Skip navigation

IT Peer Network

August 2007 Previous month Next month

Not even a week into our launch, and boy we are seeing many things we did not expect.  One thing we did not expect is all the love from Russia.  We have many Russian IT Pros out there who have passionately joined Open Port.  Well, that is simply AWESOME as we say here in the land of California.  I am very happy to see the international participation, and a key demographic audience, finding this site a place to have discussions on IT topics.


However I do need to explain this site has launched as a US/English language pilot.  English is the core language for the time being, as we do not have the tools and moderation in place to support an effective multi-language experience. Language selectors and filtering are items we have planned for a future launch, but they will not be available for some time.


So for our international users, please continue to use the site.  We welcome your voice and perspective, but understand this site is not well developed to support multiple languages.


My preference is to keep all posts and threads, especially the titles in English.  But I am open to ideas.


So let me know how we can best support specific demographics on this site and make this an effective experience for all.


Getting Ready for IDF

Posted by LaurieBuczek Aug 29, 2007

Intel's IT professionals are getting ready to come to you live from IDF (Intel Developer Forum) in San Francisco the week of September 18th-20th. John "JJ" Johnson, CIO, will be discussing Intel’s perspective on the impact technology brings to the future of IT. We are also developing a social media panel who will discuss the challenges of social media in the IT environment and more. In addition, you will likely find me roaming the halls chatting with you, participating in sessions and doing a live blog. We are looking forward to it. Any, oh, by the way- I have a super discount for you. Use the following codes to get a great discount: For September 18th only - code #DNCITI- gets you in *free. *If you want to attend all 3 days use code # PRMITI for a price of only $895. I look forward to seeing you there!


Intel IT's Security Pros

Posted by LaurieBuczek Aug 28, 2007

A few of our top security analysts & strategists got together to share with Podtech how Intel's own IT department tackles security challenges. Did you know that Intel's IT organization developed a "war gaming" program to model and predict bad guy behaviors? Do you have increased challenges around securing your network perimeter due to the integration of more mobile devices? Have you developed a way to actually measure the business value of IT's security efforts? I invite you to learn how Intel's IT organization addresses these security topics and more. Check out our first video introducing the series on security, then hop over to Managing the Effort to Measure Security blog by Matthew Rosenquist. More coming soon...




Open Port Launches

Posted by Bob_Duffy Aug 23, 2007

Intel launches Open Port today, a site dedicated to direct communication between Intel's product & technology experts and IT community. Community Managers Josh Hilliker, Laurie Buczek and I explain what this site is about in this video.



Here's a what you will find in Open Port


Intel® vProTM Expert Center:

The Intel VPro Expert Center will focus on the needs of IT professionals with the goal of providing information and best practices about Intel® vProTM processor technology. Users can share information with an array of Intel's client management experts, key industry players, and community members.



Stay informed with the latest updates in technology. With a focus on technically detailed blogs, discussions and resources from Intel’s own IT department, IT@Intel is a place to get the inside scoop on what is up and coming. In addition to this, community participation includes access to Intel’s best practices across a wide range of topics ranging from security, mobility, client management, data centers, to innovation & leadership.


General Community Zone

Users can visit the general community to access a wide array of content ranging from member's personal blogs, member generated discussions, as well as information on Intel's key technologies. This area further aims to provide an area for users to interact even if their question/topic does not specifically relate to another sub-community.


Product Reviews

User generated reviews integrated within new product pages on Users can read the latest user comments at the bottom of the page, submit their own comments, or browse the full discussion at Open Port.


Gateway to Premier IT Membership

Open Port is a part of the value added Intel Premier IT Professional member program. Visitors to the community have the option to register for program events or opt in to Premier IT membership. Once registered, they will get access to exclusive expert materials, event presentations, e-newsletters and the highly acclaimed Premier IT magazine.


Technorati Profile



Welcome to My World

Posted by SteveBell Aug 22, 2007

I look forward to sharing my thoughts related to the areas of collaboration and office productivity. I currently manage three teams within our engineering world. First, I will start with our office productivity team that is responsible for the client software packages for our Intel users. This team works in very broad spectrum from focused Microsoft Office products to extended office products from a variety of suppliers. Next up is our collaboration team that is focused on social media, async collaboration like meeting workspaces, team sites and much more. Last but not least, is the Learning and User Adoption team. This team is focused on providing content for training and focus on helping with users adopting the tools that could help them within their jobs.


