Saturday, December 31, 2005
Why Enterprise Architects should pay attention to Identity Management
Was busy googling today in hopes of figuring out how to close out many of the thoughts I have had in 2005 regarding identity management when I ran across an interesting report from Gartner entitled: Should You Leverage Your Existing MOM Infrastructure for Identity Management? written by Roberta J. Witty but sadly didn't get the opportunity to actually read it. The main problem is that every single analyst firm that covers the identity management space doesn't practice what they recommend to clients. Hopefully one of their New Years resolutions will be to solve for the obvious in your face rants that folks like me have...
Every single analyst firm is in the content management business yet no one has been able to answer any of my inquiries in any depth surrounding strategies of integrating federated identity into content management systems. Pretty much every analyst firm makes us dumb customers remember yet another ID and password. How come analysts can simply allow content to be accessed by not handing me an ID but allowing me to trade SAML assertions or exposing a service interface via SPML?
Dan Blum at the Burton Group has been busy researching all of my other questions so he has an excuse but not so sure about other firms I interact with on a daily basis. Maybe before Burton Group's CEO Jamie Lewis creates another blog entry on federated identity, he will not only make his firm eat his own dogfood but also create a first-person case study on it that will be highly credible.
Anyway, let me get back to the Gartner document. She essentially gives away the story ending in the summary and states: Considerable domain-specific knowledge goes into designing an identity management system that makes the "whole" worth a lot more than the "sum of the parts." Buy your identity management product rather than build it yourself.
Not sure that I necessarily agree with this hypothesis in all situations but figured there is merit in me posting my opinion as well as ask questions of others. Let's start listing them out. The question on Message-Oriented Middleware is good but avoided one thing that is rarely discussed in terms of identity and that is workflow. Pretty much every Fortune 1000 enterprise already has some form of workflow engine in their shop which is a major component to identity management on the provisioning side. Why would an enterprise want to bring in yet another workflow engine that is relabeled in another context?
As far as message-oriented middleware, this implies that there may be services somewhere that I may want to talk to in a provisioning context? I assume that vendors are moving towards supporting SPML but have no idea as to which enterprise application vendors will be adding to their suite. Could someone provide this information?
Another component would be connectors to directory services. Could someone tell me how many I need? One could logically assume one for each type of application / technology but if I go down this path, ain't I really just making a bad situation worse? How about telling me that it may be better for me to not spread provisioning type services all over my enterprise and instead recommend to me that I should consolidate identity stores?
If I wanted to consolidate identity stores, wouldn't Active Directory be a great place to do such a thing? What if I could get RACF to trust Active Directory? What if I could make all of my other enterprise applications not understand SPML but instead have them consume XACML from a centralized policy server that binds against Active Directory? Maybe I shouldn't care about SAML at all even though folks like Pat Patterson believe I should.
Maybe it really does make sense to buy one instead of attempting to piece together all the parts you already own. After all, no one has provided any form of identity management reference architecture so I can figure out best practices for putting all the pieces together. Maybe the only thing I object to is the word "buy". Why not use the word "acquire" instead so that it would include open source product offerings.
Hopefully all of the analyst firms covering the identity management space have included open source products right next to commercial proprietary closed-source products. In my brief search in this space I have came across one product that feels like it could be of high quality. Does anyone have thoughts on Diamelle? If someone has a matrix that compares features side-by-side and can send it to me, it would be greatly appreciated.
Maybe I will install it on one of my lab servers in my basement so that I can familiarize myself with the product and then provide a briefing to Roberta? I have always been curious as to how vendor briefings actually work with analyst firms. Sitting on both sides of the table seems like an opportunity that shouldn't be passed up.
So as to not inject bias into the research community and adopt the practices that I so despise in others, the only fair thing I can conclude is that early next week I will work on establishing a quarterly briefing with any analyst firm that wants to engage in a two-way conversation. Treating all analysts as equals brings integrity into the research provided and sold to vendors.
Maybe clarity around identity will occur when Pat Patterson returns from vacation? He owes me a response to a previous blog entry entitled: Enterprise Perspectives on federated Identity. I hope he or another person from Project Liberty can respond shortly.
Another thing has been bothering me that I would really love for Kim Cameron to provide answers to. He may be able to provide insight into changing not only my thinking on buying an identity management solution but even in thinking about open source equivalents.
In looking at Microsoft documentation, they talk alot about adding Workflow into the next release of Windows. Likewise, they are expanding the capabilities of the Microsoft Management Console. One could read into these two things and conclude that something very big is going to happen that could become troubling to other vendors in this space.
The Microsoft Management Console is how users are provisioned to Active Directory. If they connect the console to the workflow engine then requests for user credentials may be routed via workflow. The workflow itself and policies surrounding the approval process may be stored in group policy objects. If you combine this thought with my thinking on getting RACF to bind to Active Directory then it gets really interesting. I hate to speculate or even start rumors, but will defer to Kim to find someone within Microsoft that can point us all straight.
I do have a question for both Kim and Pat though. I really would like to understand how they both believe the notion of workflow should work in context of provisioning within a federation?
| | View blog reactionsEvery single analyst firm is in the content management business yet no one has been able to answer any of my inquiries in any depth surrounding strategies of integrating federated identity into content management systems. Pretty much every analyst firm makes us dumb customers remember yet another ID and password. How come analysts can simply allow content to be accessed by not handing me an ID but allowing me to trade SAML assertions or exposing a service interface via SPML?
Dan Blum at the Burton Group has been busy researching all of my other questions so he has an excuse but not so sure about other firms I interact with on a daily basis. Maybe before Burton Group's CEO Jamie Lewis creates another blog entry on federated identity, he will not only make his firm eat his own dogfood but also create a first-person case study on it that will be highly credible.
Anyway, let me get back to the Gartner document. She essentially gives away the story ending in the summary and states: Considerable domain-specific knowledge goes into designing an identity management system that makes the "whole" worth a lot more than the "sum of the parts." Buy your identity management product rather than build it yourself.
Not sure that I necessarily agree with this hypothesis in all situations but figured there is merit in me posting my opinion as well as ask questions of others. Let's start listing them out. The question on Message-Oriented Middleware is good but avoided one thing that is rarely discussed in terms of identity and that is workflow. Pretty much every Fortune 1000 enterprise already has some form of workflow engine in their shop which is a major component to identity management on the provisioning side. Why would an enterprise want to bring in yet another workflow engine that is relabeled in another context?
As far as message-oriented middleware, this implies that there may be services somewhere that I may want to talk to in a provisioning context? I assume that vendors are moving towards supporting SPML but have no idea as to which enterprise application vendors will be adding to their suite. Could someone provide this information?
Another component would be connectors to directory services. Could someone tell me how many I need? One could logically assume one for each type of application / technology but if I go down this path, ain't I really just making a bad situation worse? How about telling me that it may be better for me to not spread provisioning type services all over my enterprise and instead recommend to me that I should consolidate identity stores?
If I wanted to consolidate identity stores, wouldn't Active Directory be a great place to do such a thing? What if I could get RACF to trust Active Directory? What if I could make all of my other enterprise applications not understand SPML but instead have them consume XACML from a centralized policy server that binds against Active Directory? Maybe I shouldn't care about SAML at all even though folks like Pat Patterson believe I should.
Maybe it really does make sense to buy one instead of attempting to piece together all the parts you already own. After all, no one has provided any form of identity management reference architecture so I can figure out best practices for putting all the pieces together. Maybe the only thing I object to is the word "buy". Why not use the word "acquire" instead so that it would include open source product offerings.
