By now we all know that passionate hackers are very smart and they will always have a edge over whatever known systems we can create (Firewall, IPS etc). Even the best SIO (Security Intelligence Operations) team cannot possibly know of each and every malware in advance so a traditional approach of IPS or Malware detection based on signature is so stone age thing now.
What is behind these recent acquisitions by Palo Alto Networks and FireEye ? Domain Talent and Virtualization
1) Cost Plus
2) EVC (Economic Value to Customer)
3) Competitive Marketplace
2) Break down your costs into buckets (Server, support, manpower, gas, commute, task time, delivery model and expertise) and then have a variable formulae based on weightage to what you have in plenty and what is scarce for you.
3) Research your industry (business cycle, technology trend)
4) Research your customers (segment the market, are you their strategic partner, long term potential).
When growth comes to standstill or products start to become commodity …nothing else matters as much as maintaining your Gross Margin.
A company can have stagnant revenue but Wall Street will still reward it's shares if it show profitability growth and how do you do it? Look no further than Gross Margin.
Essentially the five pillars of Gross Margin improvement are:
- Financial Planning
- Operational Effectiveness
- Pricing Optimization
- Product Management
- Sales Effectiveness
The 8 top most things that come to my mind when we look at GM in high-tech industry from an operations perspective are (in no order of importance).
NMS - (Fixed + variable) OthersPortfolio AlignmentNMS - Freight SavingsOver HeadTransformation SavingsSupplier SavingsProduct and Theater MixRoyalty Management
We will drill down into each some other day in a white paper.
2) Additional security around Access & Authorization
3) You earn your money every day and every moment, so it is not a traditional sell once and forget till the next new producty is available. If you fail customers may not and will not renew the subscription. So you have to develop SaaS with some stickiness feature like creating a website with lowest bounce rate and higher CTR (click through rate). so that there is highest probability of customers renewing.
4) Special considerations for On Demand / Multi Tenacy of the product / solution.
5) Much higer emphasis on Disaster Recovery, Peak Load and High Availablity.
6) One size does not fit all, so how would you provide innovation in cloud? How to empower customers in cloud so that they can maintain their cuttting edge by intelligent customizations.
- Google Trends - find temporal trends in search word usage on the internet
- Google Insights for Search - estimate relative importance of search terms with trends by geographical regions
- Google Analytics - web analytics solution that gives insight into your website traffic and marketing effectiveness
- Quantcast - monitor website traffic and effectiveness of marketing communications to customers. This give Demographics info of Visitors. You can also use Microsoft AdCenterLabs to analyze demographics.
- Hitwise - ISP data, can be used to analyze how people get to, spend time in and depart from websites, large sample size
- Alexa - web traffic metrics based on voluntary anonymous tracking of people who have signed up for free, large sample size
- Comscore - web traffic metrics based on voluntary tracking of people who have signed up for a fee, gives much more detailed information but sample size is small
- CrazyEgg - Click density analysis, find out where people are clicking on your webpage (is your design driving people to the right place?)
Landmark achievement for my team - Cisco announced as overall winner for SOA implementation award by CIO magazine and SOA Consortium.
Cisco SOA Team Wins SOA Consortium / CIO Magazine Award
Cisco was recognized by industry experts for its SOA initiatives, platform and implementation successes.
The SOA Case Study Competition highlights business success stories and lessons learned to provide proof points and insights for other organizations considering or pursuing SOA adoption. The contest was open to organizations of all sizes, including government agencies that have successfully delivered business or mission value using an SOA approach.
Switched from Oracle BEA BPM Enterprise Version (on Weblogic) to the Standalone Version for Evaluation Purposes.
At end of last Tuesday I made a call to switch to Enterprise Standalone but the efforts put in were good learning and useful for Standalone Installation as well. So for the purpose of proceeding with evaluation going forward I have shifted to Enterprise Standalone Version as my focus is BPM.
Some learnings or observations .... On the Oracle website they refer to downloading Oracle BPM <?xml:namespace prefix = st1 />Enterprise Administration Guide.pdf but in real scenario there was no such file name. I realized that it was same as Oracle BPM Admin Guide.pdf and the same goes for configuration guide as well. So will not get confused in future :)
Ok so with the ultimate aim being to Deploying and Publishing a New BPM Project I had to go through a series of steps. (For standalone I needed a much smaller set but the practice and drill was worthwhile learning in terms of infrastructure and operationalization of product.
The whole list of steps:
- Creating Directory Service ( need to configure Directory Database Schema)
- Creating a Process Execution Engine ( need to configure a separate Execution Engine Database Schema)
- Configuring Weblogic Server
- Creating Weblogic Server Domain
- Create Oracle BPM Deploy User
- Installing Oracle BPM Deployer
- Creating JDBC Data Sources on BEA Weblogic Server
- Creating JMS Server, Module & Resources
- Configuring the Deployer and Deployment Targets
- Enabling Clustering
- Building and Deploying Application EAR Files
- Deploying and Publishing a New BPM Project
As of now I have Standalone Enterprise BEA BPM configured with Directory (Oracle 10g DB). Engine DB configuration has some issues due to privileges. Make sure you have a friendly DBA to help out.
