Market Roundup

February 9, 2007

Blade Email Server Security Appliance Meets IT Needs

EMC + RSA = Enhanced High-End Data Security

Microsoft May Be a Little Chicken When It Comes to Automotive Dealers


Blade Email Server Security Appliance Meets IT Needs

By Lawrence D. Dietz

Mirapoint, a secure messaging company, announced recently that its RazorGate email security appliance on IBM BladeCenter will be available in the second half of 2007. This collaboration combines Mirapoint’s email security technology with IBM’s BladeCenter to offer large enterprise and service provider customers a high-performance, intensely scalable solution for delivering email security throughout their infrastructure. IBM BladeCenter offers the simplicity, density, availability, affordability, and scalability that are central to the blade technology promise, and IBM BladeCenter features help lead the way in enabling the self-optimization, self-healing, and self-protection crucial to the on-demand computing revolution. With Mirapoint RazorGate and IBM BladeCenter, organizations can scale email security for their networks even in extremely high-growth, high-demand environments. The Mirapoint RazorGate running on BladeCenter also provides best-of-breed antivirus, anti-spam, unique edge blocking and user-based junk mail management to provide airtight email security no matter how large the organization.

IT infrastructure and architecture have been exhibiting a number of trends in recent years. Concerns over physical environment—space, energy consumption, temperature and humidity requirements—have added to the challenges of organizations, especially larger ones. Complex, heterogeneous IT infrastructures often require significant support, especially where software is concerned. Vulnerability exploitation has been a popular attack vector for hackers and IT executive management is loathe to trust the health and welfare of their infrastructure to a remote cadre of overworked administrators. IBM promotes its blade solution as one that is “easier to manage, uses less power, produces significantly less heat, has longer life spans, and is easy to set up and scale.” (, accessed on 31 January 2007)

Blade architecture has been well received as a means to increase the robustness of hardware configurations while optimizing the physical footprint and reducing the overall cost of ownership by enabling consolidation and takes advantage of economies of scale that would not be possible with other configurations. The BladeCenter architecture also employs a single configuration to optimize the consolidation of the power and capabilities of multiple servers but with correspondingly less hardware and environmental demands. Sageza expects that other appliance vendors will likely follow suit with Blade offerings and that over time blades will give way to silicon-based solutions. As the threat environment evolves and attackers adapt to defenses, we believe that security vendors will need to integrate a variety of functions on an array of platforms. The more intimate the interaction between the security functions and the lowest levels of “the stack” the better the overall security and the smaller the negative impact on performance.

EMC + RSA = Enhanced High-End Data Security

By Clay Ryder

EMC has announced new security features for its Symmetrix DMX-3 enterprise storage platform that integrate technology from its RSA Security division to support stronger authentication, authorization, and audit capabilities in its enterprise storage portfolio. There were three security advances featured in the announcement: namely, Symmetrix Service Credential, secured by RSA; Tamper-proof Audit Log; and EMC Certified Data Erasure. The Symmetrix Service Credential secures the actions of service personnel to preserve information integrity by authenticating users accessing the Symmetrix service processor via encrypted credentials and individual passwords and then authorizing approved actions or preventing unauthorized actions. Tamper-proof Audit Log provides a secure record and tracking of all service or management activities on a Symmetrix DMX-3 system, as an enhancement to Symmetrix Audit Log and Solutions Enabler software that ensures service and host-initiated actions are recorded in a tamper-proof log. EMC Certified Data Erasure ensures that all information on failed drives is securely erased before they are removed from the system in adherence with U.S. Department of Defense specification 5220.22-M. This makes sure that data on failed drives is erased within the system and an auditable record of data erasure is provided to the customer to guard against any removal of sensitive information on a defective drive. The company also introduced support for 4GBps Fibre Channel and FICON Connectivity; RAID 6 disk configuration; Dynamic Cache Partitioning for dynamic partition of memory for different applications; Symmetrix Priority Controls to manage multiple application workloads and prioritize service levels for device groups; and SRDF/A Reserve Capacity to safeguard continuous remote replication operations by buffering in-transit data to disk during temporary outages/congestion. The Symmetrix Service Credential, Audit Log, RAID 6, and enhanced SRDF/A replication capabilities are included with Enginuity operating system release 5772. EMC Certified Data Erasure, 4GBps support, Dynamic Cache Partitioning and Symmetrix Priority Controls will be available as standalone offerings in Q1 2007.

This announcement will undoubtedly please the Symmetrix faithful given the many new and improved features and capabilities brought forth by EMC, At the physical layer, the support for 4GB FC and FICON along with RAID 6 offers organization even more flexibility in how they connect and configure their high-end storage. In addition, the cache partitioning and prioritization controls offer organizations another step in granular tuning in how to best allocate resources to maximize performance. While a rich set of tools and tuning features is synonymous with Symmetrix, these new abilities bring to mind the performance-tuning tricks that are regularly applied to software and server tuning, but are less frequently associated with storage environments. For those who maintain multiple tiers within Symmetrix, being able to dedicate more or less of the cache based upon the application/workload allows for an even higher degree of performance optimization. Further, the Priority Controls tag team with the cache partitioning to allow administrators to more closely match system resources with service levels. These kinds of performance enhancements illustrate the ongoing commitment by EMC to ensure that Symmetrix continues to raise the bar not only in performance, but in flexibility of deployment as well.