Hopefully all of the analyst firms covering the identity management space have included open source products right next to commercial proprietary closed-source products. In my brief search in this space I have came across one product that feels like it could be of high quality. Does anyone have thoughts on Diamelle? If someone has a matrix that compares features side-by-side and can send it to me, it would be greatly appreciated.
Maybe I will install it on one of my lab servers in my basement so that I can familiarize myself with the product and then provide a briefing to Roberta? I have always been curious as to how vendor briefings actually work with analyst firms. Sitting on both sides of the table seems like an opportunity that shouldn't be passed up.
So as to not inject bias into the research community and adopt the practices that I so despise in others, the only fair thing I can conclude is that early next week I will work on establishing a quarterly briefing with any analyst firm that wants to engage in a two-way conversation. Treating all analysts as equals brings integrity into the research provided and sold to vendors.
Maybe clarity around identity will occur when Pat Patterson returns from vacation? He owes me a response to a previous blog entry entitled: Enterprise Perspectives on federated Identity. I hope he or another person from Project Liberty can respond shortly.
Another thing has been bothering me that I would really love for Kim Cameron to provide answers to. He may be able to provide insight into changing not only my thinking on buying an identity management solution but even in thinking about open source equivalents.
In looking at Microsoft documentation, they talk alot about adding Workflow into the next release of Windows. Likewise, they are expanding the capabilities of the Microsoft Management Console. One could read into these two things and conclude that something very big is going to happen that could become troubling to other vendors in this space.
The Microsoft Management Console is how users are provisioned to Active Directory. If they connect the console to the workflow engine then requests for user credentials may be routed via workflow. The workflow itself and policies surrounding the approval process may be stored in group policy objects. If you combine this thought with my thinking on getting RACF to bind to Active Directory then it gets really interesting. I hate to speculate or even start rumors, but will defer to Kim to find someone within Microsoft that can point us all straight.
I do have a question for both Kim and Pat though. I really would like to understand how they both believe the notion of workflow should work in context of provisioning within a federation?
Enterprise Architecture and Strong Technical Leadership
Haven't blogged on the need for Strong Technical Leadership within the enterprise at executive ranks in a long time and felt it was time to revisit this topic...
Here are several things CIO's in corporate America should adopt as part of their New Years Resolution:
| | View blog reactionsHere are several things CIO's in corporate America should adopt as part of their New Years Resolution:
- Let your people actually lead. Give them something to lead that will allow them to learn, make mistakes, and grow as a leader.
- Don't interfere with their leadership unless absolutely necessary. Nothing destroys morale and confidence more than stepping in (think pile) and taking over.
- Help foster the ideas of your new leaders. Take their ideas seriously; help them to reach correct decisions.
- Show confidence in them. Let them see the 'bigger picture' of the project, team, et. al. every now and then. Let them see some of the decisions you have to make. Suddenly, you might find you have allies when you need to move the team in various directions.
- Stop listening to industry analysts and more importantly don't practice management by magazine. There job is to commoditize information. You cannot gain competitive advantage from commodity approaches.
Friday, December 30, 2005
Thoughts on Microsoft and elimination of Office from my Home PC
Don't get it twisted as I am not into Microsoft bashing. Likewise, I am not into advocacy of Open Office. I just ran across a really cool site that not only is a good implementation of Software as a Service but also allows for the possibility of me never having to go through the pain of acquiring a software license simply to write a document...
Check out Writely the web-based word processor...
Actually, I am curious more about what folks from Sun think...
| | View blog reactionsCheck out Writely the web-based word processor...
Actually, I am curious more about what folks from Sun think...
Thoughts on 2006 IT Conferences
It has been a very interesting week for me in that within the last couple of days I have been an invited speaker to not one but four different prominent industry conferences. In looking back, I have spoke at a total of 20 different IT conferences in the last three years. I hope to speak at four to five conferences in 2006 and now have to figure out which conferences are most important to me. Sadly though, one community that I religiously support (Agile Software Development) has never extended an offer to me...
I have always been a big fan of conferences put on by Marcus Evans in that they have a unique value proposition for not only vendors but for us folks in corporate America as well. They don't make us folks spend our budgets listening to CTOs of software companies and their thinly veiled sales presentations. Likewise, we are forced to run from booth to booth getting our cards stamped so that we can enter drawings for televisions or other trinkets.
Marcus Evans instead limits their speakers to real-world end users. They do make a rare exception for consulting firms and will always allow as speakers prominent leaders of industry user groups but otherwise no vendors. This simple approach makes it the ideal conference for folks within corporate America to attend. While I speak at a lot of conferences throughout the year, I do have a hard time recommending my peers in the industry attending them, but I can say without reservation that conferences put on by Marcus Evans are worthy of corporate dollars.
Vendors have it twisted when they shell out lots of dough to present at conferences. Paying lots of loot for speaking is simply a waste of money. Marcus Evans has better value proposition for vendors. The real key for why vendors should pay attention is the fact that Marcus Evans arranges for each vendor an opportunity to talk one-on-one in a prescheduled manner attendees. For example, I will be speaking at the Boston TechCongress in February. Imagine the value proposition for each and every vendor in attendance getting the undivided attention of 200 different CIOs and Enterprise Architects who actually want to talk to you. A note to vendors that may be salivating, the key for vendors is us folks in the enterprise agree to this because we expect to talk with the CEO and CTO of your firm, not the local sales guy.
Another conference I will be presenting at will be an upcoming Gartner conference. Hopefully I will get the opportunity to serve on a panel with Gartner analyst Jess Thompson a second time. For the Siemen's CIO Summit, I had the opportunity to present along with him, David Lithicium and Jean Baker. There were many points in which we all agreed and many points where we were all diametrically opposed. The key point though is that in disagreement comes insight and that folks truly get to see the issues and critical thinking that goes into taking a particular stance not just the glossy stuff found elsewhere.
The one thing that I will need to work on though before presenting at a Gartner conference so as to not make too many folk feel uncomfortable is in getting Liferay Enterprise Portal and ServiceMix not only listed on the magic quadrants but prominently displayed in the leaders quadrant. Both products are 100% open source and in use in multiple Fortune 200 enterprises as well as the global 200. Getting the message out about the convergence between SOA and open source makes for a good enterprise architecture story that folks need to hear...
The other thing that I have to start thinking about is my own opinion on hype cycles. I hope that folks at Gartner don't object to me being candid in stating that hype cycles are only useful for measuring the buzz as well as the adoption rate of any given domain. The value of a hype cycle is very useful for venture capitalists and software vendors but not as useful to enterprise architects. Hype Cycles also do not necessarily correspond to the long-term utility or even predict success but rather measure phenomena which the blogosphere does equally well at.
In 2003, I spoke at the Enterprise Architect Summit on Service Oriented Architectures. The one thing that I still find interesting is that I could probably get away with not updating my Powerpoint and still keep audiences interested. The paradigm shift seems to be happening but slower than I expected. Maybe these folks who are interested in learning more about SOA should instead stay home, learn the basics by reading books such as Enterprise Service Oriented Architectures and coming to the conference armed with questions once they have developed a hunger to learn more.
Anyway, I have now committed to a total of six different conferences. Work will never give me this much time on the clock so a lot of this will ultimately occur on my own vacation time and more importantly on my own nickel. I like sharing what I know with others and figure that I shouldn't place arbitrary constraints on speaking and sharing. If you happen to be a conference chair of a conference and are seeking a keynote, I will gladly volunteer my services. I do have two constraints though. The first being that I ask that it be a conference on the East Coast (I really hate flying) and second that we work collectively to figure out how I can get to your location while minimizing the impact on my own personal wallet.