I feel that we (IT shops) are being asked to keep the lights on, infrastructure running smoothly and doing this with the lowest possible budget that we tend to leave out the help that we could provide the end user with improved productivity and collaboration solutions. Within my world, we have been slowly introducing these items with mixed impact and effectiveness. Is it the products? Training? Acceptance from the users? Old dogs, new tricks? Boomers to Generation Y'ers? Too late to the party?



I am wondering what others experiences have been? Please share the good, the bad and helpful not the too ugly...



In the future, I am planning on each area in more detail. I look forward to discussing my experiences and gaining new knowledge from those that would like to share.



In my blog inside Intel I'm exploring some ideas for social media implementation, and would like to throw them out here to the IT Community for input. Our social media implementation is a bit patchwork at the moment, so I'm looking at ways to help fill it in. In this case, the idea is to open up our current method of corporate employee communication.


Currently, our intranet is a fairly static site. Most news and articles are just fixed web posts, and what I've been exploring is adding an open discussion area on the end of every article published on any intranet site. Then any reader who has something to ask or add on a topic can contribute. It may be a simple link to related material, or it may be detailed thoughts on the topic. There may be no comments for an FYI about a local road closure, or a lengthy exchange about some of our product strategies. If the topic draws out a reader who cares enough to add thoughts, the net result of those inputs creates material that is more valuable than the post alone. At worst it shows what people think of a topic, and at best there could be ideas, information, and discourse that adds a lot more than the original post.


The second piece of this change would be to allow employees to directly submit their own articles and material, similar to something you might see on or Digg. Those sites are very different, but together they enable every single employee to quickly share content they find valuable, and provide a mechanism for the best of that content to rise up for all to see. It's a staggering difference from the tops-down, management sanitized communication we get today. It leverages the incredible knowledge and brainpower already present across Intel, and starts building a valuable repository of information that no centralized, "tops down" organized project could accomplish.



Perhaps it gets to the heart of an ongoing debate about the role of IT - are we an enabler for existing technical demand, or do we have an obligation to stretch the rest of the company in new behavorial directions around technology? I'm a believer in the latter, but it's far from a settled issue.



Do any of you allow that sort of deep participation in all levels of employee communications? Is your company even one that would allow it? As I work this issue internally, I'd really like to hear how others address it.




The power went out here in Austin this afternoon. Not in the office, mind you... Only in the data center. The root cause isn't all that important or interesting - some maintenance didn't go as planned so the DC was dark while street power was unaffected.



The impact, however, is a great illustration of the differences between the server-huggers and the grid-enabled. The former group -- who think it is important to know which server belongs to them and where it's located at all times -- were unable to work for several hours. Their jobs crashed with the servers, and their data was unavailable until the local fileservers came back online. They were standing around in the hallways or leaving for the day. The grid users, on the other hand, had already enabled themselves to take advantage of shared computing resources in at least one other site, sometimes as many as two or three sites. While they lost some local state and running jobs, they could go home and log in through VPN, or wait a few minutes until the network infrastructure was back online (Networks almost always first in the power-up sequence). Jobs could be re-submitted, schedules could be met.





While we often talk about the cost savings and performance improvements of grid computing, we shouldn't overlook the resulting business continuity benefits. If you have deployed a grid, does your BC plan allow a single-site outage to be absorbed by the remaining capacity? If you're considering grid deployment, is business continuity a factor in your decision?





Can IT Create Business Value?

Posted by mnisman Aug 21, 2007

I look forward to sharing my thoughts related to IT business and management practices. I am interested in a variety of topics pertaining to the IT profession and the role of IT in creating value. We have been researching the topics of IT value and IT innovation for almost a decade, and that includes putting some tangible mechanisms in place for people to apply in their daily jobs, enabling better value creation through the use of IT. We (IT shops) have been so busy ensuring that the infrastructure runs smoothly, that customer requirements and expectations are met, that support is one click away, that we sometimes forget about a unique role that IT can play in a company by actually contributing to future value creation and business growth. In many cases we do it without acknowledging it, and so it goes unnoticed.


