Category Archives: Enterprise IT news

Enterprise IT news

Mirantis buys Lens Kubernetes IDE to reach developers

Mirantis has acquired Lens, a popular integrated development environment, or IDE, for Kubernetes, to provide developers building apps for Kubernetes environments with multi-cluster management and other key features.

Lens helps to eliminate the complexity of Kubernetes for developers, as it enables them to manage, develop, debug, monitor and troubleshoot workloads across multiple clusters in real time, said Adrian Ionel, co-founder and CEO of Mirantis. It is a desktop application that works with macOS, Windows and Linux operating systems.

Is it an IDE?

In reality, Lens is more than an IDE, as it appeals to both developers and operations staff in the DevOps equation, said Jeffrey Hammond, an analyst at Forrester Research. “It looks like Lens is actually an ‘IOE’ — an integrated operating environment,” he said.

Key features of Lens include a context-aware terminal that automatically downloads and assigns the correct version of the kubectl command-line tool that is always API-compatible with the developer’s cluster. And, as the user switches from one cluster to another, the terminal maintains the correct kubectl version and context, Ionel said.

It’s different enough from a traditional IDE that the moniker doesn’t quite make sense, said Dave Bartoletti, an analyst at Forrester.

“Lens is a multi-cluster K8s dashboard — not sure why they’re calling it an IDE,” he said. “Rancher, Docker Enterprise, which Mirantis also owns, OpenShift, Tanzu Mission Control — they all have K8s ops consoles and include monitoring, like this claims to.”

But Ionel likened Lens to Visual Studio, Microsoft’s flagship IDE that is the foundation of the company’s close relationship to its developer base.

“Lens gives us a direct line to developers,” Ionel said, adding that he believes it will open the door to Kubernetes developers and operators much like Visual Studio has for Microsoft and its developer base. “Developers are gaining more power and influence, and for us to be directly connected with them, understand their needs, their desires and be able to create value for them directly is hugely valuable to us.”

Multi-cloud chops

Lens also enables developers to work with multiple Kubernetes clusters on any cloud from a single environment. These may include clusters on minikube, Docker Desktop, Docker Enterprise, Amazon Elastic Kubernetes Service, Microsoft Azure Kubernetes Service, Google Kubernetes Engine, Rancher or Red Hat OpenShift. Developers can add clusters by importing the kubeconfig file with the cluster details. A kubeconfig file is a file used to configure access to Kubernetes.

“Operations teams are moving into a stage of productivity with app modernization projects and are, therefore, seeking solutions that help them manage the complexities of running Kubernetes clusters across various clouds,” said Charlotte Dunlap, an analyst with GlobalData in Santa Cruz, Calif. “Mirantis offers a compelling alternative to Red Hat OpenShift and VMware Tanzu for DevOps teams trying to juggle the demands of lifecycle management and streamline development workflows.”

In addition, Lens features built-in Prometheus stats. Prometheus is an application for event monitoring and alerting.

I opt to use something a bit more traditional with the CLI K9s, because my qualms included learning a whole different tool, rather than just doing a super-charged kubectl alternative.
Jeff CorpuzDevOps engineer, Fearless

It’s good to have options

A Kubernetes IDE is not for everyone. Jeff Corpuz, a DevOps engineer at Fearless, a full-stack digital services firm based in Baltimore, is not a believer.

“I opt to use something a bit more traditional with the CLI [command-line interface] K9s, because my qualms included learning a whole different tool, rather than just doing a super-charged kubectl alternative,” Corpuz said. However, “with all things, it is all about developer preference. If it helps a developer work better with K8s through a visual dashboard like Lens, all the more to them.”

Depending on the needs and working habits of the developer, a Kubernetes IDE may be useful. Moreover, the option to be able to choose from several tools is a plus that can give developers an advantage.

“Container-based development has its own intricacies and challenges, so a purpose-built IDE for containers and Kubernetes has a large enough demand and market,” said Holger Mueller, an analyst at Constellation Research. “Mirantis is competing with Microsoft, AWS, Oracle, Google, IBM, etc., for the IDE and needs to have the tooling for it. There is the old adage in software: The vendor who gets the eyes and clicks of the user gets the money — not the one in the background, with no UI.”

Lens is available on GitHub under the MIT license. Commercialization is not a primary concern for Lens at Mirantis, the company said.

“We want to continue building an open source community around the project and maintain its high pace of adoption and innovation,” said Dave Van Everen, senior vice president of marketing. “We are considering adding a ‘pluggable’ architecture that would foster an ecosystem of enterprise plugins; that’s likely where Mirantis and possibly others could commercialize Lens.”

Since its launch as an open source project in March 2020, Lens has garnered a community of 35,000 users on GitHub where it is one of the top trending open source projects in the cloud-native ecosystem.

Go to Original Article

Email enigma: Why is Canada hit with so many phishing attacks?

While multiple reports show Canada is increasingly targeted in phishing attacks, experts aren’t sure what’s behind the increase.

According to the “RSA Quarterly Fraud Report: Q1 2020,” 66% of all phishing attacks observed during that time period were directed at users in Canada. It was the second quarter in a row that Canada was targeted by two-thirds of phishing activity, and the fifth quarter in a row where the country was by far the most popular target.

In a “Canadian Internet Registration Authority” survey, which surveyed 1,985 Canadians who owned a “.ca” domain between November 2017 and January 2018, including personal and business websites, 85% received a phishing email. In 2019, PhishLabs published its top most targeted countries for phishing attacks, which found that Canada saw a substantial rise in phishing volume starting from April 2018, pushing it into second place overall. In addition, a 2020 threat intel report by Check Point Software Technologies determined that 96% of attacks on Canadian users were email-based, which was well above the global average.

Despite the data, it’s unclear why Canada has become such a popular target for phishing attacks. On one hand, it’s typical for threat actors to target users in developed nations with high levels of internet connectivity and technology usage.

