September 10, 2004
Oracle has announced a new application server targeted at the mid-tier market. The Oracle Application Server Standard Edition One is priced at $4,995 per processor or $149 per user, five users minimum. The product is essentially identical to the company’s standard application server but is limited to two processor servers. The new offer includes the app server and software for building a portal. Oracle stated that it wanted to expand sales in the mid-tier market and plans to double the number of employees selling the product to more than 400.
Like a host of other large IT vendors, Oracle is now focusing significant energy on the SMB market, in search of new revenue streams and market penetration. We would agree with the general gist of Oracle’s move (as well as other vendors) as the mid-tier and small business market will offer substantial opportunities in the coming years. We believe that large enterprise vendors have a substantial advantage in selling to the SMB market, based largely on the reality that technology and deployment standards and minimum IT requirements are radiating downward from the large enterprise to the mid-tier and small business markets. Simply stated, mid-tier enterprises must speak the IT lingua franca of their larger customers or risk going out of business. Oracle’s pedigree in large enterprise IT products gives them a leg up in the SMB market for this reason.
But merely having a leg up does not guarantee success in the SMB market. If Oracle is truly serious about reaching down to mid-tier companies, they are going to have to do more than simply double their sales force for these products. The company will also have to make a sizable investment in building and augmenting its channel, be it business partners, systems integrators, or ISVs. Considering that most mid-tier enterprises buy their IT products through third parties and that smaller ISVs are providing the custom applications needed for individual market niches, we will withhold any judgment on Oracle’s commitment to the mid-tier market until we see the company’s plans to build out the channel and ISV ecosphere. If Oracle would like to see a blueprint on how such an effort can be done, we would suggest they take a look at how IBM is developing products, expanding its channel, and investing large amounts of cash to have credibility and results in the SMB market. When Oracle starts mimicking such an effort, we suspect they will be very successful in the SMB marketplace. If they do not, we suspect this effort will go the way of the Network Computer.
The Apache Software Foundation (ASF) indicated this week that it did not plan to support the proposed ant-spam standard Sender ID submitted by Microsoft to the IETF in June of 2004. Sender ID is a combination of Microsoft’s Caller ID technology and Sender Policy Framework (SPF) technology from Pobox.com. Sender ID prevents the forgery of an email’s origin and sender identification, ensuring that received email is actually coming from the party that it is identified with, not some one else. ASF is refusing to adopt the potential Sender ID standard because it considers Microsoft’s licensing terms unacceptable to the practice of open-source development. In particular, ASF is rejecting the purposed standard because of the “nontransferable” language in Microsoft’s license, prohibitions on sub-licensing the technology, and incompatibility with the Apache License 2.0.
This ASF move may not be simply engaging in legal nitpicking and posturing, but the motive may be trying to short circuit something that is beneficial to technology vendors and users alike. We think much of this is due to Sender ID’s Microsoft origin; a non-Microsoft standard would probably have not received such a cold ASF welcome. We believe Sender ID is a viable technology that has a good chance of becoming a standard. Technology users, in the tens of thousands (Internet domains) have published SPF records since the standard was introduced. It is clear these technology users value email sender authentication and validation and its related reduction in identity theft and email spoofing. For many users, this may be a simple realization that at present there may be no better alternative to the Sender ID solution. Vendors generally relish the promise of leveraging others’ investments in developing open standards by adding their own special value and spin for profit and product differentiation. We do not see why this would not be true for Sender ID. Email solutions such as Outlook, Eudora, etc. could easily and effectively adopt and write to the Sender ID APIs and in doing so resolve a community problem that would be too expensive, if not impossible for them to solve alone.
The ASF argument for not endorsing Sender ID is that Microsoft licensing does not allow transferability. The ASF interpretation of open is, ironically, restrictively narrow and inflexible. It fails to acknowledge that standards-compliant proprietary code, with open published APIs, is open: open to use, but maybe not to change. To use, this ASF stance contradicts the historically accepted norm for open. Case in point: the number of vendors who offered their own flavor of UNIX, such as AIX and HP-UX. These offerings qualified as open by being POSIX standards-compliant with published APIs. Thus, we fail to see why a standard being promoted by the Redmond Giant, which has been filed with appropriate standards bodies, is being pooh-poohed, unless of course it is really a simple base of bigotry. If Sender ID were being proposed by a ABM member in good standing, we seriously doubt the ASF licensing issue would have surfaced. This is too bad for users of open sources solutions, especially those who have taken advantage of all that Apache has offered to this community. Thus, one of the great supporters of a vast community of computer users has made it clear that some members of other communities are not welcome. Too bad. While religious zealots may cheer, it is the masses of users who will ultimately groan, as one viable way to reduce their email clutter has been sidelined, for less than valid technical reasons.