Sadly, the two conferences I would love to speak at would be Infoworld on enterprise perspectives around open source and the CIO Forum but sadly I am not on their radar. As far as Agile conferences, I guess the community itself will soon figure out that while there is value in talking with the founders of the agile manifesto (who happen to be consultants in sales mode) there is more value in talking with practitioners who work in large enterprises who have nothing to sell...
| | View blog reactionsI have always been a big fan of conferences put on by Marcus Evans in that they have a unique value proposition for not only vendors but for us folks in corporate America as well. They don't make us folks spend our budgets listening to CTOs of software companies and their thinly veiled sales presentations. Likewise, we are forced to run from booth to booth getting our cards stamped so that we can enter drawings for televisions or other trinkets.
Marcus Evans instead limits their speakers to real-world end users. They do make a rare exception for consulting firms and will always allow as speakers prominent leaders of industry user groups but otherwise no vendors. This simple approach makes it the ideal conference for folks within corporate America to attend. While I speak at a lot of conferences throughout the year, I do have a hard time recommending my peers in the industry attending them, but I can say without reservation that conferences put on by Marcus Evans are worthy of corporate dollars.
Vendors have it twisted when they shell out lots of dough to present at conferences. Paying lots of loot for speaking is simply a waste of money. Marcus Evans has better value proposition for vendors. The real key for why vendors should pay attention is the fact that Marcus Evans arranges for each vendor an opportunity to talk one-on-one in a prescheduled manner attendees. For example, I will be speaking at the Boston TechCongress in February. Imagine the value proposition for each and every vendor in attendance getting the undivided attention of 200 different CIOs and Enterprise Architects who actually want to talk to you. A note to vendors that may be salivating, the key for vendors is us folks in the enterprise agree to this because we expect to talk with the CEO and CTO of your firm, not the local sales guy.
Another conference I will be presenting at will be an upcoming Gartner conference. Hopefully I will get the opportunity to serve on a panel with Gartner analyst Jess Thompson a second time. For the Siemen's CIO Summit, I had the opportunity to present along with him, David Lithicium and Jean Baker. There were many points in which we all agreed and many points where we were all diametrically opposed. The key point though is that in disagreement comes insight and that folks truly get to see the issues and critical thinking that goes into taking a particular stance not just the glossy stuff found elsewhere.
The one thing that I will need to work on though before presenting at a Gartner conference so as to not make too many folk feel uncomfortable is in getting Liferay Enterprise Portal and ServiceMix not only listed on the magic quadrants but prominently displayed in the leaders quadrant. Both products are 100% open source and in use in multiple Fortune 200 enterprises as well as the global 200. Getting the message out about the convergence between SOA and open source makes for a good enterprise architecture story that folks need to hear...
The other thing that I have to start thinking about is my own opinion on hype cycles. I hope that folks at Gartner don't object to me being candid in stating that hype cycles are only useful for measuring the buzz as well as the adoption rate of any given domain. The value of a hype cycle is very useful for venture capitalists and software vendors but not as useful to enterprise architects. Hype Cycles also do not necessarily correspond to the long-term utility or even predict success but rather measure phenomena which the blogosphere does equally well at.
In 2003, I spoke at the Enterprise Architect Summit on Service Oriented Architectures. The one thing that I still find interesting is that I could probably get away with not updating my Powerpoint and still keep audiences interested. The paradigm shift seems to be happening but slower than I expected. Maybe these folks who are interested in learning more about SOA should instead stay home, learn the basics by reading books such as Enterprise Service Oriented Architectures and coming to the conference armed with questions once they have developed a hunger to learn more.
Anyway, I have now committed to a total of six different conferences. Work will never give me this much time on the clock so a lot of this will ultimately occur on my own vacation time and more importantly on my own nickel. I like sharing what I know with others and figure that I shouldn't place arbitrary constraints on speaking and sharing. If you happen to be a conference chair of a conference and are seeking a keynote, I will gladly volunteer my services. I do have two constraints though. The first being that I ask that it be a conference on the East Coast (I really hate flying) and second that we work collectively to figure out how I can get to your location while minimizing the impact on my own personal wallet.
Sadly, the two conferences I would love to speak at would be Infoworld on enterprise perspectives around open source and the CIO Forum but sadly I am not on their radar. As far as Agile conferences, I guess the community itself will soon figure out that while there is value in talking with the founders of the agile manifesto (who happen to be consultants in sales mode) there is more value in talking with practitioners who work in large enterprises who have nothing to sell...
Enterprise Architecture and Software Product Lines
Several years ago, the folks at the Software Engineering Institute came out with the notion of software product lines. We incorporated modern thinking based on their original work in our book, Practical Guide to Enterprise Architecture hoping that enterprise architects everywhere would start incorporating this form of thinking.
Software product lines offer tremendous potential to improve a company's competitive position and responsiveness to changing market needs. The transition from traditional software development where products are developed independently from one another to an approach that is based on multiple development groups working in a collaborative fashion to deliver products to market requires a massive change in how things are done. It requires the notion of business architecture. It also requires better thinking from executive row than simply throwing things over the wall to outsourcing firms who are only guaranteed to make a mess out of things.
For enterprise architects that have a strong sense of business planning and can articulate architecture in terms of financial constructs are better positioned than those who are solely technology focused. I believe that every architect should understand business. This doesn't mean that you have to indoctrinate yourself into the particular business of your company and the particular industry vertical but it does mean that you should understand business and finance 101.
The investment costs and risks, as well as the downstream benefits can be significant. Gaining executive stakeholder buy-in to making the investment requires a business case that translates the qualitative benefits of software product lines into something tangible. The business case process can be an effective decision
making tool for not only deciding whether an organization should transition to an SPL, but also how best to make the transition a success. Software product lines can become another aspect to strong IT governance.
Anyway, I implore every architect reading this blog entry, to check out the following sites/books:
| | View blog reactionsSoftware product lines offer tremendous potential to improve a company's competitive position and responsiveness to changing market needs. The transition from traditional software development where products are developed independently from one another to an approach that is based on multiple development groups working in a collaborative fashion to deliver products to market requires a massive change in how things are done. It requires the notion of business architecture. It also requires better thinking from executive row than simply throwing things over the wall to outsourcing firms who are only guaranteed to make a mess out of things.
For enterprise architects that have a strong sense of business planning and can articulate architecture in terms of financial constructs are better positioned than those who are solely technology focused. I believe that every architect should understand business. This doesn't mean that you have to indoctrinate yourself into the particular business of your company and the particular industry vertical but it does mean that you should understand business and finance 101.
The investment costs and risks, as well as the downstream benefits can be significant. Gaining executive stakeholder buy-in to making the investment requires a business case that translates the qualitative benefits of software product lines into something tangible. The business case process can be an effective decision
making tool for not only deciding whether an organization should transition to an SPL, but also how best to make the transition a success. Software product lines can become another aspect to strong IT governance.
Anyway, I implore every architect reading this blog entry, to check out the following sites/books:
- Software Product Lines
- Product Line Practices
- Software Product Lines: Practices and Patterns (Book)
- Designing Software Product Lines with UML (Book)
Thursday, December 29, 2005
Industry Analysts and Blowhard Jamborees
Developing valuable working software within an enterprise is already difficult. We are confronted with design-by-committee (aka let's go around the table) and anti-pattern leveraged infrastructure. This is made even more difficult by so-called industry experts (The Business Rules Community seems to have more than their fair share) that often influence technology decisions.
