1. Orbitz by Streambase (Real-time monitoring)
2. Netbank by Coral8  (Algo trading)
3. LiquidNet by Coral8 (Market monitoring and analysis)

Progress Apama had a few algo trading references, but they (wisely in my opinion) are not (seeming) calling algo trading platforms sales, CEP, in 2008.   This is good (and more accurate) and I applaud Apama for building a great event stream processing platform and not overhyping the phrase “complex event processing” every opportunity they get.    Maybe we should create another award category?    

You will not find any “secret council of elders” here, nor will you find any subjective opinions about the market from people we send out email asking for their opinions - only the facts in an open transparent way.  Here is the Google worksheet, if interested.

Please contact me or comment here if we missed anything and we will take a look and we will add your suggestion if it meets the criteria.

Revisions:

1. Added LiquidNet/Coral8 suggested by Marc Adler (see comments)

And, as with the AT&T deal, Bell's Internet customers get unlimited access in Starbucks's stores. The deal starts up immediately, as Bell is the current operator. AT&T is transitioning to running Starbucks in the U.S., taking over by the end of 2008 from T-Mobile.

ScienceLogic: Mike, what’s your background working with network and management system tools?

Mike Lawson: Before joining Apptis, I worked for the Air Force, mainly in satellite communications for almost nine years. I’m probably most familiar with HP OpenView and BMC Remedy. I managed a team that used them but wasn’t involved in tool selection; like many other federal IT workers, we didn’t have a choice of tools because there were existing enterprise licenses and maintenance contracts.

I also saw a large systems integrator do a full Remedy/Crystal Systems/OpenView installation. It took 6 weeks to stand up and customize to meet just the basic monitoring requirements, and it cost something like half a million dollars. At the time, I thought that wasn’t bad and was a pretty typical experience.

ScienceLogic: Coming from where you did, what’s your take on EM7?

Mike Lawson: Honestly, I didn’t believe that EM7 could really do all that it claimed. In many ways, it was the complete opposite of what I had seen first-hand with other monitoring solutions. Could it really cover that much functionality? At relatively much lower cost to the customer and without the licensing nightmare?

That quickly changed when I needed to understand the system enough to run it at a customer’s site. I went back over the training docs I received during my initial training class and jumped in; now, 6 months later, I’m the EM7 expert and can tell you that it delivers on all those promises. (But I still need to show people to get them to believe it too)

I preach the “EM7 gospel” and when anyone wants to talk monitoring, I ask about the universal pain points: cost, maintenance contracts and licensing, and then I explain EM7. The cost difference is real; the solution is based on capacity, so there’s no licensing and it’s easy to use. They are shocked to learn that they can buy multiple EM7 appliances and years of maintenance for what they paid for most other tools.

ScienceLogic: Apptis won the contract for monitoring aboard the USNS Mercy. We love that you’re using EM7 for one of the Navy’s hospital ships. Can you tell us more?

Mike Lawson: The USNS Mercy is a Military Sealift Command hospital ship. Some stats:

• 849 feet long (nearly the size of a football field)
• 12 fully-equipped operating rooms, a 1,000 bed hospital facility, digital radiological services, a diagnostic and clinical laboratory, a pharmacy, an optometry lab, a CAT scan and two oxygen producing plants
• Crew: 61 civilian mariners, 956 Naval medical staff, and 259 Naval support staff

The USNS recently departed on a five-month humanitarian mission in the Western Pacific and Southeast Asia in support of Pacific Partnership 2008. The partnership provides international medical, dental and engineering teams this summer to provide humanitarian support and conduct joint, combined, and cooperative Civil-Military Operations in order to improve regional stability and build partner capacity to respond to natural disasters and pandemic.

For the most part, the ship’s network is self-contained, but can also use a landline when docked. The network covers 400 devices, including Windows/Exchange servers and VMware for server virtualization. Prior to using EM7, none of the monitoring was integrated; each system was independently monitored through individual vendor-specific consoles.

Out of the box, EM7 provided integrated systems, application and network management for all network gear, applications and virtual machines in one solution. We didn’t have to do a lot of customization – EM7 includes best-practice based thresholds, event and monitoring templates and this covered what USNS Mercy needed to monitor.

ScienceLogic: You’re a systems integrator with a very useful “customer point of view” when it comes to looking at tools. From that perspective, can you share what you think are the biggest benefits that EM7 provides?

Mike Lawson: First of all, EM7 stands up right away. We’re talking days, not weeks. In contrast to the lengthy installation of OpenView and Remedy I witnessed during my military career, I was able to configure, customize, and implement the EM7 solution for the USNS Mercy in three days.

Second, it’s easy to train people on and the support is outstanding. This judgment is from first-hand experience. Right before the USNS Mercy departed on its latest voyage, the system administrator I had trained on EM7 left, so I had all of a day to train some new EM7 admins. I prepared a seven-page “cheat sheet” and over a 3-hour conference call, we walked through the entire EM7 solution; I haven’t gotten a support call since.

And when a problem did crop up with a device being discovered incorrectly, ScienceLogic was very responsive. We contacted ScienceLogic support on a Saturday and they created and emailed us a video to help troubleshoot the same day. Within 30 seconds of watching the video, the problem was resolved.

Finally, EM7 helps us be good stewards of the government’s money. This is very important to me personally and to Apptis as a company. Because EM7 is cheaper and deploys so quickly and easily, you might think that it’s just the opposite of what a system integrator would want to use. But that’s short-term thinking. We believe in deliver the most value for customers every time. It’s what creates trust and long-term relationships with our customers. Instead of that half million spent on standing up the solution and basic setup, I’d much rather (and I know the customer would rather) spend that on fine-tuning or extending the solution to do much, much more.

As a former government employee, I know what it’s like to use a tool that doesn’t fit my needs. EM7 proves that the best solution can totally break the old model of costly, lengthy installations. EM7 has the right model: the right solution and the right price delivered as an appliance that is easy to deploy, train on and use.

ShareThis

I’ll take your 6 centers of excellence and uh, raise you 2 data centers. Following up on the HP announcement that they’ve partnered with Yahoo and Intel to create cloud computing Centers of Excellence this week, IBM said they were building out 2 data centers to accommodate the coming cloud computing resources need. I should say that IBM had already announced their “partnership” with Google to provide services for the cloud back in May. Who’s left to partner with on cloud computing? Microsoft and Amazon?

Packet Trap Networks recently conducted a survey of network engineers and IT professionals who perform network management duties inside companies with more than 100 employees. Out of the 800 engineers surveyed, 49 percent stated that they did not have a comprehensive network management system in place – showing a need for solutions focused on the mid-market – i.e., the right features at reasonable prices. If you remember, Sevcik and Wetzel (not a vendor!) conducted their own survey on application performance management and had similar findings but a rather different answer… (hint – starts with “E” and ends in “7”)

Is open-source software more secure? After all thousands of eyes are better than a handful, right? Well, according to a report sponsored by Fortify Software, that’s just not the case. Roger Thornton, founder and CTO of Fortify Software, adds that the underlying problem is “a lack of understanding and collaboration between developers and security experts – today each are talking past each other when it comes to security.”

For all you aspiring CIOs out there, WSJ has provided a must-read list. Uh oh– the first on the list is “How to Read a Book”. Please, any negative comments directly on the Journal site…and any “good” ones here!

ShareThis

Now that we are beyond the halfway point in 2008 we are going start the process all over again.   So please feel free to comment  as I start compiling the list again, using the same criteria as last year (However, I reserve the right to slightly modify the criteria if necessary).  Basically, the criteria looks like this:

- Must be a (CEP/EP) software vendor.

- Must be an end user / customer.

- Must NOT be a partnership or OEM announcement.

- Must mention complex event processing (CEP) or event processing (EP) in the public statement.

- Must be available on the Internet and in English.

In a nutshell, just as we did last year, we will compile all the CEP/EP public reference clients that mention CEP, the software and the customer.   Your are encouraged to post links to your 2008 reference clients in the comment section  here.   Please include the URL, Date, Source, Software Vendor, Customer Application (Use Case), as in the 2007 worksheet.

ScienceLogic: Can you share any of the strategies/advice that you give to companies embarking on their BSM journeys?

Doug McClure: Well, first they’ve got to have a BSM strategy. Nearly all the clients I talk to or hear about wanting to do BSM do not have a BSM strategy. I talk a lot about this on my blog and with clients and it is relevant whether you’re going to think about “BSM Lite” or “BSM Heavy” approaches.

Once we have a BSM strategy, we need to establish a BSM roadmap that guides us in how we’ll implement the BSM strategy in a more tactical manner, focusing on short term iterative quick wins and 30-60-90 day projects. For more of my thoughts on BSM strategy and roadmapping, see the following blog posts.

• Elements of Business Service Management Part 3: Getting Business Service Management on the Radar Screen

• Elements of Business Service Management Part 4: What’s your Business Service Management Strategy?

As I’ve alluded to previously, a client first must define and understand what “BSM Lite” may mean to them. Don’t take what the analysts or the vendors pitch for what you should do to achieve BSM or what value you should get from it.

For any type of BSM to be successful, each client must define what BSM means to them and state what they expect to get from BSM. They must make it personal, make it a part of their company culture and elevate it to be as an important initiative as compliance, risk management, SOA, ITIL, or other initiatives may be within the company.

Please don’t get scared off from this strategy thing. Please don’t blow this off as something that the secret enterprise architecture council should be doing. If you’re unable to get an audience in these areas within your company, start within your own sphere of influence.

Your strategy could be as simple as enabling the local operations center to more efficiently classify, triage and resolve problems based on a simple business service or application contextual understanding. Focus on how this changes the game within your environment. Come up with your own metrics and measures to assess the value this has to this organizational use. Trust me, you’ll need to justify your investment some time in the future.

Another trait of successful BSM implementations is that of the formal monitoring and management tools group has established some sort of database or knowledge repository that enables them to “manage the business of IT management and monitoring” if you will. In my opinion, the vendor community has let their clients down significantly in this area. The CMDB may be the correct answer, but most companies just don’t value monitoring enough to demand that this be included in their formal CMDB initiatives.

In my last job, we developed an application that I referred to as the “Service Management Database” or “SMDB”. Others may call it something else, but in essence, it was the database that captured what was monitored, how it was monitored, who owned it, what business services and applications it supported, the impact an outage or event from it had on the business services or applications, etc.

One key component of this “SMDB” was establishing the relationships of real and synthetic user and transaction monitoring steps to associated servers and applications. This is a significant gap area in many tools and vendor CMDBs.

Clients who have instituted something formal such as this generally have a very good handle on management and monitoring within their environment. Far too many clients do not have adequate monitoring (read visibility) in place to begin their BSM journey.

I’d strongly recommend a good hard look at how well the client’s monitoring and management practices are implemented and managed. Simply put, if they don’t have adequate visibility into how well those business services and applications are performing, you can’t expect to manage what you can’t “see” that may be impacting the business, clients, revenue, etc.

Just ask yourself this – can you explicitly state what monitoring is in place for a given business service or application? Can you quantify the impact of a simple event to a business service or application? Can you explain why something is red, yellow, purple or green and what causes it to change from one color to another? If you can’t, your BSM journey will be challenging.

Those with formal CMDB initiatives have their hands full with high risk, long time to value projects to just get a handle with traditional configuration management models. Taking these low level configuration items (CI’s) and establishing application and service dependencies comes after a lot of work getting through the organizational challenges of getting systems access to populate the CMDB.

I strongly recommend that the formal monitoring and management tools group create an authoritative database that enables them to establish end-to-end visibility into the service and application delivery chain and the impacts it has on the business, customer, etc. This ultimately becomes part of a more realistic federated CMDB within the business.

ScienceLogic: Can you provide an example of a successful implementation of BSM? Were there specific factors that especially contributed to its success?

Doug McClure: I’ve touched on the highlights of the most successful BSM implementations throughout my previous answers. Clients that have rallied around an organizational change or transformation focusing every team member’s efforts and energy towards ensuring that the business goals and objectives are being met through the delivery of highly available business services and applications.

Far too often the “change” never happens and it’s the “talking heads” that are preaching to the choir about what should be done. Every person on the front line, in the support teams, at the help desk, etc. must understand how they support or impact the business in business terms. Try putting this simple phrase after job titles “Hi, my name is Doug. I’m a Systems Administrator, Supporting the Business”.

That was a mouthful, but simply put, these clients have an impressively instrumented business and IT environment with the right amount of visibility into each area, joined together with an organization that thinks, operates and responds based on their understanding of the business goals and objectives and how these business services and applications enable business success.

The operational model for an organization fully adopting BSM identifies ways to establish a service management mentality across the entire business service and application delivery and support chain. The delivery, operations and support organizations must be incented to manage the services and applications being delivered with this end-to-end context.

A leading, outside the box “service management organization” may include the traditional IT silos but within a matrixed fashion focused on one or more key business services and applications. The “service management organization” is then incented to work together, as a team, for the end-to-end delivery and support of these services or applications.

It’s no longer one’s job to just be the systems administrator, database administrator or network engineer, their job is now to support specific business services and applications. They provide the subject matter expertise needed to support the services and applications together, as a team, eliminating the finger pointing or “not my problem” attitudes that exist in the majority of IT organizations today.

Overall, the KISS approach is what will enable BSM of any type (lite, heavy) to be the most successful. If it just feels natural, doesn’t take any additional effort, clicks or tasks to do then it’s going to work. BSM should be transparent and not just another buzz word. It’s not a form that gets filled out or a special process to follow in the run book. It’s doing the right thing for the business, no matter what the situation, crisis, buzz word or technology initiative of the day is.

ScienceLogic: How did you get involved in BSM?

Doug McClure: I think the foundations of my service management background and passion were initially established during my service in the US Navy. Today, I relate that experience to what I call BSM for the Military or Mission Services Management (MSM).

We had been taught over and over that extreme attention to the details of the mission at hand (aka “the business”) was the number one priority and that all of our technology, services, and applications existed for those Sailors and Marines on the other end (the “customer”). I can recall countless instances where mission critical communications services (telephony, orderwires, teletypes, command and control systems, etc.) were impacted in one way or another. It was extremely critical that we understood who was impacted and to what degree so that contingency plans could be activated. We weren’t just talking about lost revenue, poor sales or customer experience; we were talking about human lives and the security of the United States.

It is that military bearing, attention to detail and real world experience that drives me with many of my modern day BSM endeavors. That migration from “Mission Services Management” to BSM was honed working for over 10 years working in the Internet Service Provider (ISP) and datacenter, hosting and colocation business.

In those rapid growth businesses during the Internet boom, service differentiation was what “made you millions” or paved your way to bankruptcy. The companies I worked for had an extreme passion and focus on ensuring that their services, applications and Internet access products were of the highest quality, highly reliable and just plain better than the competition.

Again, the IT infrastructure, service quality and customer experience relationship was ingrained in all of our heads. It was all hands on deck when Webmail, Internet access, DNS, or the network experienced problems. We were measured in terms of how many customers experienced a busy signal or dropped connection or if you couldn’t log in fast enough to read your email. Companies like Keynote Systems and LionBridge/Veritest/Inverse tested the quality of our networks, services and applications and publicly ranked us against our competition. We thought in terms of customer experience and impact every minute of the day, 24×7.

It was in my last job managing a traditional enterprise management and monitoring development group for a nationwide ISP where I was able to work with emerging technology to help get a handle on the complexities of these rapidly growing IT environments filled with emerging technologies and products. Applying this early technology to complex service problems in our environment proved to me that the technology, coupled with the right emphasis on how the technology was implemented and an emphasis on the people and processes within the organization could bring BSM to life.

Where I felt left out in the cold was with my vendor relationship. While their technology gave me the potential, they didn’t teach me how to work through the organizational and technological problems to successfully implement the BSM strategy. My very first end-to-end BSM pilot was extremely successful and provided visibility into the IT environment and business service impact that have never been available before.

And here I am today, working at a software vendor for the first time. Welcome to the “dark side” as they say. The approach and methodology we followed for BSM has become the basis of the core BSM Methodology that I teach IBMers and our clients around the world today.

My personal mission and drive here at IBM Tivoli is to ensure that BSM is something that the typical monitoring tools administrator can actually implement and that our BSM story is something that any of our clients can be successful with. The sales and marketing slicks must be backed up by something like this whomever you are these days. Clients shouldn’t put up for “marketecture”, me too and gee whiz buzz words.

BSM takes a partnership and commitment to every client’s success, and I want to be involved in those BSM efforts in every industry or market worldwide. We need more thought leaders collaborating together in an open and public forum to change legacy attitudes about BSM and do what we can to enable client’s to be as successful as they can be.

ShareThis

For a long time I have been writing and speaking about the many ways that NAC can help with securing your endpoints and your network. Yesterday, Tim Greene lays out some good reasons for NAC and the many ways it can help.  However, he couches it in terms of NAC as a personal firewall.  I am not sure I agree with that one at all.  Personal firewalls are usually thought of as host based security on the endpoint.  While NAC certainly has an aspect of that, NAC is inherently about networks as well.

I am reminded by this article of Senforce.  They had one of the best personal firewalls in the market and were often called a NAC solution.  But when you spoke to Nolan Rosen and the folks at Senforce, they would tell you that they were not a NAC solution, but needed a network based NAC component to compliment their product.  That was the basis of a partnership we had with them.  In any event, I think we are seeing NAC used for a variety of uses and we will continue to see it evolve in the market.

For a long time I have been writing and speaking about the many ways that NAC can help with securing your endpoints and your network. Yesterday, Tim Greene lays out some good reasons for NAC and the many ways it can help.  However, he couches it in terms of NAC as a personal firewall.  I am not sure I agree with that one at all.  Personal firewalls are usually thought of as host based security on the endpoint.  While NAC certainly has an aspect of that, NAC is inherently about networks as well.

I am reminded by this article of Senforce.  They had one of the best personal firewalls in the market and were often called a NAC solution.  But when you spoke to Nolan Rosen and the folks at Senforce, they would tell you that they were not a NAC solution, but needed a network based NAC component to compliment their product.  That was the basis of a partnership we had with them.  In any event, I think we are seeing NAC used for a variety of uses and we will continue to see it evolve in the market.