Avanton, a start-up security company, has announced a new security appliance targeted at the SMB market. The new product, called ReadyARM, provides intrusion detection, alerting, and reporting, as well as vulnerability scanning and reporting. The company says ReadyARM helps SMBs ensure that their IT footprints comply with a variety of federal regulations, including Sarbanes-Oxley, HIPAA, and GLBA. The ReadyARM device tracks and detects intrusion attempts and alerts appropriate IT personnel in real time. The product also has a bandwidth monitor and network analysis tool which can be used to detect inappropriate bandwidth use. ReadyARM is priced at $9,995 and for an additional $2,000 per year Avanton will provide updates, backups, upgrades, and support services.
For many small and medium enterprises, security is something that is tacked on after the fact, with higher priorities given to such things as network reliability, access to data, and compatibility with lighthouse customers. Furthermore, security products tend to need a fair bit of care and feeding, and for many SMBs the expertise required to deploy and oversee sophisticated security deployments is neither available nor feasible. Thus, for many SMBs security products can be a hindrance to doing business.
It will be interesting to see if Avaton gains market traction with this product within the SMB space. Certainly, the idea behind the product makes sense; SMBs need easy-to-use security offerings that improve their ability to withstand intrusion attempts and other nefarious activities. We suspect many SMBs may be leery of purchasing security products from a company that they have never heard of, or from one that may or may not be around in a year or two. Such are the challenges Avanton faces. Perhaps a partnership with a reseller or a service provider may help overcome this obstacle. Nevertheless, the need for improved IT security for SMBs is undeniable, and the pressure for them to meet an increasingly demanding minimum requirement will only grow in the coming years. As SMBs continue to find themselves enfolded in the value nets of their largest customers, those customers will demand that the SMB has the appropriate security in place to prevent the SMB from becoming a weak link in the large enterprise’s security shield. Such pressure will aide and abet an ongoing industry trend, in which technology standards and thresholds radiate outward from the top of the food chain, downward through the ranks of mid-tier and smaller operations. Security will be no exception to this trend, and companies that can provide no muss-no fuss security that meets these standards and thresholds will be well positioned indeed.
Hitachi Data Systems (HDS) has announced the latest edition of their Lightning high-end storage array. According to HDS, the product combines hardware and storage management software for their most advanced product yet. HDS is positioning this as an open-ended box because multi-vendor storage can be attached at the back end and can be managed through the Lightning product. In tandem with this release, HP has announced the StorageWorks XP 12000, their OEM version of the product. HP is positioning this as the most powerful high-end disk storage system available today, as it claims the system scales more than twice that of competitor’s current offerings. Tiered storage is mentioned as a secondary capability. HP says the new system scales from 1TB to 165TB of storage now and will scale to 332TB of storage when larger drives become available next year.
We find it interesting that the same product could have two different spins to it. Perhaps this is HDS working with its OEM partners to make sure that they focus on different aspects of the products to maintain differentiation. Or perhaps this is unintended, and HP and HDS have each decided how to approach the market independently. In any case, HP has focused on the brawn where HDS has focused on the brain. We believe this product is crucial for HP because their quarterly numbers revealed weaknesses in storage that will continue in the short term, and the XP 12000 should give them a temporary boost at the high end, until EMC and IBM roll out the next generation of Symmetrix and Shark respectively. On the other hand, HP dismisses the HDS software capabilities by mentioning that they have their own software innovations for single-system management, remote copying, and cross-continental disaster recovery. The quandary for HDS is clear: while they encourage their OEMs to differentiate their HDS based offerings through software, including management software, they want to be a leader in software management themselves. Since most HDS products are sold through OEM partner channels, we wonder why they are spending all this time and money developing their own management solutions. We are also curious to see how Sun, another OEM of HDS’s Lightning products, brings their version to market. For HDS to continue to succeed, it needs to provide industry leadership, and it clearly isn’t there yet.
While it has become a truism that customers have a never-ending need for more storage, the truth is that like server processor utilization, overall disk utilization remains low. In that sense just being bigger isn’t likely to solve some of the most pressing business problems out there. The “mine’s bigger than yours” chorus isn’t what IT managers want and need in this period where their board and CEO are telling them “do more with less.” The industry leaders in storage are looking at software as the way to manage resources more efficiently, and lower costs. It is not enough to be big. Storage has to integrate coherently with the larger IT architectural story, which is usually some version of information lifecycle management and automated virtualization. HP has made an initial impact with a big-box offering, but they will need to expand that messaging as sales takes the product into the field and tries to help customers use it to solve business problems related to information and data management.