Analysts and the media create articles/research that criticize particular aspects of technology causing architects in corporate America to spend way too much time answering the concerns of "executives" and decision-makers (usually not "executives") arising from their tales. Many of these so-called experts truly aren't. Many of them are also equally guilty of presently thinly-veiled biased viewpoints in which most practitioners can see through but non-technical folks in IT can't.
It has always been curious to me how analysts can justify their research as being credible if even the largest of analyst firms, maybe have visibility into 5% of the entire marketplace! Is a 5% at best statistical sample considered credible? Would't statictical accuracy improve if they were to not only talk to their customers but others as well? I know the folks over at RedMonk spend a significant amount of time talking to non-customers so their research is credible and the same thing can be said of the folks at Seybold Group but what should us enterprise customers think about the research put out by other firms? Do these firms even care about what we think?
Maybe the answer in the long run is for enterprises to have an in-house expert on each key technology so that they can discriminate between facts, misinformation and the opinions expressed in popular media. Maybe these same folks could start creating or at least participating in open source industry analysis. In fact, lets make this a call to action with me being the first volunteer. I will assist any analyst firm that agrees to create their next report using open source analysis on a topic that I am familiar with and agrees to also include my employer's logo!
Of course, the large analyst firms have absolutely nothing to worry about as they understand that an in-house expert requires deferral which is almost non-existent in a design-by-committee culture. Maybe this is the real problem that enterprise architecture attempts to solve...
| | View blog reactionsAnalysts and the media create articles/research that criticize particular aspects of technology causing architects in corporate America to spend way too much time answering the concerns of "executives" and decision-makers (usually not "executives") arising from their tales. Many of these so-called experts truly aren't. Many of them are also equally guilty of presently thinly-veiled biased viewpoints in which most practitioners can see through but non-technical folks in IT can't.
It has always been curious to me how analysts can justify their research as being credible if even the largest of analyst firms, maybe have visibility into 5% of the entire marketplace! Is a 5% at best statistical sample considered credible? Would't statictical accuracy improve if they were to not only talk to their customers but others as well? I know the folks over at RedMonk spend a significant amount of time talking to non-customers so their research is credible and the same thing can be said of the folks at Seybold Group but what should us enterprise customers think about the research put out by other firms? Do these firms even care about what we think?
Maybe the answer in the long run is for enterprises to have an in-house expert on each key technology so that they can discriminate between facts, misinformation and the opinions expressed in popular media. Maybe these same folks could start creating or at least participating in open source industry analysis. In fact, lets make this a call to action with me being the first volunteer. I will assist any analyst firm that agrees to create their next report using open source analysis on a topic that I am familiar with and agrees to also include my employer's logo!
Of course, the large analyst firms have absolutely nothing to worry about as they understand that an in-house expert requires deferral which is almost non-existent in a design-by-committee culture. Maybe this is the real problem that enterprise architecture attempts to solve...
Industry Analysts and Software Vendor Paranoia
Most enterprises use the services of industry analysts to provide guidance on a variety of software products and the vendors that create them. Analysts in most situations attempt to make customers calm and think rationale about the decision at hand. It some cases this could be diametrically opposed to the relationship built upon trust.
Analysts when talking with their clients (especially large enterprises) may serve them better if they were to figure out if they are paranoid enough. If not, maybe by encouraging paranoia, the enterprise can be made more successful and encourage innovation.
When it comes to dealing with software vendors, freedom of choice is the enterprise's most valuable asset but this would never be acknowledged by most enterprise architects who are not paranoid...
| | View blog reactionsAnalysts when talking with their clients (especially large enterprises) may serve them better if they were to figure out if they are paranoid enough. If not, maybe by encouraging paranoia, the enterprise can be made more successful and encourage innovation.
When it comes to dealing with software vendors, freedom of choice is the enterprise's most valuable asset but this would never be acknowledged by most enterprise architects who are not paranoid...
Wednesday, December 28, 2005
Why America will lose the war on terror!
America is filled with idiots, let me explain why...
We all know that George Bush just got caught in another act of stupidity. He was busy wiretapping calls of American citizens without court orders. He could have used legal channels but avoided them strictly for the reason that corporate America never really gets their architecture right. The main problem is lack of focus and pinpoint accuracy. Instead he like most leaders are attempting to boil the ocean by listening to more information than they could ever hope to process.
I wonder if they have been busy listening to the many international calls I make on a weely basis? They may have heard me use the phrase "kidnap" frequently. In my second home, Trinidad; folks are kidnapped on an almost daily basis and the police are defenseless in preventing it. I was thinking that maybe one answer would be to bring Trinidadian kidnappers to America so that they can kidnap all the enterprise architects that work for the Federal Government. After all, many of them are more dangerous to America than anything Bin Laden could do to us.
Many folks in usual form concern themselves with the technology aspects of war and suggest butthead tactics (Michael Savage comes to mind) such as bombing everything and going home. The real problem is not of technology but of the human aspects of technology. Have we ever considered that the war is really about economics?
For every $1 that Bin Laden spends, America spends $100,000. Guess who's enterprise architecture is more sustainable! Likewise, since we have no form of architecture we will focus on technology such as equipment to find bombs at airports when we know that this really isn't either sustainable nor backtestable. We are successful though in torquing pretty much every customer that goes through an airport and can't even rationalize our decision in way that we believe. Maybe if we focused on the human aspects, we would realize that it makes more sense to find bombers than bombs!
Oops, I made a mistake. I forgot that a certain demographic believe that guns kill people. This is something that is constantly being countered by noble organizations such as the National Rifle Association who seemed to be filled with lots of republicans. If republicans understand that guns don't kill people and that people kill people, you would think they would get the connection of spending time finding bombers and not bombs?
As for me, I wonder if the government ever thought about diversity in hiring as a solution to their enterprise architecture problems? For folks that don't know me, I am a pretty big guy. Maybe someone in their wisdom may think that I could realistically have a chance of success by executing a covert operation at a horse jockey convention. When I failed, maybe they might then realize that I need a quick indoctrination into horse riding but would still fail to see what the real problem was like the fact that I may never be the right person (too tall and definetely too fat).
Maybe the folks tapping the phone may realize that I am onto something useful. Maybe they will convince George Bush that America needs a Chief Technology Officer and it should be me. At least, I would have recognized that projects such as FBI Virtual Case File System would become a massive abortion. I wonder if enterprise architects in the federal government have ever read the book: A Practical Guide to Enterprise Architecture. They should!
We understand that the federal government mandates enterprise architecture and that many insultants are employed creating piles of comprehensive documentation but yet seem to always fail at what is more important: working software. Maybe the reason the government fails is that they have no idea what a technology blueprint should look like. Maybe they fail because of lack of strong technical leadership.
I can promise to the citizens of America that IT systems under my leadership would be capable of stopping illegal immigration and other problems we face and do so under budget. I would have strong leadership and would appoint Stephen O'Grady as my CIO, Bruce Schneier as my Chief Security Officer and Patricia Seybold as my Chief Business Architect. Maybe I should run for government CTO? Republican party are you listening?
| | View blog reactionsWe all know that George Bush just got caught in another act of stupidity. He was busy wiretapping calls of American citizens without court orders. He could have used legal channels but avoided them strictly for the reason that corporate America never really gets their architecture right. The main problem is lack of focus and pinpoint accuracy. Instead he like most leaders are attempting to boil the ocean by listening to more information than they could ever hope to process.
I wonder if they have been busy listening to the many international calls I make on a weely basis? They may have heard me use the phrase "kidnap" frequently. In my second home, Trinidad; folks are kidnapped on an almost daily basis and the police are defenseless in preventing it. I was thinking that maybe one answer would be to bring Trinidadian kidnappers to America so that they can kidnap all the enterprise architects that work for the Federal Government. After all, many of them are more dangerous to America than anything Bin Laden could do to us.
Many folks in usual form concern themselves with the technology aspects of war and suggest butthead tactics (Michael Savage comes to mind) such as bombing everything and going home. The real problem is not of technology but of the human aspects of technology. Have we ever considered that the war is really about economics?
For every $1 that Bin Laden spends, America spends $100,000. Guess who's enterprise architecture is more sustainable! Likewise, since we have no form of architecture we will focus on technology such as equipment to find bombs at airports when we know that this really isn't either sustainable nor backtestable. We are successful though in torquing pretty much every customer that goes through an airport and can't even rationalize our decision in way that we believe. Maybe if we focused on the human aspects, we would realize that it makes more sense to find bombers than bombs!
Oops, I made a mistake. I forgot that a certain demographic believe that guns kill people. This is something that is constantly being countered by noble organizations such as the National Rifle Association who seemed to be filled with lots of republicans. If republicans understand that guns don't kill people and that people kill people, you would think they would get the connection of spending time finding bombers and not bombs?
As for me, I wonder if the government ever thought about diversity in hiring as a solution to their enterprise architecture problems? For folks that don't know me, I am a pretty big guy. Maybe someone in their wisdom may think that I could realistically have a chance of success by executing a covert operation at a horse jockey convention. When I failed, maybe they might then realize that I need a quick indoctrination into horse riding but would still fail to see what the real problem was like the fact that I may never be the right person (too tall and definetely too fat).
Maybe the folks tapping the phone may realize that I am onto something useful. Maybe they will convince George Bush that America needs a Chief Technology Officer and it should be me. At least, I would have recognized that projects such as FBI Virtual Case File System would become a massive abortion. I wonder if enterprise architects in the federal government have ever read the book: A Practical Guide to Enterprise Architecture. They should!
We understand that the federal government mandates enterprise architecture and that many insultants are employed creating piles of comprehensive documentation but yet seem to always fail at what is more important: working software. Maybe the reason the government fails is that they have no idea what a technology blueprint should look like. Maybe they fail because of lack of strong technical leadership.
I can promise to the citizens of America that IT systems under my leadership would be capable of stopping illegal immigration and other problems we face and do so under budget. I would have strong leadership and would appoint Stephen O'Grady as my CIO, Bruce Schneier as my Chief Security Officer and Patricia Seybold as my Chief Business Architect. Maybe I should run for government CTO? Republican party are you listening?
Why smart enterprise architects defend bad ideas...
hort of obtaining a degree in logic, or studying the nuances of debate, remember this one simple rule for defusing those who are skilled at defending bad ideas: Simply because they cannot be proven wrong, does not make them right. Most of the tricks of logic and debate refute questions and attacks, but fail to establish any true justification for a given idea...
The next time this phenomena happens to you, attempt to place yourself into one of the following categories:
Several months back, I attended a diversity event and learned something that wasn't apparent before I attended. Many of my peers have discussed the notion of diversity in private situations on several occasions. Being that I have a background that lets me check several EEOC categories, I felt it was important to set them straight on a couple of issues.
Within many companies, the trend of hiring folks from insulting firms and putting them into senior positions is on the rise. Was thinking about starting my own diversity club and will invite anyone who wants to get promoted but hasn't worked for one of these firms. I wonder what HR would think?
Getting back on track, diversity is not about how you see others, it is about understanding how others see you! In order to figure out the why enterprise architects defend bad ideas requires you to see things in through their glasses and their experiences, not through your own.
One action item that comes to mind is that enterprise architects need to practice saying only those things that the people around you can hear. For an ongoing conflict (getting peers to embrace open source is one that comes to mind for me), spending a part of each day extending your understanding of their ideas such that your ideas can be heard. Do not waste your time and your opposite's by re-iterating unhearable words. Doing so is not only non-communication in the moment, it is building a context of non-communication across the long term.
Understand that the search for truth is futile. There is no truth in enterprise architecture, only usefulness. I know that some wise peer of mines will ask: Is that true, or just useful...
| | View blog reactionsThe next time this phenomena happens to you, attempt to place yourself into one of the following categories:
- cognitive dissonance: People are unconfortable with clashing beliefs
- confirmation bias: People can ignore stuff that contradicts what they want to be true
- disconfirmation bias: People can overly criticize that contradicts what they want to be true
- expectancy effect: People see patterns in support of their ideas where nothing actually exists
- loss aversion: People have asymmetric risk profiles
- status quo bias: People like to stick with what they know
Several months back, I attended a diversity event and learned something that wasn't apparent before I attended. Many of my peers have discussed the notion of diversity in private situations on several occasions. Being that I have a background that lets me check several EEOC categories, I felt it was important to set them straight on a couple of issues.
Within many companies, the trend of hiring folks from insulting firms and putting them into senior positions is on the rise. Was thinking about starting my own diversity club and will invite anyone who wants to get promoted but hasn't worked for one of these firms. I wonder what HR would think?
Getting back on track, diversity is not about how you see others, it is about understanding how others see you! In order to figure out the why enterprise architects defend bad ideas requires you to see things in through their glasses and their experiences, not through your own.
One action item that comes to mind is that enterprise architects need to practice saying only those things that the people around you can hear. For an ongoing conflict (getting peers to embrace open source is one that comes to mind for me), spending a part of each day extending your understanding of their ideas such that your ideas can be heard. Do not waste your time and your opposite's by re-iterating unhearable words. Doing so is not only non-communication in the moment, it is building a context of non-communication across the long term.
Understand that the search for truth is futile. There is no truth in enterprise architecture, only usefulness. I know that some wise peer of mines will ask: Is that true, or just useful...
Tuesday, December 27, 2005
IBM retires OS/2
IBM officially retired OS/2 Warp from their product line last week which closes the book on what was the most advanced operating system when it was released in the early 1990’s.
OS/2 diehards have signed a petition asking IBM to release the OS as open source but they have not responded to that request. IBM has recommended that current OS/2 users switch to Linux.
| | View blog reactionsOS/2 diehards have signed a petition asking IBM to release the OS as open source but they have not responded to that request. IBM has recommended that current OS/2 users switch to Linux.
Outstanding questions for Industry Analysts on Open Source
There are lots of research published on open source but somehow there seems to be many unanswered questions in the minds of folks in corporate America. Industry analysts may be well-served if they provide the answers to the below questions:
I wonder if the folks over at RedMonk have any thinking on these questions?
| | View blog reactions- How can human resource departments find talented people from the open source community so I can support open source internally?
- Which corporations whose business is not technology are currently contributing to open source projects?
- Which open source projects are pervasively implemented in my particular industry vertical?
- Where would I expect to see non-commercial open source projects beat proprietary vendor products?
- What are some "best practices" for corporations who would like to contribute to the open source community?
- How can corporations participate in creating open-source industry analysis?
I wonder if the folks over at RedMonk have any thinking on these questions?
Monday, December 26, 2005
Secure J2EE, Federated Identity and XACML
Several weeks ago I had a conversation with one of my favorite industry CTOs around his company: Securent and usage of XACML 2.0 for policy enforcement. Figured out his company has a wonderful product offering that I hope several analysts will look into. The one thing though that I did conclude is that more vendors need to get behind the XACML specification and incorporate it into their product as security shouldn't be defined using proprietary expressions...