“Canada is an attractive target for cybercriminals due to a variety of reasons, including finance, natural resources, digital technology and telecommunications,” a spokesperson for the Canadian Centre for Cyber Security said in an email to SearchSecurity.

Lotem Finkelsteen, Check Point threat intelligence group manager, said threat actors are known to follow the money, and Canada has a good economy with thriving businesses.

But that doesn’t explain why Canada, with a population of under 40 million people, has received such a higher volume of phishing emails compared to other developed nations. According to RSA’s research, the U.S. was second on the list of most targeted nations with just 7% of phishing attacks during the quarter. Threat researchers have several theories as to why Canada appears to be so heavily phished, but none of the theories have been confirmed, and even RSA itself hasn’t offered a definitive explanation for the abnormally high activity.

Canada phishing
An example of a phishing email used in a massive campaign against Canadian banks in 2019, which was detected by Check Point Software Technologies.

The theories

A notable theory revolves around massive phishing campaigns that target interconnected Canadian banks, which would inflate the numbers. Daniel Cohen, RSA’s head of anti-fraud products, said many of the phishing attacks on Canada target Interac, a payment service provider that is used by the majority of Canadian financial institutions. With a single campaign focused on Interac, he said, cybercriminals can potentially affect numerous banks in the country.

Threat researchers have in the past observed major phishing campaigns that target Interac. In 2019, Check Point detected the new phishing campaign that impersonated the Royal Bank of Canada. The attack sent legitimate-looking emails containing a PDF attachment to multiple organizations and victims from Canada. Check Point tracked more than 300 look-alike domains that hosted phishing websites for 14 banks that use Interac.

Another theory is that much of the phishing activity is being generated within Canada. For example, Finkelsteen said Check Point believes that threat actors behind the 2019 campaign were actually from Canada.

“The threat actor (or actors) really knew the market in Canada — knew what banking services were available — from credit cards to loans. They were familiar with the day-to-day business life in Canada and by understanding this, they were able to target companies in there and then always change the phishing pages by changing the logo or icon,” Finkelsteen said via email. “They quickly adapted and changed their webpage. Because of this, we had a long list of phishing websites and different pages each time.”

Check Point said the trend of more phishing attacks originating in Canada was first observed by its research team in 2019, and the trend has continued this year.

“We see that threat actors attacking Canada are actually Canadians, which is very unusual. Once you have threat actors that are working within the country, you’re obviously more vulnerable to phishing attacks. In Canada, they speak French and English and have their own words and terminology, so someone is familiar with the day to day there,” Finkelsteen said.

Overall, more phishing attacks occur in English because it’s more commonly used in the business world.

“Globally, we see its 80%, but for Canada it’s 96% of attacks that are email-based. That goes back the last six months,” Finkelsteen said. “One out of every five attacks originated in Canada.”

PhishLabs has also seen a rise in attacks coming from Canada; last year the vendor saw a 170% increase in phishing activity in the country. But RSA’s Q1 report showed nearly 60% of phishing attacks originated in the U.S., while Canada was seventh on the list of hosting countries.

There’s also a theory that the data might be off. While PhishLabs’ research last year showed Canada was second on the list of most-phished countries, the U.S. was the overwhelming leader with 84% of targets. PhishLabs said their observations were inconsistent with RSA’s findings.

“We suspect it is due to the particular way they measure attack volume,” a spokesperson for PhishLabs said in an email to SearchSecurity. “While we do not know the exact details, we suspect RSA’s data as it pertains to Canada is inflated due to counting each brand involved in a multibrand phishing attack as individual attacks. This would have a major impact on volume.”

Phishing flood

Another theory suggested cybercriminals have seen a higher success rate targeting Canadian users and, as a result, have focused more of their efforts on the country. Daniel Tobok, CEO of Canada-based incident response company Cytelligence, has observed a rapid increase in phishing attacks over the last five years.

“It’s been a very big problem in Canada,” Tobok said. “Phishing has become quite a tool for cybercriminals. It accounts for 76% of all attacks that lead to ransomware today. People have realized they can put up firewalls and other protections to keep the bad guys away, but they are still vulnerable to click on links, and click on emails.”

The pandemic-fueled remote workforce has increased these attacks, Tobok said, because users are no longer protected.

“With outdated passwords on firmware or routers — we gave the bad guys an early Christmas,” Tobok said. “In general, I do think we’re more easygoing in Canada and gullible and less suspecting.”

On average, Cytelligence handles 100 investigations a month in Canada and the U.S. When it comes to phishing attacks, Tobok said it’s a 60/40 split in favor of Canada. However, much of that may be attributed to the bigger population and number of companies in the U.S.

“Criminals and other malicious cyberthreat actors — many of which operate outside of Canada’s borders — take advantage of security gaps, low cybersecurity awareness, and technological developments in an effort to compromise cyber systems,” a spokesperson for the Canadian Centre for Cyber Security said in an email to SearchSecurity.

Tobok said Canadian companies, as well as multinational corporations with a presence in the country, should devote more time and energy into educating users. “What we see is that they have an increased profile and an increase in threats,” he said.

Threat actors often try to take advantage of a lack of communication between regional offices, as well as the lack of familiarity between employees, and exploit users’ patience and tolerance, he said. Security awareness training can help employees detect, for example, a fraudulent corporate request for data or funds.

“Email security [technology] is important, but awareness training is critical,” Tobok said. “You need to be a little paranoid and cautious and really question some of the emails.”

Go to Original Article

SAP HANA Enterprise Cloud, HPE to provide SaaS-like option

SAP customers who want to run their systems in a cloud environment have been limited to either private cloud in SAP data centers or public cloud hyperscalers.

However, a new partnership between SAP and Hewlett Packard Enterprise will now provide a SaaS-like deployment option for full SAP systems on HPE GreenLake. The new offering is called SAP HANA Enterprise Cloud, customer edition.

