Market Roundup May 11, 2007 Sun Previews JavaFX Family and Delivers JDK to OpenJDK EMC Information Infrastructure Roadmap Gives RSA Leverage Hitachi GST Ships Travelstar 7K200 Encrypted Hard Drive Virtela Raises FUD to New Heights |
|
Sun Previews JavaFX Family and Delivers JDK to OpenJDK
This week at JavaOne, Sun previewed JavaFX,
a new family of Java technology-based products. JavaFX
leverages the Java platform and will support all content and applications
currently supported on Java-based devices. JavaFX
Mobile is a complete mobile phone software system, which will be available
through OEM agreements, that is designed for carriers, content owners, and
consumer electronics manufacturers. With the assets Sun recently acquired from SavaJe Technologies, JavaFX
Mobile will be enhanced to provide a unified runtime environment that provides
the flexibility for wireless carriers and mobile device manufacturers to
develop consumer electronics featuring rich, dynamic content. Sun also
previewed JavaFX Script, a new scripting language
targeted at creative professionals, which seeks to simplify the process of
creating and distributing interactive content across all Java-enabled
platforms. All JavaFX software will be available to
open source community through the GNU General Public License (GPL). The company
stated that it will deliver additional JavaFX
products targeted at manufacturers of set-top boxes, navigation devices, and
automobile dashboards. Separately, Sun announced the release of a fully
buildable Java Development Kit (JDK) version for Java Platform Standard Edition
(Java SE) to the OpenJDK Community under the GPLv2 license as well, stating
that OpenJDK-based implementations can use the Java SE 6 Technical
Compatibility Kit (JCK) to establish compatibility with the Java SE 6
specification. Once certified through the JCK, implementations will be eligible
to use the Java Compatible logo, while still meeting all obligations under the
GPL. Sun has created pre-built NetBeans IDE projects for the OpenJDK code base
so that developers can download the source code, open it in the NetBeans IDE,
and use the Build Project command to build a working JDK. Also available at the
OpenJDK project website is all the unencumbered source code for the future
implementation of Java SE 7, as well as binary plugs for the remaining few
instances of encumbered code. In addition, the Interim Governing Board for the
OpenJDK community, whose charter is to draft and gain ratification of a new
constitution for the OpenJDK Community within the next year, was announced. An
election will then be held to replace the Interim Governance Board with a duly
elected board in accordance with the OpenJDK constitution.
True to form, JavaOne is always quite the event. While
primarily a developer’s conference, the event sheds a great deal of light on
the future roadmap for the Java environment as well as illustrating the depth
and breadth of the ecosystem that has come to embrace the notion of a
ubiquitous priceless Java technology. While there were many additional announcements
from Sun and its Java cohorts, we believe the two most important are the
preview of the JavaFX family and the completion of
bringing a JDK to the open source community.
To our way of thinking, JavaFX is
a technology that needs to be seen to be truly appreciated. When Java was first
released over a decade ago, a common demonstration of its ability was to float
a stock ticker across the top of a Web page. Unfortunately, for many this was
also the extent of its deployment for quite some time. Java was much more about
code and making stuff happen in the background than creating compelling user
interfaces. What is so nifty about JavaFX Script is
that it provides for an eye-catching environment, while delivering the
programmatic environment to interface eye candy with mental agility. The result
is that small form factor devices such as cell phones can display intuitive
graphical interfaces with the underlying intelligence to dynamically interact
with the user in an experience that transcends the simple clicking of static
icons. While these kinds of interfaces will undoubtedly be focused on consumer
electronics first, one should not underestimate the reality that consumers are
business people too, and that their expectations in and of the workplace are
increasingly shaped by their consumer experiences. This is especially true of
younger professionals who have come of age in a highly interconnected
environment where the dividing lines between home, work, and personal time are
increasingly blurred, if not outright imperceptible.
For the code-hardy, the release of the JDK to the OpenJDK
project should be welcomed news. Sun has become a stalwart open source
supporter and the availability of a buildable, logo-certifiable JDK should help
further the Java platform’s reach into a variety of solutions. This reinforces
the notion we first spoke of a decade ago regarding the priceless nature of
Java, i.e., that for Java to be successful, it had to be something that no one
could do without, therefore requiring that it be ubiquitous, which in turn
required that it have no price or barriers to access. Although Sun has traveled
a long path to bring Java to the open community, it is one that we are happy to
see completed. This is in stark contrast to the standardization/control attempts
Sun promulgated in the late 1990s in its quest to enforce a standardized Java,
but with a degree of proprietary swagger that limited Java’s ability to become
truly priceless in the marketplace. Now with its place in the open source
community and its compatibility ensured through the JCK, we believe Java will
have finally achieved its ascension into small class of truly priceless
technologies.
As we said earlier, JavaOne is about a view into the future. From what we saw this week, we are heartened by the potential creativity that may further be unleashed by Sun’s latest investments in Java and the ecosystem surrounding it. The platforms and the world in which Java is thriving today is quite different than the one of a decade ago. It is testimony to the forward thinking of those who decided to embrace the technology and develop it into solutions that today may seem commonplace, but a few years back were more akin to science fiction. With the potentially greater pool of talent wading into the open source waters, how and where Java may utilized in the future may make today’s Java enabled solutions seem as mundane in the future as that Web page stock ticker seems today. This indeed will be a future that will fun to watch unfold.