Maybe as a christmas gift I could ask my favorite open source projects: Liferay, ServiceMix and JBoss to integrate support for XACML into the next release. Essentially all of these platforms support the same "pattern" and will allow for adding additional security providers. Minimally, there should be two new providers. First, a authorization provider and most importantly a role mapping provider. The notion of roles shouldn't be embedded within each product but should be centrally defined.
One additional feature I would like to see in JBoss is the notion of Identity-Based connection pooling. We all understand the value of connection pooling and how it benefits scalability but we are now constrained within large enterprises on having to protect our databases and have a bucket of laws we have to comply with. The notion of individually identifying users is crucial to Sarbanes Oxley certification which if fully implemented would otherwise be diametrically opposed to connection pooling. The notion of identity-based connection pooling should either select an existing physical connection or create a new physical connection with the specified identity (analogous to Unix SU).
I wonder if the folks at Microsoft have considered putting XACML support into Active Directory? I am even more curious if the folks at IBM would consider extending RACF to support XACML?
Anyway, I haven't been able to find much analyst perspective on XACML, although I am of the belief that it will make a lot of sense for vendors to move towards this direction especially in federated scenarios.
Have to track down Pat Patterson of Sun and Kim Cameron of Microsoft to provide the answer to a question that has been bothering me. I know that SAML 2.0 can support the notion of role entitlement and this could be realized by both the new metadata constructs as well as embedding XACML, but what is the better way?
Likewise, a similar question to Microsoft in my wanting to know if WS-Federation can support the embedding of XACML?
I wonder if Jamie Lewis over at the Burton Group may know the answer to my question?
| | View blog reactionsMaybe as a christmas gift I could ask my favorite open source projects: Liferay, ServiceMix and JBoss to integrate support for XACML into the next release. Essentially all of these platforms support the same "pattern" and will allow for adding additional security providers. Minimally, there should be two new providers. First, a authorization provider and most importantly a role mapping provider. The notion of roles shouldn't be embedded within each product but should be centrally defined.
One additional feature I would like to see in JBoss is the notion of Identity-Based connection pooling. We all understand the value of connection pooling and how it benefits scalability but we are now constrained within large enterprises on having to protect our databases and have a bucket of laws we have to comply with. The notion of individually identifying users is crucial to Sarbanes Oxley certification which if fully implemented would otherwise be diametrically opposed to connection pooling. The notion of identity-based connection pooling should either select an existing physical connection or create a new physical connection with the specified identity (analogous to Unix SU).
I wonder if the folks at Microsoft have considered putting XACML support into Active Directory? I am even more curious if the folks at IBM would consider extending RACF to support XACML?
Anyway, I haven't been able to find much analyst perspective on XACML, although I am of the belief that it will make a lot of sense for vendors to move towards this direction especially in federated scenarios.
Have to track down Pat Patterson of Sun and Kim Cameron of Microsoft to provide the answer to a question that has been bothering me. I know that SAML 2.0 can support the notion of role entitlement and this could be realized by both the new metadata constructs as well as embedding XACML, but what is the better way?
Likewise, a similar question to Microsoft in my wanting to know if WS-Federation can support the embedding of XACML?
I wonder if Jamie Lewis over at the Burton Group may know the answer to my question?
Sunday, December 25, 2005
The Martyrdom of Stanley "Tookie" Williams...
The day begins, with a grin And a prayer to excuse my sins...
I am somewhat challenged to rationalize either pro or con for Tookie. Many have cited his being nominated for the Nobel Prize which doesn't really matter because this can occur based on the whims of any handkerchief head professors who think about things in only an academic way. I do acknowledge the following though:
I think the government has some responsibility in not just practicing the law but upholding justice. One would think they would be especially sensitive given the fact that historically speaking, the police departments on that side of town have a pretty bad record. Remember Darryl Gates...
Likewise, you would think that there are enough race baiters and poverty pimps pushing for the clemency of a quadruple murder solely because of his skin color. Maybe these folks too need to focus on justice.
You'd think that people would be marching in the streets demanding his death sooner if they really cared about their communities and wanting to rid them of gang violence, black on black crime, and a whole plethora of ills associated with the kind of inner city drug crime that gangs like the Crips and Bloods helped to exacerbate. Alas this is not ever going to happen...
I wonder why the media never really discusses the victims and the children's books they did not get to write? I wonder if the media will ever discuss the joys of marriage and parenthood that they would never experience.
I haven't convicted Tookie to death in my own mind as we are supposed to be a society where if there is even one iota of doubt we should find people free. I do convict Tookie of another crime though and that is of Sedition. Anyone, who takes deliberate negative action against others within their community are guilty as charged.
Tookie was convicted and murdered by Arnold. I wonder if Tookie would be man enough to acknowledge that regardless of one's ability to transform himself that the better answer was for his life to be terminated? I wonder if he ever thought about how ending his own life would benefit the community at large? I wonder if both Tookie and Arnold will ever acknowledge the error of their ways...
I would have loved to hear the voices of the relatives of victims and their thoughts on this matter as their opinions matter more than anyone else on the planet. Noble religions such as Islam confer the rights upon the victims families to determine the outcome. If they choose to forgive then Tookie could have been freed. Likewise, if they choose not to forgive his life would have still been ended. This is real justice when society allows the real victims to make their own choices.
Maybe we have it all twisted when it comes to the Middle East. Maybe it is us Americans that need liberating? Maybe we need to free our own minds so that we can see through the eyes of others? Maybe the world will move along and be more concerned about the latest fashion statement made by Paris Hilton than anything that actually matters...
| | View blog reactionsI am somewhat challenged to rationalize either pro or con for Tookie. Many have cited his being nominated for the Nobel Prize which doesn't really matter because this can occur based on the whims of any handkerchief head professors who think about things in only an academic way. I do acknowledge the following though:
- None of the physical evidence found at the crime scenes, including fingerprints and boot prints, matched Tookie's.
- The main evidence against Tookie was the testimony of jailhouse informants who claimed he had confessed to the murders. All of the so-called witnesses were themselves facing serious felony charges and had very strong motivations to make a deal with the authorities to reduce their own sentences. The Ninth Circuit Court of Appeals even admitted in 2002 that the informants had "less-than-clean back grounds and incentives to lie in order to obtain leniency from the state in either charging or sentencing."
- The prosecutor in the original case, Robert Martin, moved the trial from Los Angeles to Torrance, a predominantly white, highly conservative neighborhood. (Robert Martin was later censured twice by the California Supreme Court for his racist practices, leading to death sentences in two of the cases he prosecuted being overturned!)
- All of the African-Americans in the jury pool were dismissed and Tookie's case was heard by an all-white jury.
I think the government has some responsibility in not just practicing the law but upholding justice. One would think they would be especially sensitive given the fact that historically speaking, the police departments on that side of town have a pretty bad record. Remember Darryl Gates...
Likewise, you would think that there are enough race baiters and poverty pimps pushing for the clemency of a quadruple murder solely because of his skin color. Maybe these folks too need to focus on justice.
You'd think that people would be marching in the streets demanding his death sooner if they really cared about their communities and wanting to rid them of gang violence, black on black crime, and a whole plethora of ills associated with the kind of inner city drug crime that gangs like the Crips and Bloods helped to exacerbate. Alas this is not ever going to happen...
I wonder why the media never really discusses the victims and the children's books they did not get to write? I wonder if the media will ever discuss the joys of marriage and parenthood that they would never experience.
I haven't convicted Tookie to death in my own mind as we are supposed to be a society where if there is even one iota of doubt we should find people free. I do convict Tookie of another crime though and that is of Sedition. Anyone, who takes deliberate negative action against others within their community are guilty as charged.
Tookie was convicted and murdered by Arnold. I wonder if Tookie would be man enough to acknowledge that regardless of one's ability to transform himself that the better answer was for his life to be terminated? I wonder if he ever thought about how ending his own life would benefit the community at large? I wonder if both Tookie and Arnold will ever acknowledge the error of their ways...
I would have loved to hear the voices of the relatives of victims and their thoughts on this matter as their opinions matter more than anyone else on the planet. Noble religions such as Islam confer the rights upon the victims families to determine the outcome. If they choose to forgive then Tookie could have been freed. Likewise, if they choose not to forgive his life would have still been ended. This is real justice when society allows the real victims to make their own choices.
Maybe we have it all twisted when it comes to the Middle East. Maybe it is us Americans that need liberating? Maybe we need to free our own minds so that we can see through the eyes of others? Maybe the world will move along and be more concerned about the latest fashion statement made by Paris Hilton than anything that actually matters...
Saturday, December 24, 2005
Enterprise Architecture: Vendor Claptrap: What vs. How
Glad to see others are somewhat frustrated with Management by Magazine and how they are ruining enterprise architecture by only quoting industry analysts and vendors.
Check out: Enterprise Architecture: Vendor Claptrap: What vs. How
| | View blog reactionsCheck out: Enterprise Architecture: Vendor Claptrap: What vs. How
Friday, December 23, 2005
Analysts and Software Vendors Unite: Bring me great gifts for the holidays!
Tis the season to be jolly and bring gifts to enterprise architects worldwide. Figured instead of letting lots of folks get it wrong, I would present my holiday wishlist...
Jon Udell, I desire two big favors of you. I really, really, really, really, really would appreciate if you could cover the notion of open source industry analysis in an upcoming column. I know you have mentioned it in your blog but traditional print will help get the importance of this emerging trend in front of all those CIOs us enterprise architects have to deal with who practice Management by Magazine. My second request of you is that I feel I have let you off the hook in terms of you using the world analyst in your own title but disclaiming association. In all reality, I believe that Infoworld is equally guilty of the same questionable guidance practiced by other folks with the title analyst in that they too never seem to compare non-commercial open source product offerings next to commercial proprietary offerings in the test lab. If in the new year, the lab happens to look at either Portals or Enterprise Service Bus, I ask that you throw both Liferay Enterprise Portal and ServiceMix into the product mix. I know you have a ton of integrity and will bring integrity back to the test lab for all readers to see...
James and Stephen oh wise industry analysts from RedMonk I would appreciate your wisdom in helping me as a customer address problems in the industry analysis space. You may have figured out that I read your blogs religiously. My problem is simple. If you are familiar with the process within a large enterprise you are probably aware that an otherwise bad idea that is backed with an industry analyst report is an easier sell than a kick butt well-thought out innovative approach with no supporting documentation. Many of my peers are truly smart individuals but have a difficult job in selling because analysts aren't really providing the documentation that no one really reads for us to do our own jobs. For example, I would love advice on influencing other industry analyst firms to convince the folks at Radicati,Ovum and other large analyst firms that they really should list non-commercial open source projects right alongside commercial proprietary offerings. This would help make our strategy around open source much easier.
Shahin, your company has a lot of really smart people, can they come out and play? You have some really innovative technology. I would love for Azul to start teaching the rest of the planet on how to write extremely scalable multi-threaded Java applications. Lots of proprietary closed-source products simply don't scale in normal environments. Help us folks in the enterprise get scalable enterprise applications from these vendors by creating a 100% publicly available reference architecture outlining practices for running on 384 CPUs. And, while you are working on this, please encourage your CTO Gil Tene and Cliff Click to start blogging...
Brenda, your firm Patricia Seybold Group is really cool. In many ways you are giving RedMonk a run for the money. I recently had the opportunity to read one of your reports and realize that you know SOA deeper than other analyst firms in this space. Hope you don't mind if I direct enterprise architects from other organizations towards your work? I really love when I read a report from an analyst firm and it actually contains references to sources vs the usual practice of only referring to other documents created by the analyst firm itself. This not only shows integrity but real leadership. I wonder if other bloggers in the blogosphere will follow your lead...
Microsoft and Sun Bloggers, I know that you both are passionate about your creations but for a moment could you take the opportunity to listen to the wishes and desires of your customers? I achieved my MSCE and MCSD in 1994 (MCP #9079) yet I equally understand the value proposition that J2EE provides. Both technologies allow me to solve business issues with equal costs, qualities and other attributes. If someone were to ever ask me my own personal off-the-record opinion as to which one I prefer better, it would probably be based more on my recollection of which company sent me the coolest laptop bag. My opinion would definitely be swayed if I got a Ruby on Rails bag before one labelled .NET or Java...
Christopher Koch of CIO Magazine I would love for you tell the real story regarding open source. There are several large Fortune 200 enterprises that not only use open source but actually contribute to it. Note, that I am not asking you to write an article about my own undertakings or that of my peers (you are welcome to do so though) but really believe it is important that other CIOs get to hear the story that is less frequently told. For example, maybe you could tell the story of all of the wonderful things that folks over at Morgan Stanley are doing with open source and how developers while on the clock get paid to write software freely. Maybe you could tell the story about the folks on Wall Street (too many to name) that are working on developing an open source replacement for IBM MQ/Series. While you are at it, maybe you could tell the story of the folks over at Duke Energy and their wonderful contribution of their .NET framework so that the myth that open source doesn't exist in Microsoft land can be put to rest.
To all of the folks who happen to read my blog, I ask you to of one simple favor. There are many people in this planet that are lonely, hungry and simply need a helping hand. I have listed several of my favorite charities for 2005 (in no particular order) and ask that you consider making a small donation to any of them...
| | View blog reactionsJon Udell, I desire two big favors of you. I really, really, really, really, really would appreciate if you could cover the notion of open source industry analysis in an upcoming column. I know you have mentioned it in your blog but traditional print will help get the importance of this emerging trend in front of all those CIOs us enterprise architects have to deal with who practice Management by Magazine. My second request of you is that I feel I have let you off the hook in terms of you using the world analyst in your own title but disclaiming association. In all reality, I believe that Infoworld is equally guilty of the same questionable guidance practiced by other folks with the title analyst in that they too never seem to compare non-commercial open source product offerings next to commercial proprietary offerings in the test lab. If in the new year, the lab happens to look at either Portals or Enterprise Service Bus, I ask that you throw both Liferay Enterprise Portal and ServiceMix into the product mix. I know you have a ton of integrity and will bring integrity back to the test lab for all readers to see...
James and Stephen oh wise industry analysts from RedMonk I would appreciate your wisdom in helping me as a customer address problems in the industry analysis space. You may have figured out that I read your blogs religiously. My problem is simple. If you are familiar with the process within a large enterprise you are probably aware that an otherwise bad idea that is backed with an industry analyst report is an easier sell than a kick butt well-thought out innovative approach with no supporting documentation. Many of my peers are truly smart individuals but have a difficult job in selling because analysts aren't really providing the documentation that no one really reads for us to do our own jobs. For example, I would love advice on influencing other industry analyst firms to convince the folks at Radicati,Ovum and other large analyst firms that they really should list non-commercial open source projects right alongside commercial proprietary offerings. This would help make our strategy around open source much easier.