HPE GreenLake delivers complete pre-configured software systems as a service to a customer’s data center. HPE manages the systems throughout their lifecycle and customers pay for the service in a monthly subscription.

Peter PluimPeter Pluim

The combination of SAP HANA Enterprise Cloud, SAP’s private managed cloud service, and HPE GreenLake allows SAP customers to keep their SAP software stack and data on premises while taking advantage of a predictable, subscription-based cloud environment, said Peter Pluim, SAP’s global head of enterprise cloud.

“We contract HPE GreenLake for the customer and basically buy the service from HPE,” Pluim said. “They install it within a cage in the customer’s data center. And we apply our services and software and the customer pays a monthly fee just as they would if it ran as a SaaS on a hyperscaler.”

Data sovereignty a current issue

The partnership helps customers who need strict control over the location of their data, which is an issue that has become more complex with the COVID-19 pandemic, Pluim said.

We contract HPE GreenLake for the customer and basically buy the service from HPE.
Peter PluimGlobal head of enterprise cloud, SAP

“In the COVID world there are more needs now around data sovereignty, as well as regulatory requirements around data locations,” he said. “This requires customers to have much more control over where it is.”

The HPE GreenLake option is also ideal for customers who want to move to S/4HANA in a SaaS environment, but find that S/4HANA Cloud is limited in functionality and doesn’t support customizations from SAP ECC environments.

“This takes care of that huge issue that customers have with so many moving parts, and now we can deploy this — and customers at their own pace with their own partners can move from ECC to S/4HANA,” Pluim said. “It’s good, especially if they have data sovereignty issues, or maybe they have made huge investments in data centers that they don’t want to give up but they are reaching a hardware refresh cycle.”

Keith WhiteKeith White

The partnership came about because customers have been requesting a simplified cloud experience, said Keith White, HPE senior vice president and general manager of HPE GreenLake.

“The nice thing about this is you get the ‘one plus one equals three’ experience with HPE hardware infrastructure and HPE GreenLake’s as-a-service capability together with SAP systems,” White said. “Customers get that seamless experience, so they can then go analyze the data and get good information from the data and do all of the things that they want to in order to run their business more effectively.”

Customers want clarity

SAP HANA Enterprise Cloud, customer edition provides SAP with an option that its main competitor Oracle has offered since 2016 with Oracle [email protected], said Liz Herbert, vice president and principal analyst at Forrester Research. Oracle [email protected] is Oracle’s managed private cloud service that enables customers to run Oracle Cloud Infrastructure public cloud services and Oracle Fusion SaaS applications in their data centers.

Liz HerbertLiz Herbert

“That said, SAP is already supporting a very wide range of options for customers — on-premises, various hosting and private cloud options, various public cloud options — both directly and through partners like IBM and NTT,” Herbert said. “They have had significant choice largely because they are very partner-friendly when it comes to cloud hosting and infrastructure, and this partnership with HPE GreenLake expands those existing choices.”

However, rather than focusing on the range of infrastructure choices, SAP customers tend to want help cutting through the complexity, asking for better comparisons and more clarity on the differences between those choices, she said. SAP customers are also more interested in making a case for an S/4HANA migration rather than drilling down into the particulars of the infrastructure.  

“[SAP customers] are confused and overwhelmed by having too many choices,” she said. “Furthermore, many of the customers we work with are still asking about the business case for S/4HANA and when or whether to make the move. Infrastructure and cloud choice are not the biggest issues they are dealing with because they are still struggling more fundamentally with what their future ERP environment should look like from a vendor and applications perspective.”

Go to Original Article

Dell Financial Services maintains flexible payments in pandemic

With the pandemic still raging across the globe, Dell Technologies said it will extend its Payment Flexibility Program for customers and partners.

The program, launched as part of Dell’s COVID-19 relief package in April, aims to give customers and partners additional financing options to help stem the pandemic’s economic disruptions. Options include payment deferrals, Dell partner relief programs and low-rate financing offerings. Along with the Payment Flexibility Program, Dell Financial Services (DFS) allocated $9 billion in financing to the initiative.

Dell said it will extend the program through Oct. 30, 2020, with payment deferrals until 2021.

Additionally, the company updated its Technology Rotation payment offering with a lower rate and total cost of ownership for purchases of PowerStore storage arrays, PowerEdge servers, and Dell laptops and desktops. The Technology Rotation offer lets customers return their Dell equipment and upgrade to newer technologies at the end of the term.

“The customer can enter into a technology rotation for 36 months, coupled with a no-payment for six months … and they will pay actually less than 0% and then have flexibility at the end of the term,” said Darren Fedorowicz, vice president of Dell Financial Services, about the Technology Rotation option. 

Customers, partners engage Dell payment options

Fedorowicz said the Dell Payment Flexibility Program has seen engagement from customers spanning from SMBs to large organizations faced with budgetary constraints. “The [pandemic has] affected everybody, and small business has probably been the most impacted because they are working on short-term cash flow. … The reality is six months of [deferred] payments may help keep them afloat if they were going to make an investment of $20,000 for IT. … We have really been aggressive in being able to help small business customers,” he said.

The programs also seek to help Dell Technologies partners faced with cash-flow challenges. “[Because partners] are buying equipment, adding their value-added services, and then reselling that equipment, they are always in a cash-constrained potential issue of collecting from their customers, repaying vendors and managing their cash management cycle,” Fedorowicz said.

Partners can use Dell Financial Services’ programs to craft offers for customers and collect payment from DFS soon after a deal closes. “The real impact here is that if we execute [the deal] with the customer, then DFS pays the partner immediately. We take all the credit risk, and then we get cash to that partner immediately,” Fedorowicz said.

Fedorowicz noted that DFS has also seen growing interest from partners and customers around consumption-based offerings for on-premises technology, via Dell’s Flex On Demand program.

SonicWall portfolio expansion opens opportunities for partners

SonicWall has expanded its portfolio with a raft of new products and updates, many of which aim to benefit SonicWall partners.