I am trying to come up with a set of use cases to test out different features.
More next week as I try to put together a list of features .. dully prioritized that I will like to test out.
If you have a challenge for me ...Bring it ON :)
For the next one month I want to be critically evaluating Oracle BPM 10gR3.
Yes this is the new face and name of BEA Aqualogic BPM 6.5 , now with Oraclelization it is called as Oracle BPM 10gR3. Too early to make a comment.
My aim is to see how well Oracle has leveraged and integrated the BEA Aqua logic BPM products with its other products to offer a complete suite.<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
Getting started was easy .... Installed Oracle BPM Studio 10.3.0.0.0 from the link below. To get started
Please visit: http://www.oracle.com/technology/products/bpm/index.html
Here you will find download link – for initially getting your feet wet purposes, download of studio should suffice. Also, there is a tutorial and link to docs.
Installation was smooth, took around 60 Minutes. I referred to this site for the product documentation
One glitch ....
It took me 20 minutes to figure out why the "Launch Workspace" icon was disabled. Figured out that after designing the process I had unfortunately clicked on either "outline" or the "Log Pane" that exist below and clicking on those panes dynamical change the Menu and disable certain icons.
was the collaboartion, group study, projects, assignments and homeworks
for CMU MBA. The other side was my younger one growing up. That was
another MBA (Managing Baby Administration)
Things are finally getting easier as I am approaching the final year of
my MBA. This was a perfect time for me to learn about "Marketing
Management", "Financial Accounting", "Production & Operations
Management" , "Macroeconomics", "Corporate Finance" & "Marketing
Research". With the current ecomonic situation I feel that every day I
use my Business & Financial learnings to analyze situations.
Here is a recent picture from one of the CMU social networking events.
Program Overview: I have been fortunate that the CMU MBA program is offered at Cisco Campus apart from their West Coast campus ( CMU West - http://west.cmu.edu/ ) in the Moffet Field (you can see signs on 101 north near Moffet Field exit). This is very handy at times when I need to hop out of meetings and join the class within minutes of getting out of office. It is first time at Cisco but the program itself was started in 1996.
Part Time program has same admission/graduation criteria as it exists for Full/Part-time students in CMU Pittsburg Campus. More info at: http://www.tepper.cmu.edu
If you need more information please feel free to get in touch.
SOA on SOA !! - Bring the discipline of SOA to service development and creation in your organization.
SOA on SOA!!
It was difficult to put the most appropriate words to my thoughts but what I am trying to bring out is that SOA implementation should not burden the service providers and consumers to go through the burden of learning all the latest standards, tools & technologies.
They should just worry about their business logic and there should be a framework which transparently takes care of making that business logic a service as in SOA world while adhering to their company's enterprise policies, processes and standards.
How to enable this? Enterprise architects should closely watch two upcoming standards - SCA & JBI.
JBI is JSR 208 and called as Java Business Integration. SCA is Service component architecture.
JBI is used by system integrators during physical deployment (customers and end users do not see this). It helps in management & interoperability of your SOA infrastructure.
SCA has a design and composition perspective. It is used by developers to annotate or put notes in their code to describe service and their dependencies.
The aim is to create a virtual container for hosting services. This way services can be plugged into ESB or into an existing Policy Manager. It will be independent of language and will help as a framework for exposing business logic as service.
The other significant benefits I see are
- Consistent deployment & management
- Location Transperancy (Virtualization)
- Policy Enforcement
- Consistent Security Model
- SOA does not means every developer needs to know about WSDL or WS-* or other standards. They need to know the core business logic.
- It might possibly help in transaction coordination.
So let us try to use our own methodology SOA to help in implementation & adoption of SOA.
Here are suggestions that will help you. When making a Buy vs Build decision do the following:
- Consider only the costs that are affected by your decision (example you may or may not decide to buy additionaly 24X7 support)
- Include all Opportunity Costs (are you going to miss on some other core oppurtunity / project in your own industry)
- Ignore Sunk Costs, these are costs that have already been incurred (example can be hardware cost as either version of bought or in house build software will require similar hardware)Calculate total costs of each option. Total cost = fixed (avoidable) costs + variable (avoidable) costs
- Considering "Soft" or "Intangible" cost/benefits, for example future use of product or learning, team reputation or burden (in terms or learning or development), derivative products.
Other Important Hints/Viewpoints
- A very important consideration is to look at the Marginal cost i.e. the cost for deploying an additional host (cpu) with the same software.