Shahin, your company has a lot of really smart people, can they come out and play? You have some really innovative technology. I would love for Azul to start teaching the rest of the planet on how to write extremely scalable multi-threaded Java applications. Lots of proprietary closed-source products simply don't scale in normal environments. Help us folks in the enterprise get scalable enterprise applications from these vendors by creating a 100% publicly available reference architecture outlining practices for running on 384 CPUs. And, while you are working on this, please encourage your CTO Gil Tene and Cliff Click to start blogging...
Brenda, your firm Patricia Seybold Group is really cool. In many ways you are giving RedMonk a run for the money. I recently had the opportunity to read one of your reports and realize that you know SOA deeper than other analyst firms in this space. Hope you don't mind if I direct enterprise architects from other organizations towards your work? I really love when I read a report from an analyst firm and it actually contains references to sources vs the usual practice of only referring to other documents created by the analyst firm itself. This not only shows integrity but real leadership. I wonder if other bloggers in the blogosphere will follow your lead...
Microsoft and Sun Bloggers, I know that you both are passionate about your creations but for a moment could you take the opportunity to listen to the wishes and desires of your customers? I achieved my MSCE and MCSD in 1994 (MCP #9079) yet I equally understand the value proposition that J2EE provides. Both technologies allow me to solve business issues with equal costs, qualities and other attributes. If someone were to ever ask me my own personal off-the-record opinion as to which one I prefer better, it would probably be based more on my recollection of which company sent me the coolest laptop bag. My opinion would definitely be swayed if I got a Ruby on Rails bag before one labelled .NET or Java...
Christopher Koch of CIO Magazine I would love for you tell the real story regarding open source. There are several large Fortune 200 enterprises that not only use open source but actually contribute to it. Note, that I am not asking you to write an article about my own undertakings or that of my peers (you are welcome to do so though) but really believe it is important that other CIOs get to hear the story that is less frequently told. For example, maybe you could tell the story of all of the wonderful things that folks over at Morgan Stanley are doing with open source and how developers while on the clock get paid to write software freely. Maybe you could tell the story about the folks on Wall Street (too many to name) that are working on developing an open source replacement for IBM MQ/Series. While you are at it, maybe you could tell the story of the folks over at Duke Energy and their wonderful contribution of their .NET framework so that the myth that open source doesn't exist in Microsoft land can be put to rest.
To all of the folks who happen to read my blog, I ask you to of one simple favor. There are many people in this planet that are lonely, hungry and simply need a helping hand. I have listed several of my favorite charities for 2005 (in no particular order) and ask that you consider making a small donation to any of them...
- American Heart Association
- M.I.S.S. Foundation
- Not in My Name
- Global Fund for Women
- Artists helping Children
Thursday, December 22, 2005
Alternative Thinking on Business Rules Approaches
For enterprises who are intrigued by use of business rules approaches, may have already figured out that the industry analyst community has somewhat left their quest for knowledge unfulfilled. Coverage of vendors in this space including the likes of iLog, Blaze Advisor and others is simply lacking. I wonder if there are any analyst firms with integrity that cover this space and I am simply not familiar with their offerings...
One notion that is on my radar is the notion of event stream processing. This seems to be something that can be used in large enterprises that need to use rules-based approaches but also need to feed their rules engines large XML documents. Rules engines can be thought of as somewhat event driven but current practice makes them somewhat DOM oriented. Newer generations are having the capability of reading streams.
Event Stream Processing, or ESP, is software technology that enables applications to monitor multiple streams of event data, analyze them in terms of key performance indicators that are expressed in event rules, and act upon opportunities and threats in real time, potentially by creating derived events, or forwarding raw events. For example, an airline might process event feeds of flight positions and weather, monitoring, constantly analyzing and looking for conditions that provoke action, such as to propose a new flight route or rebook a passenger.
There are several vendors in this space that have unique value propositions to large enterprises. The analyst that studies this space may not only have the opportunity to dominate but may have the opportunity to find additional clients in terms of software vendors. Here are some of the firms that are intriguing:
To my fellow architects in Fortune 100 enterprises, you seriously need to look at these types of technologies and ignore the hype around AJAX and Web 2.0. Focus on adding value to your business...
| | View blog reactionsOne notion that is on my radar is the notion of event stream processing. This seems to be something that can be used in large enterprises that need to use rules-based approaches but also need to feed their rules engines large XML documents. Rules engines can be thought of as somewhat event driven but current practice makes them somewhat DOM oriented. Newer generations are having the capability of reading streams.
Event Stream Processing, or ESP, is software technology that enables applications to monitor multiple streams of event data, analyze them in terms of key performance indicators that are expressed in event rules, and act upon opportunities and threats in real time, potentially by creating derived events, or forwarding raw events. For example, an airline might process event feeds of flight positions and weather, monitoring, constantly analyzing and looking for conditions that provoke action, such as to propose a new flight route or rebook a passenger.
There are several vendors in this space that have unique value propositions to large enterprises. The analyst that studies this space may not only have the opportunity to dominate but may have the opportunity to find additional clients in terms of software vendors. Here are some of the firms that are intriguing:
To my fellow architects in Fortune 100 enterprises, you seriously need to look at these types of technologies and ignore the hype around AJAX and Web 2.0. Focus on adding value to your business...
Wednesday, December 21, 2005
Five Predictions for 2006
Now is the time that everyone comes out of the woodwork making their predictions for what will happen in 2006. Why should I be any different?
Here are my top five predictions...
I did have a sixth prediction that George Bush would be impeached, but didn't want to say anything...
| | View blog reactionsHere are my top five predictions...
- Enterprise Service Bus: ServiceMix will actually become the number one most recommended enterprise service bus and will be listed in the leader position for both magic quadrants and wave reports. In fact, analysts will start listing non-commercial open source projects right next to commercial proprietary product offerings in order to bring integrity to the world of industry analysis
- Liberty Alliance: Project Liberty will change its membership criteria and remove all membership fees for end-users (They will continue to charge software vendors) in order to further accelerate the need for federated identity within the marketplace. Industry analysts covering this space will then encourage folks in large enterprises to participate on these types of efforts since they no longer have to justify to the business why they are spending money on technology related consortiums. Oasis and the Object Management Group will follow the lead of Project Liberty in this regard.
- Free Software and Open Source: Open Source visionary, Eric Raymond for a second time will be recruited by Microsoft and reject their offer, however he will instead become an industry analyst and use the opportunity to start educating corporate America about the benefits of open source. In this endeavor, he will partner with Richard Stallman. After all, many of the great analyst firms nowadays are simply two guys with a passion. In the meantime, Bruce Peren's company will be purchased by a very large vendor and he will change his perspective that closed source software is good for the economy.
- Web 2.0:Many publishers will jump on the bandwagon commissioning authors to write books on Web 2.0 and they will all lose money because enterprises are now aware of all the hype and instead will stay focused on topics that matter to them such as Enterprise Service Oriented Architectures, J2EE, Enterprise Architecture and Web Services. Conferences on Web 2.0 will also lose their shirt.
- Technology and Education: $100 laptop will not only be successful but will become $50 as many folks from corporate America will open their wallets as they understand the value proposition of educating folks in third-world countries can bring to their own bottom line. Bill Gates will personally fund deployment of these laptops for all school children in Trinidad.
I did have a sixth prediction that George Bush would be impeached, but didn't want to say anything...