The product announcements included the following:

  • SonicOS 7.0, the operating system that powers the company’s firewalls;
  • New TZ570 and TZ670 next-generation firewalls;
  • NSsp 15700 Series firewalls, which target large enterprises, managed security service providers (MSSPs) and telcos;
  • NSM 2.0, a redesigned version of Network Security Manager;
  • And the CSa 1000, an on-premises appliance that includes SonicWall Capture Advanced Threat Protection sandbox service with Real-Time Deep Memory Inspection technology.

The updated SonicOS introduces multi-instance and multi-tenancy capabilities, aimed at enterprise customers and MSSPs.

“All of this … opens up a world of opportunity for our partners,” said HoJin Kim, vice president of worldwide channels and North American sales at SonicWall. “When you think of the install base that is out there … and what customers are going through today in terms of making sure that their remote users are secure, adding these new products to the portfolio and refreshing some of the lower-end lines [provides] more things that partners can … talk to their customers about.”

In addition to developing new products, SonicWall has recently focused on enhancing partner resources. Kim said SonicWall has rapidly grown its partner enablement and training content available through the SonicWall University portal. “Over the past four months, we have added over 200 new training courses,” he said.

Kim added that SonicWall is also looking to restructure how the company invests in partner relationships. He said the SonicWall aims to better align its investments to partners that “are seeing SonicWall as more than just the niche firewall player, but as a real platform vendor that they can have a strategic relationship with.”

SolarWinds study examines MSP activity during pandemic

A new study, “COVID-19: Impact and Response,” by IT management software vendor SolarWinds, sheds light on how MSPs are coping with the pandemic and their outlooks on the market.

The study, which polled 500 MSPs globally, revealed the following:

  • Fifty-nine percent of MSPs applied for government financial relief programs, with 74% receiving assistance.
  • Eighty percent of the MSPs surveyed said they operate at their pre-pandemic staffing
  • The majority of MSPs said they have adapted their security services for work-from-home clients, with 59% of MSPs offering more security bundles than any other business model, according to SolarWinds.

Other key findings showed MSPs making some level of changes to their businesses in order to accommodate customer needs during the pandemic. For example, 24% of MSPs said they have offered delayed payments, while 23% have offered temporary discounts. Nineteen percent of MSPs said they reduced their services to fit decreases in customer budgets. Sixty-five percent of MSPs said they didn’t expect to make any pricing changes to their manage services package in the long term, according to SolarWinds.

Top challenges cited by MSPs include securing new customers, social distancing requirements in the office and at customer sites, lower IT budgets and spending due to the recession, and adapting to the work-from-home needs of staff and clients, SolarWinds noted.

Looking ahead, 51% of MSPs plan to build out security services to advance their businesses, while 47% plan to increase cloud services sales, SolarWinds said. Meanwhile, 42% of MSP respondents foresee growing their businesses through additional project work. Thirty-nine percent predict an uptick in managed services contacts.

While the pandemic caused a slowdown in MSP M&A activity, 40% of the large-sized MSPs that SolarWinds surveyed said they expected to expand their businesses through mergers or acquisitions.

In related news, SolarWinds president John Pagliuca said in statement that the company is exploring the possibility of spinning off SolarWinds MSP, its MSP-focused software business, into a standalone, publicly-traded company.

Other news

  • Digital Defense, a vulnerability and threat management technology vendor, unveiled an MSP partner program. The program features flexible billing cycles aligned to monthly recurring revenue models, self-provisioning via its Frontline Cloud platform, and procurement directly or through public cloud marketplaces such as AWS, Azure, Oracle and Google, the company said.
  • Security company CyCognito rolled out a global channel program. Benefits of the program include deal registration protection and support. The program will be overseen by Carrie Roberts, CyCognito’s newly appointed senior director of global channel sales. Roberts joined the vendor from Mimecast, where she was director of channel sales in the U.S. and Latin America.
  • Sirius Computer Solutions, an IT solution integrator based in San Antonio, Texas, joined the Google Cloud Partner Advantage Program as a Google Cloud Sell and Service partner.
  • Cloud service provider AllCloud said it launched a new service to help consumer goods companies learn about and use Salesforce Consumer Goods Cloud.
  • Enterprise software vendor HYCU said Nubosoft, a Premier Google Cloud Partner based in Mexico City, joined its Cloud Services Program.
  • Telecom Brokerage Inc. (TBI), a distributor and master agent based in Chicago, added Ovation Wireless Management to its portfolio. TBI also said it named security subject matter expert Jim Bower as its security architect.
  • MBX Systems, a manufacturer of hardware for technology companies, expanded its channel strategy to target manufacturers of base servers used in customers’ integrated hardware and software solutions.
  • Ben Nowacky, senior vice president of product at Axcient, which provides business availability software for MSPs, joined the executive council of the CompTIA ISAO (Information Sharing and Analysis Organization).
  • The ASCII Group, a North American IT community of MSPs, MSSPs, VARs and solution providers, said it will host a two-day virtual business building event this fall. The event, MSP Connect Live, replaces the in-person ASCII IT Success Summits previously scheduled for 2020, the organization said.

Market Share is a news roundup published every Friday.

Go to Original Article

‘Data for good’ movement spurs action in fight for causes

Enterprise data analytics tools typically used to make business decisions are being put to use in the “data for good” movement to support humanitarian causes ranging from hurricane relief to fighting COVID-19.

As defined by Gartner, data for good is about employing analytics not for a new sales and marketing initiative or to find efficiencies, for example, but to improve society.

There are organizations dedicated to data for good, including DataKind and Data4Change. But the concept of data for good also includes corporate initiatives; vendors freely donate use of their platforms to aid causes and employees within enterprises donate their time and skill to the nonprofit organizations engaged in the fight for those causes.

Recently, the data for good movement that started in 2018 has been mobilized in the fight against COVID-19. Analytics software vendors responded quickly at the start of the pandemic, with many developing models that could be used by healthcare organizations and government agencies and some even donating the free use of their platforms to organizations directly fighting the spread of COVID-19.