At the beginning of this past decade, our IT organization was challenged to measure the impact of IT's solutions to Intel's business results. So, with the help from Finance, we expanded our typical operational metrics to include those related to business impact, such as time to market for our products, capital purchase avoidance, throughput time, and others. We worked closely with our lines of business to quantify and measure improvements from IT solutions, and establishing better internal customer relationships. The data and results produced prove beneficial to IT and the customers of our solutions. We have also learned from the difficulties we encountered. For example, not every IT solution comes with a completed ROI. The lack of business value tools and understanding makes it difficult to get started. Speaking business benefit from an IT view requires common language and common indicators to gauge and value successful IT programs.



Now, more than ever, it is important that IT shops show that investment in IT will yield a positive business return that will be felt by the shareholders.



In future blogs I will share some of the methodologies we developed and continue to create in partnership with academia and industry fellow travelers, such as the IT Capability Maturity Framework (CMF).



Measuring information security is an exercise in total frustration. Well, maybe not total frustration but it can increase the number of wrinkles in the face, thin the hair, and turn what is left to a lighter shade of gray. Eventually, everyone taken with this passion will sport the Einstein look.


So what is the big deal anyways? How is measuring security programs any different than other IT or production programs? The heart of the problem is in trying to measure what does not occur. Security initiatives strive to prevent loss. So in effect they try and make something not happen or to lessen the outcome. And if something does not occur, how can you measure it?


Security Drums.bmp

The security drums. Every company should have a set:

I walked into the office to find our security operations analyst beating on drum, working hard to keep a rhythm.

I asked him what he was doing and he replied "I am beating the new security drum to ward off the computer viruses. Management just bought it from the vendor and they say it adds another level of protection."

"Is it working?" I asked.

"I'm sure it is, we have not had an infection all morning!"

Just then the security manager walked by and reported two new viruses were detected on the network and offered this advice "beat faster!"

Many falsehoods exist. In my days I have seen many wildly inaccurate, bordering on pure fictional, value assessments for security programs. Every security vendor has something to show, but none can answer the simple question: how much loss will this prevent. As the threat environment is so chaotic, is a reduction in losses due to security programs or just a simple drop in attacks? Does management understand the challenges or are they reinforcing illogical behaviors and still expecting miracles? And what should a security program achieve?



These and many more questions I intend to delve into by theorizing, discussing, tempering, and ultimately shedding light on the frustrating topic of measuring information security. Anyone want to come along for the ride?


The Four Dirty Questions of Measuring Information Security

Practical Aspects of Measuring Security

Managing the Effort to Measure Security

Security in a Box

As this is my first post in this forum, let me start by introducing myself. My name is John Dunlop and I am an IT Enterprise Service Architect responsible for Intel's IT client solution architecture. I've had this role for less than a year, having previously been responsible for some of our identity & access management services, as well as other backend core services. What an exciting time to have made the shift to the client side of IT! To say that there have been considerable and accelerating advancements in client usage models and application delivery models is truly an understatement.


Historically the most interesting and divisive discussions of client architecture have revolved around the debate over thin versus thick clients. Both models have their advantages and disadvantages, of course, but ultimately (as all IT architects know) it's all about enabling the business to have their cake and eat it too. We need to provide a client that is robust enough to survive network connectivity or performance issues, enable an increasingly mobile workforce, support data center consolidation, and satisfy the consumerization and personalization trends that are forcing IT to make more and more compromises to keep customers happy. On the other hand, competitive pressures drive IT budgets ever lower, keeping manageability center stage for providing TCO reduction and making IT managers crave more and more control over the client. Neither thin nor thick clients ultimately deliver on all of their promises, partly because the world has never been that black and white and one size rarely fits all.