EMC Information Infrastructure Roadmap Gives RSA Leverage
RSA, The Security Division of EMC, this week announced the
advancement of its information management platform for compliance and security,
the RSA enVision solution. The new capabilities of
the RSA enVision platform are built to help provide
an information management platform for compliance and security data that can
comprehensively and cost-effectively map and transform the raw data into
actionable intelligence. Integration with EMC’s networked storage systems helps
to position the RSA enVision platform to
cost-effectively help organizations maximize the value of this type of business
information.
RSA’s strategy helps provide for
the management of security compliance event log data over the complete security
information lifecycle. It is designed to encompass integrations with a broad
range of leading storage offerings. As engineered, this allows customers to
define log retention policies in RSA enVision
platform that are automatically executed through EMC’s storage solution
portfolio, enabling complete collection-to-retirement management for all
security information. RSA enVision offers enhanced
availability collection server configurations that operate in hot-standby
active/passive mode to effectively eliminate the risk of collection interruption.
If a server failure occurs during the collection process, the hot-standby
component is designed to detect the problem and automatically takes over. In
addition, RSA enVision is integrated with networked
storage systems from EMC, providing customers an additional tiered storage
choice. These high-availability network-attached and direct-attached storage
models come preconfigured and prepackaged for simpler, faster deployment to
help customers lower their overall storage and management costs. The new
release of RSA enVision platform also adds three
major features: Vulnerability and Asset Management Integration to add
vulnerability and asset intelligence and significantly reduce false positive
alerts, enabling efficient focus on real threats; Watchlist Alerting and
Reporting to create or import watchlists for enhanced efficiency of security
operations and automatic real-time alerts based on watchlists to flag policy
violations as they occur, enabling real-time compliance; and Task Triage and
Ticketing System Integration to simplify operations by providing a complete
incident response system for improved accuracy and faster resolution of
investigations. Integration with an organization’s enterprise incident
management system further enhances operational efficiency.
RSA and its parent EMC recognize that they have to synergize
their intellectual property and make life easier for their clients. To their
credit, the organizations also recognize that they have to telegraph their plan
to customers, investors, and other stakeholders and demonstrate that they are
executing to the plan. The fact that log retention policies can be specified in
an RSA product and executed on EMC’s products is a great step forward. It
demonstrates that they are walking the walk, not just talking the talk. We also
believe that the addition of vulnerability and asset management intelligence
can be a real time-saver for end-user organizations that are attempting to
track vulnerabilities manually and a logical extension beyond RSA’s core authentication world.
Overall we view this as a very positive development from RSA and EMC. We believe it demonstrates the company’s intention to adhere to the Product Security Policy outlined in January 2007 in its paper entitled “Secure DNA: Enabling Security in EMC Products.” The PSP is a company-wide, top-down program designed to imbue a sense of security “DNA” into EMC products. The key principles behind PSP are: information security is a core element of information protection, a foundation for information security is a secure information infrastructure, and information security should be built-in, not bolted-on. These principles are central to PSP and EMC’s planned common security program. Sageza believes that this kind of base architecture combined with integration and interaction between RSA and EMC products is in tune with market demands and that RSA and EMC will likely see increased customer confidence as they continue to execute on their roadmap.
Hitachi GST Ships Travelstar 7K200 Encrypted Hard Drive
Hitachi Global Storage Technologies (Hitachi) has announced
volume shipment of the Travelstar 7K200, a high-capacity, high-performance
laptop hard drive with new optional data encryption technology. The new drive
features up to 200GB capacity, a 22% overall performance improvement over its
predecessor, and improved shock tolerance, among other technical improvements.
The 7200RPM Travelstar 7K200 has power consumption, heat emission, and
acoustics comparable to its 5400RPM counterparts and features a Serial ATA 1.5GBps,
1.5GBps encrypted, or 3GBps interface. Optional Bulk Data Encryption technology
provides information security as data is scrambled with a key as it is being
written to the disk and then descrambled with the key as it is retrieved. The
Travelstar 7K200 is available immediately on Dell XPS laptops and on Alienware
laptops. Customers requiring the highest capacity will be able to purchase dual
hard-drive configurations with 400GB of available storage on the XPS M2010 and
Aurora m9700 models.
This announcement is the awaited follow-up to last
November’s initial announcement of the 7K200. While there are several technical
enhancements evident in the hard drive, we believe there are two areas in which
this drive hits the target especially well. First is its impact on system
resources, especially power and acoustics, which is similar to existing 5400RPM
solutions. Second is its hardware-based AES data encryption. Both of these are
important considerations for commercial users, especially with today’s
increasingly mandated data security practices.
By offering increased performance and capacity, these drives
are well suited for mobile professionals who often find themselves
operating on battery power for extended periods of time. Although the improved
performance of the 7200RPM drive will potentially allow users to complete their
tasks more rapidly, in most scenarios this incremental improvement would be
more than offset by shorter battery life due to increased power consumption by
the drive. Fortunately, this is not an issue for the 7K200 given its power
consumption parity with existing 5400RPM drives. As vendors continue to raise
the bar for the performance of their high-end laptops, battery technology has
had a more difficult time keeping up with the demand while maintaining a
workable form factor. It is encouraging to see that in this case improvements
in storage performance will not substantially impact battery life.
The most interesting aspect of this announcement, however,
is the availability of the optional hardware-based encryption. This native-to
the-drive approach to encryption offers advantages over software encryption,
which is generally not well understood by the technical layperson.
Additionally, hardware-based approaches do not add a load on the CPU in order
to execute the encryption and decryption. By having all encryption and
decryption activities occur simply as part of the read or write activities to
the drive, they can be largely invisible to the user, which can remove a large
obstacle to an effective deployment. While encryption of laptops may initially
be thought of as a means to secure data in case of loss or theft, it can also
prove advantageous to IT operations. From an operations perspective simply
deleting the encryption key renders the hard drive unreadable and could save
considerable time in repurposing equipment to new users. This capability is
offered through the Quick Erase feature and we suspect will be a capability welcomed
by IT managers and support personnel who are tasked with managing laptops and
safeguarding sensitive information that may be stored within.
Overall, this announcement illustrates continued improvement in laptop hard-drive performance and capability along with an appreciation for energy efficiency that should make these drives a logical solution for most corporate laptop users. Hardware-based encryption for laptop hard drives is still new, but is gaining momentum in the marketplace as witnessed by this announcement and the Seagate announcement earlier this year. The Quick Erase feature may in and of itself be a sufficient reason for many organizations to decide on encryption simply to reduce the time and expense involved in their laptop recycling or redeployment practices. Nevertheless, we believe the security and best practices afforded by their use in highly regulated industries is a no-brainer and expect to see such deployments grow.
Virtela Raises FUD to New Heights
Virtela, a secure network solutions company, has announced
its new Pandemic Readiness Solution, which helps to ensure business continuity
by enabling employees to securely access corporate resources remotely in the
event of a pandemic. The product allows Virtela’s customers to scale network
capacity for a large number of remote users without the expense of overbuilding
their current networks. The company opines that there is little doubt natural
disasters or a global pandemic will strike in the future, and cites the CDC
estimate that if there were a pandemic of the H5N1 Bird Flu, for example, as
much as 40% of the workforce would be out at any one time with disastrous
financial implications for employees and organizations without available
remote-access capabilities.
Virtela's Pandemic Readiness Solution incorporates the
infrastructure, tools, and personnel necessary for disaster recovery. The
service aggregates and integrates the best access and backbone infrastructures
around the world into its Global Service Fabric via an intelligent architecture
overlay of network nodes called Regional Policy Centers. Virtela employs a
variety of remote network access enablers for Pandemic Capacity Planning.
Highlights of the product include SSL VPN devices which, when installed quickly
during a pandemic or disaster, terminate end-user connections; global
load-balancing to manage sessions across all SSL VPN devices at Gateways;
out-of-region access, which employs WAN acceleration devices and gives user quick
and secure access, maximizes global capacity, accommodates high spikes in
traffic, and provides unprecedented redundancy with hardware, regional
gateways, and ISP and carrier access; and the ability to assign different
levels of remote access based on end-user attributes, allowing access to the
most critical users even in dire circumstances. To ease the pain of sudden
expansion the company offers emergency Licensing for SSL VPN hardware, letting
customers add new capacity immediately for temporary intervals, and switch to
permanent licenses later, if necessary. To save costs, customers can turn the
emergency capacity on or off as needed, and procure low-cost, minimally
licensed SSL VPN devices that remain idle until the customer needs capacity, at
which point the customer can purchase and activate standard licenses.
Sageza believes organizations must be prepared to continue
critical operations in the face of planned or unplanned events. We applaud
Virtela’s notion of informing the end-user community that planning for a
possible pandemic requires flexible, secure data communications. We also
believe that it is far better to develop and test plans before they are needed
and that any steps to mitigate administrative bottlenecks are best addressed
before the crisis rather than during. Virtela also advises organizations to
test their plans regularly and we wholeheartedly concur with this as well.
Having said all this, we believe the VPN is at the far end of the planning cycle. Organizations must first determine which functions are critical, which assets may need relocation, develop alternative staffing schemes recognizing that employees may not be able to travel anywhere (shelter in place is the watchword), and put in place the contingency logistics to support the various combinations and permutations of IT infrastructure that will be needed to serve under a variety of conditions. Large organizations with geographically dense work populations should be actively working with their local Red Cross Chapter and other government and non-government Organizations to ensure that employees are properly prepared to deal with disasters regardless of cause. Physical Security, Legal, HR, and Information Security facilities within organizations should all be working in tandem to ensure optimal flexibility in planning. Top management should insist on formal tests or exercises on a regular (quarterly or semi-annual) basis. Proper contingency planning is not the responsibility of a single department, but of the organization as a whole, and secure data access is a critical piece which should be addressed ahead of the problem.