“Nonprofits don’t have the luxury of having data and analytics employees, and it doesn’t take much to help nonprofits create new insights based on their data so they can do even more good in the world,” said Neviana Zhgaba, a senior technical program manager at General Electric and member of the board of directors of Oracle Developer Tools User Group (ODTUG), during Oracle’s virtual Analytics Summit on Thursday.

“The data for good movement is about harnessing the power of data visualizations, data analytics and [augmented intelligence] for social change by using data to create new insights and outcomes for a better world,” she added.

And visualization — actually seeing the evidence of something — is key.

Nonprofit organizations rely heavily on donations to fund their work, but if they aren’t able to demonstrate the importance of their work, they struggle to attract donations. Facts alone aren’t enough, according to Zhgaba. They’re words and numbers, but they lack impact.

The combination of facts and data visualizations joined with images — photographs, videos — provide context and inspire people to act.

“Hopefully we can bring people a deeper understanding and a way of connecting … and in the end hopefully impact them to take some sort of action,” Zhgaba said.

Zhgaba’s own commitment to data for good began in the aftermath of Hurricane Florence in North Carolina, where the ODTUG headquarters are located.

Over the course of three days in September 2018, Hurricane Florence caused record-breaking storm surges of 9 to 13 feet and dropped 20 to 30 inches of rain on coastal towns. One million people had to be evacuated, and when the storm ended and people tried to return to their homes they found hundreds of roads closed. GPS systems and navigation apps were of little help because they didn’t have real-time information.

“It’s always sad to hear about hurricanes and national disasters, but when that hits closer to home, when they impact people you care about, you find yourself asking, ‘How can I help?'” Zhgaba, who does not live in North Carolina but is close to many who do, said. “ODTUG members are located all across the world, not in North Carolina, but we are technologists.”

Zhgaba reached out to ODTUG members, and with their help was able to take data from the Department of Transportation — which updated information about road closures in real time — and used Oracle Analytics to overlay it on top of Google Maps to create a new navigation app.

A photograph shows the devastation caused by Hurricane Florence in North Carolina in 2018.
When teamed with data, a photograph, such as this one showing the devastation caused by Hurricane Florence in North Carolina in 2018, can inspire people to take action.

Before developing the navigation app, however, Zhgaba needed to inspire her fellow ODTUG members to take action. She also wanted people to contribute to a GoFundMe account to help the ODTUG employees living in North Carolina whose homes were affected by the hurricane.

She began with facts: one million people were evacuated, hundreds of roads were closed and as much rain fell on some North Carolina communities in a matter of days as falls in Seattle in an entire year. Then she added a data visualization showing all the roads that were impacted. A photograph showing a road completely submerged, however, gave context to the facts and visualizations.

“If you were to imagine all the water and all the damage across all those roads, it becomes a different experience,” Zhgaba said. “When all three are combined — the facts, the visualization and an experience of one of the data points … hopefully an emotional reaction is triggered in you that will propel you to take action.”

Technology won’t solve the problems, but technology is a strong enabler of the people who will take action.
Neviana ZhgabaSenior technical program manager, General Electric, and member of the board of directors of Oracle Developer Tools User Group

Being an Oracle user and a board member of ODTUG, Oracle Analytics tools were used in the creation of the navigation app, as they have been used in other data for good initiatives supported by Oracle and the ODTUG community. Oracle Spatial Studio, a geospatial data tool that enables users to derive analytical insights from maps, is one such tool, and when combined with Oracle Analytics it enables users to overlay data points on top of maps and then input different parameters.

Additional examples of Oracle’s data analytics tools being used for good presented by Zhgaba include tracking the melting of the Arctic ice, showing how simple measures by individuals like stopping the use of plastic straws and eating less red meat can affect the environment, and helping the University of Minnesota monitor the movement of wolves.

“Technology won’t solve the problems, but technology is a strong enabler of the people who will take action,” Zhgaba said.

Go to Original Article

Cisco restructuring follows weak revenues, forecast

Cisco plans to respond to significant revenue declines with deep cuts in operational expenses, a realignment in research and development spending, and an accelerated shift to selling products as a service, including its traditional networking hardware.

The Cisco restructuring stems in part from the dramatic market changes brought on by the COVID-19 pandemic. Business demand has shifted toward technology to support remote workers and manage applications running in multiple cloud environments, rather than in private data centers.

Along with changing priorities, Cisco customers have also reduced spending, particularly in the U.S., where regions struggle to reopen their economies while the virus spreads. The company reported this week that revenues fell 9% year-to-year to $12.15 billion in the previous quarter ended July 25. For the current quarter, the first of the 2021 fiscal year, Cisco forecast a decline of between 9% and 11%.

Cisco CFOKelly Kramer

Cisco’s response is a $1 billion cost reduction, with 80% coming from operational expenses, CFO Kelly Kramer told Wall Street analysts. Those cuts would occur over the next five months.

Kramer and CEO Chuck Robbins, also on the conference call, did not mention layoffs. However, Kramer told business site MarketWatch that the first phase of cuts would be voluntary retirement offerings. After that, the company would consider other moves to reach the $1 billion mark.

Those other moves are likely to include job cuts, said analyst Patrick Moorhead at Moor Insights & Strategy.

R&D overhaul part of Cisco restructuring

Cisco said it would lower expenses by shifting R&D spending to parts of its portfolio with rising sales. Those areas include cloud-based collaboration, integrating cloud security and software-defined WAN, and software related to application performance and network automation.

“Those are, in fact, what we’re seeing as hot areas,” said Roy Chua, founder of research and advisory firm AvidThink.

Literally, we’re looking at everything. We’re even looking at how we deliver our traditional networking hardware as a service over time.
Chuck RobbinsCEO, Cisco

Cisco customers want to buy more technology as a service, so the company will accelerate the number of products it offers through subscription, Robbins said. The company plans to release more of those offerings by the end of the year.