- For coming up with oppurtunity cost - look at the nature of technology/product and its maturity level - analysis in the Short Run and in the Long Run
- Look at the service/product provider and its industry - will you be price taker or price chooser? How much can you negotiate? What are hidden benefits/costs of partnership?
- Evaluate options using the net present value (NPV) & internal rate of return (IRR) approach
- A little known fact is about the Basic Accounting ... Is it favourable for company's accounting? - This is very important as software bought is a depreciable asset for organization while software built will be treated as an ongoing expense without any balance sheet asset created out of it.
Answer is a simple and a big NO.
Hence the Architecture Community has an additional and significant responsibility to be the "Change Agents" in the organization. They need to understand basic human nature & group behavior in order to be successful in their SOA or BPM initiative. They need to understand that shift in attitude seldom comes at once. The rate at which different groups, divisions or individuals will adopt these changes will vary by individual, or the type of change or the organizational context.
They need to identify these stages of change and simultaneously work on those while doing their core IT or Business job.
Top 10 areas to address before taking Oracle BPEL Process Manager 10.1.3 to a Production Implementation
Top 10 areas to address before taking Oracle BPEL Process Manager 10.1.3 to a Production Implementation
5th July 2007
1) Version Management (Design Time)
When we are choosing a Source Safe System or Version Control system for Business Processes the consideration are quite different than choosing a Source Safe System or Version Control system for Java, C++ code components. The average user / designer of Business processes is not CODE savvy, they cannot be expected to manually merge code (*.bpel files or *.wsdl files for example). BPEL PM lacks in Design time version management of Business Processes using the jDeveloper IDE. What is needed is a Process Based Development and Merge environment. We need Visibility into Process Repository. So the requirements are different from that of a Component based repository. Consider using a good BPMN / BPA tool.
2) Version Governance (Run Time)
While BPEL PM can maintain version number for deployed BPEL processes, it is still left to an administrator or a Business Analyst to decide which process version will be active at a given point in time and what will be the naming, versioning standard. Since every deployed BPEL Process is a service, so it becomes critical to apply SOA governance methodology to control various deployed and running BPEL Processes.
3) SOAP over JMS (over SSL)
Most of the big corporation and multinationals have policies which restrict use of HTTP traffic from outside world to inside intranet. Moreover they have policies which require the use of a Messaging Layer or an ESB as a Service Intermediatory for persistence, logging, security and compliance reasons. BPEL PM support for bi directional SSL enabled JMS communication is not out of box. It needs to be tried and tested out within your organization and workarounds needs to be implemented.
SOA governance requires authentication and authorization for service access based on a corporate repository and roles defined within them. This is also critical for BPEL Human Workflow (HWF). Make sure to do a small Pilot / POC for integration with your corporate identity repository before taking BPEL PM to production.
BPEL should be used for Orchestration only and not for coding programming logic or hard coded rules. Hence it is important to have a separate Rules Engine. Many rules engine available in Market support Java facts and BPEL Engine Being a Java Engine should integrate out of the Box with these. But some rules engine have the limitation that they can take only XML facts, so it is an overhead to go from Java to XML so as to use XML facts and then marshal back to Java. So make sure that you have sorted out Integration with Rules Engine prior to BPEL production implementation.
BPEL processes and projects can and will expand to occupy all available resources within your organization. These business processes are pretty visible processes within a company and have strict SLAs to meet. Make sure you have a proven and tested reference architecture for Clustering, High Availability and Disaster recovery. There has to be a provisioning process, deployment process and Process Life cycle governance methodology in place before you can fire up all engines in a production environment.
BPEL PM by nature is an interpretation engine and hence there is a performance hit when running long running processes and doing heavy transformations. Plan on doing some stress and load testing on the servers running your Business Processes to get a Ball Park estimate of what is the end to end processing time and how much load can be taken by the BPEL server. Specifically do a capacity planning based on results from these pilot load and stress tests.
Designing a Business Process is more of an art than a science and the same holds for BPEL Business Processes. It is important to understand what will be best practices in your organization in terms of Payload size and length of various Processes and how they are orchestrated. Are you passing across big XML payloads which can be avoided by changing the process and using a technique called as passing by reference? Will that also make your process more efficient and create true Business Services from these processes? Give a consideration to these and spend some white boarding sessions with Business and IT Analysts before creating a BPEL process.
The most cost and resource intensive step in any Integration or Process Orchestration scenario is Transformations. Especially in an orchestration engine like BPEL PM the XML payload goes through multiple massaging steps. If you can design your process flow in such a way that there is minimal of these steps then it will improve the performance of Business Process end 2 end. Also it is a best practice to have an enterprise wide canonical data model derived from some industry wide standard like OASIS, Rosettanet, ebXML etc
BPEL PM is easy to use and makes process orchestration almost a zero coding activity. Also it is pretty easy to learn and hence there is suddenly a bunch of BPEL processes deployed and a bunch of BPEL developers in enterprise once the floodgates are opened.