We are also pleased to see the inclusion of RSA technology directly into the Symmetrix offering. Given the mission-critical and highly sensitive workloads that are commonly supported by Symmetrix, we believe offering an ironclad approach to authenticating and control access to the Symmetrix service processor will be well received. Combined with the Audit Log, organizations should be able to rest more easily knowing that access to their most important storage resources are being carefully controlled by policy and all interactions with the storage system can be proven by a tamper-resistant log. But perhaps more important is that this capability is integrated and transparent to the user. It also is reflective of what we believe will be a philosophical shift whereby organizations will expect to be able to secure their information at many points. Access policy to files, physical hardware, and management systems thereof combined with varying security technologies such as file- and volume-level encryption, compliance protocols and policies, and many other security and control points will increasingly be viewed coordinated pieces of the larger whole of information security. To effect such controls inhouse, it begs that security capabilities are built in, not bolted on, to be able to successfully enforce policy across a variety of access points and methods. When this extends beyond the storage subsystem itself to encompass servers and other network components, it becomes clear that an integrated approach will be mandatory. There is where RSA’s substantial ability to secure information in the enterprise really shines. EMC’s thought leadership in beginning to integrate this level of security into the storage solutions itself may cause others to ponder this approach and further the realization that securing information is a multidisciplinary approach that needs to account for variety of physical and virtual threats to information integrity, stability, and availability.

Microsoft May Be a Little Chicken When It Comes to Automotive Dealers

By Lawrence D. Dietz

Microsoft this week launched its Automotive Retail Solutions Initiative, a number of key alliances, at the U.S. annual National Automobile Dealer Association (NADA) convention in Las Vegas. The convention is the flagship event for the 21,500 or so new car dealers in the U.S. The initiative is billed as part of Microsoft’s new partner ecosystem providing dealer management solutions (DMS). Five companies—DealerTrack Inc., JM Solutions, Manheim, RouteOne LLC, and The Cobalt Group Inc.—will directly integrate their industry product offerings into the upcoming Dealer Management System for Microsoft Dynamics AX (MSDMS). Five additional partners—AutoBase Inc., bridgeSpeak, Chrome Systems Inc., Crowe Chizek and Co. LLC, and Oxlo Systems Inc.—will provide complementary solutions as part of the initiative. Originally announced in July 2006, MSDMS is being developed by Microsoft with Infonizer ApS, a Denmark-based automotive IT solutions company with a North American subsidiary in Ann Arbor, Mich. Pilot implementations are scheduled to begin in late 2007.

The Microsoft ecosystem approach in the specialized niche of providing IT systems and services to retail automobile dealers is not without precedent. Recently the company announced other partner arrangements such as “Industry partners Help Boost Small Business Success” on January 22, 2007 which addressed how specialty software complemented Microsoft products. Sageza believes this is a marketing theory based on “if we build it, they will come.” Earlier this month Ford announced Sync, a Microsoft operating system underpinning their new digital dashboard control system on twelve of its 2008 vehicles and expanding that across the product line as an option for the 2009 model year.

While no one can doubt the ubiquity of Microsoft and the power of its Brand, even though the effort will initially be aimed at the smaller and medium sized dealer, we believe this approach will not gain significant momentum. This market, particularly in the U.S., has been dominated by large, long-standing, specialized VARs. ADP and Reynolds, the top two VARs in this market, boast a combined share of over 80%. Further, these providers offer a broad range of applications, subsystems, and delivery platforms specifically designed for the dealership and continue to add to them every year. Dealers are notoriously difficult customers. They are among the best negotiators in the business world, and their businesses exhibit high turnover accompanied by low levels of technologically sophisticated end users. Onsite support is the rule, not the exception. Sageza believes that Microsoft will find that a multitude of different partners, sales forces, and support teams will not be able to gain wide traction against the more established specialty VARs.

If Microsoft is serious about the dealer market Sageza believes they will have to revise their strategy to pool forces and reduce multiple parallel efforts in sales and support. We believe that whatever success Microsoft has with its automobile manufacturer customers will not directly translate to success in the dealer market. History has also shown that the major VARs are quick to identify new applications that are of interest to the dealer market. Some of these are developed by smaller companies which can be acquired such as vehicle sales process optimization, while others are more generic (search engine marketing) and can be offered along the lines of more traditional market offerings. Actually Microsoft’s efforts in this market reminds us of the old adage about commitment and bacon and eggs. The chicken supports the idea of eggs for breakfast, while the pig is committed. When it comes to the auto dealer vertical, we think Microsoft is a little chicken.

The Sageza Group, Inc.

32108 Alvarado Blvd #354

Union City, CA 94587

510·675·0700 fax 650·649·2302

London +44 (0) 20·7900·2819

Milan +39 02·9544·1646


Copyright © 2007 The Sageza Group, Inc. May not be duplicated or retransmitted without written permission.