“Literally, we’re looking at everything,” Robbins said. “We’re even looking at how we deliver our traditional networking hardware as a service over time.”

Customers will scrutinize the value of the pricing change, Gartner analyst Andrew Lerner said. For example, companies were unhappy with the subscription licenses Cisco offered with its Catalyst 9000 campus switches, released in 2017.

“We received complaints from customers that this increased the total cost of ownership without delivering enough value to justify it,” Lerner said.

If Cisco offers subscription-based pricing “purely as an alternative pricing mechanism, I suspect it would be well received,” Lerner said. However, if Cisco uses the shift to generate more revenue while delivering roughly the same functionality, “many customers will probably be unhappy.”

Biggest drop in infrastructure business

The steepest decline in spending last quarter was in Cisco’s infrastructure platforms product category, which includes the company’s networking hardware. Revenue fell 16% to $6.63 billion. Revenues from applications, including Cisco’s cloud collaboration portfolio, fell 9% to $1.36 billion, while security increased 10% to $814 million.

Cisco CEO Chuck RobbinsChuck Robbins

Within the U.S., top-tier enterprises spent more on technology during the previous quarter. But small enterprises and medium and small companies cut back, Robbins said. “As you go down in the marketplace, the weakness got a little bit worse.”

Robbins did not see any signs that the pandemic’s impact on businesses in the U.S. was waning. “It feels to me very much like it felt 90 days ago,” he said.

Outside the U.S., countries where demand was up in the previous quarter included Japan, Korea and Germany, which have done a much better job at controlling the spread of COVID-19. Cisco’s European sales teams “feel reasonably OK, not great, great, but better than they did 90 days ago,” Robbins said.

The valuations of many tech companies have fallen during the pandemic, so Cisco could acquire companies to bolster its portfolio. The company has a list of potential targets, Robbins said.

“There has to be a recognition that the valuations have changed, but we’ll try to be disciplined and do the right thing at the right time,” he said.

Along with fiscal fourth-quarter results, Cisco announced the retirement of Kramer, who agreed to stay with the company until it found her replacement. Kramer told MarketWatch that her departure had nothing to do with Cisco. After 30 years in the business, “it’s just time,” she said. Kramer has been with the company for eight years.

Go to Original Article

ServiceNow adds Uber to its pandemic planning tool set

ServiceNow is linking up with Uber for Business to add ride-sharing to its suite of workplace safety tools for use in pandemic planning. The intent is to give employers a means to offer transportation services directly to their employees.

The Uber module is in ServiceNow‘s “Safe Workplace suite,” a set of pandemic planning tools designed to help bring employees back to the office. It includes contact tracing, readiness surveys, employee health screening and personal protective equipment inventory management. Uber for Business is the ride-sharing firm’s business-to-business arm.

Employers can set corporatewide Uber policies with the tool. An employee books a trip via an integration with Uber’s app. The employer can use the tool to either pay for the employee’s trip or subsidize it. The app can also stagger arrivals so that employees don’t turn up to office lobbies all at once. Employers can also set times when the ride-sharing tool is available to employees, among other functions.

Before COVID-19, corporate integration with ride-share-type services were already in place. Workday Inc., for instance, was already investing since at least 2016 in San Francisco carpooling service Scoop Technologies Inc.

But COVID-19 has disrupted transportation. Some bus and rail services have reduced hours of operation. Some people just want to avoid mass transit. In general, this is creating demand for alternatives, especially for essential industries, according to Uber. Industries such as healthcare “need to operate seamlessly — they need to get their employees to show up on time,” said Ronnie Gurion, global head of Uber for Business.

“Every company has to think through, ‘How do I reliably get my employees back to the office and how much do I want to lean in and help them think through those options?'” Gurion said.

Pandemic planning and transportation

Some people will use bicycles and others will drive their own cars, but employers may not have enough parking to accommodate an increase of drivers, Gurion said. Transit agencies, “are doing a lot of great work to make those rides as safe as possible,” he said.

To address COVID-19 concerns, Uber recently announced a series of safety measures, including requiring drivers to take selfies to show they are wearing a mask.

Every company has to think through, ‘How do I reliably get my employees back to the office?’
Ronnie GurionGlobal head, Uber for Business

There is anecdotal evidence that “micromobility” options such as bikes or scooters are on the rise, said Susan Shaheen, a professor of civil and environmental engineering at the University of California at Berkeley and co-director of the Transportation Sustainability Research Center.

Reasons people are increasingly electing to use micromobility options may include “concerns about riding in vehicles with people they do not know,” she said.

During the pandemic recovery period, it is possible that travelers may be more comfortable returning to carpooling and other ride-sharing type services before returning to public transit, Shaheen said, but more research will be needed to understand the dynamics.

Go to Original Article

Oracle Autonomous JSON Database takes on MongoDB, Couchbase

Oracle’s new Autonomous JSON Database is generally available, providing users with a cheaper version of its cloud database that is specifically focused on JSON as a document database.

JSON, a widely used protocol for data interchange, is the foundation of document databases. Oracle already supported JSON within its Autonomous Database, the company’s flagship cloud database offering that supports multiple formats.

The move to create a separate JSON document database offering intends to help serve developers who don’t need all the capabilities of Oracle’s main Autonomous Database offering, but still want the scalability and cloud management that Oracle provides.

Oracle’s latest release is also about market competition, as there are multiple cloud-based JSON document database services, including MongoDB Atlas, Couchbase and Amazon DocumentDB.

“My view is that the main effect of this development will be to prevent existing Oracle customers from going to MongoDB, Couchbase or some other JSON document database for new workloads and for cloud migrations,” IDC analyst Carl Olofson said. “This is partly aimed at migrations, but also new projects, which is why the low-cost Oracle Database for JSON is so important.”

Autonomous JSON Database is priced at less than 25% of Oracle’s full Autonomous Transaction Processing database, according to the company’s website.