Enter virtualization. Now, some will point out that we've had "presentation layer" virtualization solutions for decades, but again, this shifts us squarely into the realm of thin clients which simply don't serve our mobility needs and shift costs to the infrastructure. The benefits of true, on-board virtualization capabilities were immediately apparent on the server, but client virtualization wasn't taken seriously (as scalable) by many until fairly recently. Sure, you could run a guest OS on a client host OS for training purposes, or to do some specific task that wasn't supported on the host OS, but there was substantial overhead from a performance standpoint, and let's face it, the average user was never going to be satisfied with all the complexity and effort of moving between host and guest. Ever notice how it always seemed to be IT people using a virtualized guest OS for some constructive end? Improvements in technology (e.g. dual core, Intel VT) have meant substantial mitigation of the performance concerns, and the competition to deliver more and more capabilities and transparency in software hypervisors is creating a virtual arms race for the virtual desktop. It is amazing to see how far we've come when when you can run apps in two different operating systems simultaneously as they float side by side on the same desktop, allow cross-registration of applications, and share file systems, task bars, paste buffers, etc., etc.



Here's where you get that cake. Rather than continuing to evolve that tightly-coupled fat client architecture you've built a career around (so when are you planning to upgrade to Vista?) or continuing to tell your users that mobility is overrated while you shift client support costs to the network and data center with your antiquated thin client strategy, let's think outside the box for a minute.



Virtualization is about abstraction, and there are several layers where you can exploit abstraction using existing virtualization technologies and products. The most obvious one is between the guest OS and the host OS or hypervisor. This abstraction layer may, for example, allow you to change your client hardware procurement or provisioning model. Even a decision made to leave those business processes alone can be made confident in the knowledge that changing that decision later doesn't require a complete redesign of your client solutions. Some companies are even thinking about discontinuing the practice of providing laptops to mobile workers, opting instead to give them an annual stipend to purchase their own systems with their own OEM support contracts and a host OS they can do with as they please.



Virtualizing the workspace, even if that remains a tightly-coupled OS and application solution stack for the time being, makes that workspace transportable across devices, easier to recover, even potentially resident on a thumb drive. Because the user has a host OS to horse around with, you can finally lock down that work environment like you've always wanted. And, now you can provide a variety of workspaces through virtualization, including productivity and collaboration, engineering, manufacturing/shop floor control, etc. Making the framework of your client more modular means greater agility for your business, and you can finally begin looking at the workspaces you provide as true services.



And what about the tight integration of those applications? Another abstraction layer is between the applications and the guest OS. New and old capabilities and techniques can be employed to virtualize those applications, albeit not without some elbow grease within the greater IT organization to stop developing and/or deplolying proprietary or OS-dependent apps to the client. New IT policies that promote standards and provide guidance about the most appropriate forms of application virtualization and application delivery would be an excellent start. Writing applications on Java VM for example, or at least not using proprietary browser extentions in web apps would go a long way toward making applications available across workspaces and operating systems. Even for natively installed applications, adherence to standard data object types and document formats will provide at least the look and feel of virtualization which may be good enough in some cases. I don't have time or space here to get into the merits of Software as a Service (SaaS), but there is a clear paradigm shift occurring in the application delivery space that can support cross-platform "virtualization" of applications, and new technologies are even allowing for the caching of streamed applications that can run even when disconnected from the network!



Finally, and this may be the hardest abstraction layer of all, there is the holy grail of data virtualization. Imagine thinking about data as being associated with users rather than devices. Why are we still thinking in terms of client backups? I want my data to be available no matter what device I use to run my workspace. If I have a problem with my device or workspace, and a new workspace is provisioned, streamed, or otherwise made available to me, my data should be there as well, protected by some network service responsible for managing my data and serving it up to me no matter what device or workspace I may be using. I must admit that I haven't looked into the options in this area much yet, but I fear this is an area that lacks maturity from a client mobility perspective.



Naturally, there are significant manageability and security implications for this type of architecture. Hey, I never said this was easy! Many products are coming to market, however, to complement virtualization products to fill these needs. Figuring out how to solve these challenges is worth some time and effort. Client virtualization is not a fad; rather it is an evolutionary step forward that will provide IT and the businesses they support with newfound agility and competitive advantage in terms of lower integration costs, faster turnaround time, and improved user experience.



Filter Blog

By date: By tag: