed as the requirements. So I challenge us all to start a process of Radical Change. Start asking the question So What? Start pushing back on the status quo, quit being encumbered and start a process of innovation. Help your partners perform optimally and be a key part of their success rather than just one of their suppliers. It won't be easy, it won't always be fun, but it will be rewarding.

2 Comments Permalink Tags: business_value, alternate_compute_models, manageability, management, next_generation, forward
Brian W. McCann
0

I'm sure you've already seen press on the new 7400 series of processes. It is a really exciting time to see 6 core procs coming out. Being an engineer that supports enterprise applications and technologies this should provide a lot of extra power to apps that were CPU bound to 4 procs. One such technology is virtualization and Microsoft's Hyper-V. Previously the limit of Hyper-V was 128 physical procs and 16 logical procs. Microsoft just released an update that will increase those previous limits to support up to 192 physical procs and 24 logical procs! WOW, I can't wait to see that in action. This should definitely help organizations that need to limit their physical footprint of servers with their consolidation efforts.

 

This is a great example of two companies combining their technology in ways that really benefit the customer. Very exciting times...I can't wait for even more cores!!!

0 Comments Permalink Tags: xeon, xeon_7400, hyper-v, virtualization, brian_mccann, green_data_centers, server_consolidation
Omer Ben-Shalom
0

The third and last part of the video series discussing how you can make use of the vPro system defense capabilities the easy way is out, this video shows an example of how your existing security server can implement network quarantine using system defense on provisioned devices without having to know a thing about AMT.

The video follows on the second video which showed an example of using system defense through the Microsoft SCOM GUI and shows a proof of concept implementation that only requires the security server to input an event into the local windows event log which is easily doable with almost any programming/script language. Behind the scene the SCOM agent installed on the security server intercepts this event, sends notification to the SCOM server and as a result the SCOM server implements the blocking policy on the offending host.




The beauty of this is that now you can choose any server to collect and correlate your security events and take quarantine decisions and all that without this server having to be an AMT management server. the existing AMT manager (SCOM in this example) is doing the hard work for you.


as before I hope you find this useful, I would love to hear comments and answer any questions.

Cheers


Omer.

0 Comments Permalink Tags: amt, event_manager, filtering, it@intel, management, network_quarantine, omer_ben_shalom, quarantine, ron_miller, security, system_defense, video, virus, vpro
Matthew Rosenquist
0

Everyone wants information security to be easy. Wouldn't it be nice if it were simple enough to fit snugly inside a fortune cookie? Well, although I don't try to promote such foolish nonsense, I do on occasion pass on readily digestible nuggets to reinforce security principles and get people thinking how security applies to their environment.

 

Common Sense

I think the key to fortune cookie advice is ‘common sense' in the context of security. It must be simple, succinct, and make sense to everyone, while conveying important security aspects.

 

Here is my Fortune Cookie advice for September:

 

In information security, like in sports, knowing your adversary is far more important than knowing the condition of the field.

 

 

 

 

Information security is an adversarial pursuit. It all begins with threat agents, those people who will negatively affect your organization. Some are malicious, others are not. The key is they are living, breathing opponents whose motivations drive actions which cause loss. They learn, adapt, and change as they seek their objectives.

 

Know your threats. This is an important first step. Knowing all your vulnerabilities is fine, but secondary in importance.

 

For those who are malicious, understand what they target and the likely methods they will employ. Only then can the vulnerabilities be narrowed to show the most probable exposures. This prediction gives the security professional a focus on what to protect, how best to monitor, and preparations necessary to respond when needed.

 

 

 

So am I contributing to the problem of over simplifying security? Or am I reaching out to those who might not take an inordinate amount of time necessary to understand the complexities and nuances of our industry? You decide and feel free to share your knowledge-nuggets.

 

 

Fortune Cookie Security Advice - August 2008

 

 

Fortune Cookie Security Advice - June 2008

 

 

Fortune Cookie Security Advice - May 2008

 

 

Deconstructing Cyber Security Attacks - Threat Model

 

 

Defense in Depth Information Security Strategy

0 Comments Permalink Tags: threat, security, roi, value, rosi, information_security, optimal_security, model, risk, matthew_rosenquist, rosenquist, policy, defense_in_depth

Popular Blog Posts