Oracle Autonomous JSON database
Oracle now enables its cloud users to create an Autonomous JSON database as one of the optional deployment choices.

How Autonomous JSON cloud database works

At the core of the new Autonomous JSON Database is an open source document store API known as Simple Oracle Document Access (SODA).

The SODA API has been part of the Oracle Autonomous Database since 2016 and provides an interface that developers can interact with and query without the need for SQL, Oracle product manager Gerald Venzl explained. While users do not have to use SQL to query data in the document database, Venzl noted that SQL queries are supported as an option.

“We still allow people to use SQL on top of JSON,” Venzl said. “It gives developers choice and flexibility.”

The main effect of this development will be to prevent existing Oracle customers from going to MongoDB, Couchbase or some other JSON document database for new workloads and for cloud migrations.
Carl OlofsonAnalyst, IDC

JSON document database use cases

JSON database workloads are increasingly common, Venzl noted, though not all developers and users have been aware that Oracle supports that capability in its Autonomous Database cloud platform. By separating out JSON as a separate service, he said the goal is to raise awareness for the feature to attract more users.

The Oracle Autonomous Database is what is known as a multimodel database, supporting different models, including full transaction database, JSON and graph database approaches. Venzl noted that some users might have questioned why they should pay for the full-featured database, when all they need and use is JSON. As such, he expects that the new Autonomous JSON Database will help serve those users who only want to run a document database.

Oracle could potentially create additional specific Autonomous Database versions in the future, to support other uses,  such as a graph database. Oracle continually monitors the market to see what users need, he said.

“As of today, Autonomous JSON is the new kid on the block and we’re excited to see how it will perform and what other new workloads will come along,” he said.

Go to Original Article

Salesforce Apex developers tap into CircleCI’s CI/CD engine

CircleCI has answered the call to bring continuous integration to developers who build on the Salesforce Apex platform.

San Francisco-based CircleCI is integrating its CI/CD engine with Salesforce’s Java-like Apex development platform. The integration builds upon a partnership initiated last year, where CircleCI began to support developers using the Salesforce CLI [Command Line Interface] to build applications.

CircleCI has created a CircleCI orb for Salesforce Apex. CircleCI orbs bundle CircleCI configuration software into reusable packages for developers to connect to the company’s CI/CD engine, said Jim Rose, CEO of CircleCI, in an interview.

“We’re finding more and more companies are realizing they’re software companies,” Rose said. “We’re getting to a place where there are more and more tailored, highly specific platforms that developers are working with, and building extensions and applications upon.”

Salesforce is one of these, Rose said. “Apex is really interesting as Salesforce continues to build this very large enterprise application platform,” he said.

Capitalizing on DevOps

DevOps for application platforms is growing hotter as enterprises realize they can’t completely become a digital company until every aspect of their business is transformed, and that includes line-of-business applications like Salesforce. Therefore, enterprise teams are turning their attention to linking business, supply chains and other critical elements of conducting business to systems of engagement or people-facing applications.

“It’s not possible for a company like Amazon to sell you a product and promise it in two days unless its systems of engagement are linked with back-end business systems,” said Chris Condo, an analyst at Forrester Research. “Now other enterprises realize the same is true for their business as well.”

The new Salesforce Apex orb enables developers to run unit tests against apps and display the results in the Salesforce platform user interface; automatically deploy changes to applications already in production; and build version control system apps on commit and deploy the changes to a scratch organization, a temporary environment for a developer to publish their Salesforce app in prior to pushing it to production.

Migration to Salesforce DX

However, to use the CircleCI integration, Salesforce developers must migrate to Salesforce DX, said Bill Holz, an analyst at Gartner. Salesforce Apex is a proprietary Java-like language that Salesforce developers use to build custom business logic. Salesforce Developer Experience (DX) is a way to manage and develop Salesforce apps across their entire life cycle. It brings together the best of the Salesforce Lightning Platform to enable source-driven development, team collaboration with governance. Salesforce Lightning is a component-based, low-code environment designed for business users who do not have programming experience.

In short, Salesforce DX is a Salesforce product that allows users to develop and manage Salesforce apps throughout the entire platform. A comparison can be made to the Microsoft programming environment. Apex is a programming language and DX is a development life cycle tool environment — like the relationship between C# and Visual Studio. The issue here is that it appears that Salesforce developer shops have been slow to move to DX.

The Salesforce Apex orb is “nice for those few organizations that have done this, but DX has not, from what I can tell, been highly adopted,” Holz said. “”There are a lot of solutions already available to support DX and those organizations that have moved to DX most likely would have software development professionals who are familiar already with CI/CD tooling.””

Moreover, Holz noted that Salesforce provides sample repos for developers that are useful. Also, it doesn’t appear that Salesforce has added any CircleCI training to Trailhead similar to what exists for Jenkins, TravisCI and GitLab, he said.

There are a lot of organizations out there that are using the Salesforce platform as essentially that next layer of abstraction above the infrastructure and are doing a lot of custom software development.
Jim RoseCEO, CircleCI

Trailhead is Salesforce’s training program for educating users and developers about working on the Salesforce platform. Through Trailhead, the company offers a variety of content for developers, as Salesforce is a mix of an infrastructure provider, a platform company and an application vendor.

“It’s one of those things where when you think about, for example, AWS, you’re not naturally thinking about Salesforce as a comparison point,” Rose said. “But there are a lot of organizations out there that are using the Salesforce platform as essentially that next layer of abstraction above the infrastructure and are doing a lot of custom software development.”

In addition, Salesforce has an extensible platform that enables developers to easily build extensions and plugins to help to democratize development on the Salesforce platform.

“Salesforce is using a standard, automated, build, test and release process to bring software to market,” Rose said. “And that is why they’re bringing in more and more tools like CircleCI to bear to try and make that process easier.”

Meanwhile, CircleCI also updated its Salesforce CLI orb that debuted last December to tighten the integration with the Salesforce CLI experience and to simplify access to common commands.

There is a large opportunity for vendors in this market, as enterprises compete to deliver quality products and developers need DevOps and CI/CD to facilitate that.

“DevOps for Salesforce, SAP and other such systems are lacking in many areas of automation that mainstream developers take for granted, and yet most large software dev tool vendors have ignored this space,” Condo said.

Go to Original Article

Infrastructure-as-code upstart boosts Kubernetes deployment

An emerging infrastructure-as-code vendor broadened its tie-ins with Kubernetes deployment and policy enforcement utilities this week, in an appeal to DevOps shops that want a consistent interface for both app developers and infrastructure managers.

Pulumi Corp. first launched an infrastructure-as-code, or IaC, tool in 2018 that supports higher-level programming languages (e.g., JavaScript, Go and .NET), as opposed to scripting languages (e.g., YAML) used natively in Kubernetes or domain-specific languages employed by IaC products (e.g., HashiCorp Terraform).

Along the way, it also created integrations with popular cloud-native infrastructure tools and frameworks, from Kubernetes to Helm charts, and sought to poach customers directly from Terraform.

This week, Pulumi expanded its Kubernetes tie-ins with support in both its open source and paid versions for Helm v3 and Kustomize application deployment tools, a Kubernetes Operator and integration with Open Policy Agent (OPA). The Kubernetes Operator and new OPA integration mean that Pulumi’s code can be deployed within Kubernetes clusters using the same role-based access controls as the Kubernetes infrastructure, rather than requiring separate configuration via an outside command-line interface (CLI).

Gregg SiegfriedGregg Siegfried

“Their policy as code capabilities, including support for OPA, is potentially quite attractive,” said Gregg Siegfried, a research director at Gartner. By contrast, “HashiCorp’s Sentinel is a great start, but needs a little more polish and fleshing out, including figuring out whether there is to be any OPA integration.”

This week’s Pulumi update may also help ease Kubernetes deployments for application developers, with additions such as a YAML Converter tool that translates between higher-level languages and YAML scripts.

It also adds support for strongly typed Kubernetes CustomResourceDefinitions (CRDs), which brings dev-friendly features such as error reporting and failure notifications on Kubernetes infrastructure as code into existing integrated development environments.

Pulumi appeals as DevOps inflection point

Pinpoint Software Inc., an Agile workflow toolmaker in Austin, Texas, rolled out Pulumi last year. Two Pinpoint engineers hired after that purchase came in more familiar with Terraform but now prefer Pulumi’s flexibility.

Andrew KunzelAndrew Kunzel

“The great thing about being able to do all this in a higher-level language such as TypeScript or Go is you have the ability to use all of the other clients and APIs out there right next to your infrastructure code,” said Andrew Kunzel, software engineer at Pinpoint. “For example, we’re able to use the AWS API to get the Spot price for a certain instance type right next to our code defining the node groups, and we didn’t need to go to a different system or make a CLI call.”

Pulumi will provide a common language for developers and ops to communicate as infrastructure management “shifts left” along the DevOps timeline.

Michael GoodeMichael Goode

“[Terraform] makes it easy to stand up infrastructure, but you end up working yourself into this hole where … you need to learn the language or you need to work with teams that are well-versed in it,” said Michael Goode, platform operations engineer at Pinpoint. “Those teams tend to become siloed, [but] Pulumi fills the gap so you don’t have to learn specific declarative type languages, or even YAML, for that matter.”

This week’s addition of support for strongly typed CRDs will be key to helping developers learn about Kubernetes deployments and, potentially, prevent mistakes from reaching production.

“Monitoring Kubernetes is a challenge, so being able to tell right away at deploy time, ‘Hey, this is not going to work,’ is a lot better than someone trying to figure out why things aren’t working, and it turns out, it’s because someone used an integer instead of a string,” Kunzel said. “That’s really hard to diagnose.”

Pulumi offers a consistent interface between Helm and Kustomize, which simplifies Kubernetes deployments between test and production environments to a matter of updating an image tag and changing a few configuration values, Kunzel said.

Pulumi fills the gap so you don’t have to learn specific declarative type languages, or even YAML, for that matter.
Michael GoodePlatform operations engineer, Pinpoint Software

Pulumi CrossGuard and its new OPA-compatible access controller are on the to-do list for Pinpoint to evaluate as the company grows, Goode said. For now, Pulumi is most commonly used by the company’s ops-focused engineers, but as Pinpoint’s engineering team of 15 expands in the next year or so, the company will need to take a more systematized approach to DevOps collaboration and Kubernetes deployments.

“Where we are now works for 15 people, but if we get to 50 or more developers, what we have right now won’t work,” Kunzel said. “Pulumi is a more scalable [approach], and as we grow as a company, our reliance on Pulumi will expand.”

Pulumi, the underdog, vs. HashiCorp, the heavyweight

Pulumi has gained a couple hundred customers since it first launched in 2018, according to its CEO, Joe Duffy, but the company still faces a rigorous battle against IaC incumbents — mainly, Terraform — and the perception that Pulumi’s appeal is limited to niches within the market so far.

“From what I’ve seen, Pulumi has an interesting dichotomy of appeal,” Gartner’s Siegfried said. “Either larger organizations and service providers where a specific ‘cloud engineering’ function exists that’s able to treat collections of cloud resources just like software products … [or] smaller organizations that are running single-team DevOps where it may be attractive to use the same programming languages.”

As IT ops pros take on a site reliability engineering (SRE) role, they may form an audience for Pulumi that fits in between those two extremes, Siegfried said. But HashiCorp has its own strong appeal to that audience, as well as with the other cloud-native infrastructure management tools in its portfolio such as Consul and Vault.

“SREs also have an eye on the entire ecosystem, and the HashiCorp stack presents such a productive toolkit as a whole, that there may be some favorable momentum toward Terraform in that instance as well,” Siegfried said.

Go to Original Article