Jeff Jaffe’s Blog

Two valued franchises

Novell has a broad software portfolio that appeals to many customers. Two of the very important products that our customers enjoy are NetWare and GroupWise.

Of strategic importance to Novell is to grow the value that our customers and partners gain from having made investments in these products. It is the right thing to do for our stakeholders, and the right thing to do for Novell.

Two different approaches

In observing the various product evolution strategies employed by successful vendors in the software industry, there are two major approaches to growing the value of franchises. I call them (1) the proprietary approach and (2) the open approach.

A software company that uses the proprietary approach to extend the value of products understands the fundamental direction of core technology and customer needs, and uses its own R&D resources to infuse required enhancements into the franchise.

A company that uses the open approach understands the direction of core technology and customer needs as well as the long-term direction of industry investment. The company moves the existing franchise to a different platform to take advantage of the larger investment underway in the industry. The company, together with a broader eco-system, infuses required enhancements into the franchise.

A simple comparison

Which approach is better in general? There is no simple answer. The open approach is typically more disruptive. For the vendor, this might mean an initial additional investment; for the customer, this may mean learning new skills.

On the other hand, once the transition is complete the open approach results in faster innovation and more relevance than the vendor could possibly achieve by themselves.

It is a gutsy decision for a company to decide that it is time to transition the franchise to a new technology base. It always causes a short-term delay in delivering needed enhancements to customers. Focusing on the long-term is a critical responsibility for a vendor – but it is very difficult to make a long-term decision in the face of immediate customer demands for the next feature.

Some history

There are many opinions about what is the best approach to use in given circumstances. People debate what is the best course for the future, endlessly. Before we engage in the debate, it is helpful to get grounded in history. History records what has already happened. It does not necessarily answer questions about the future, but it provides a base to reason from.

There are numerous examples of the proprietary approach. Today, Microsoft follows this approach for their Windows franchise. They are the ones that provide the enhancements to the core operating system. They get limited input from partners and instead use their own R&D to address what they view as the important customer/technology drivers.

But it is more challenging to contemplate when the time arrives to move to an open approach. In my years at IBM, I saw many examples – some successful, some less successful.

The creation of today’s strong IBM middleware business had its roots in an open approach. IBM had first created a software business as an extension of its MVS, S/370 business. It created numerous software businesses: notably database, transaction processing, systems management, and messaging. The software in its early instantiation was anchored in the mainframe.

IBM could have decided to leave that franchise where it was. Instead, IBM decided to port the software to multiple distinct operating systems. From then on, IBM’s software would have a wide dynamic range of price performance tradeoffs – by running on midrange servers or PC-based servers. This change first created a successful multi-platform DB2 business. It also became the basis for the creation of a rich software portfolio that leveraged industry standard interfaces, was multi-platform, and could easily absorb additional function via acquisitions.

On the other hand, IBM was less successful with its proprietary Systems Network Architecture (SNA) networking standard. SNA was an architecture that guided numerous successful hardware and software businesses. In the mid-1980s, TCP/IP began to emerge as the standard industry protocol. Rather than rapidly moving its networking franchise to the emerging industry standard, IBM instead chose to respond to new technology and customer needs on its existing platform. There were numerous debates within IBM. Those of us in IBM Research pushed for rapid embrace of TCP/IP. In the end, IBM chose not to move its franchise until it was too late, and SNA ceased to be a force in the industry.

Novell had a similar experience with IPX. Due to performance advantages, Novell held it longer than it should have. Novell eventually moved NetWare to support TCP/IP.

It’s interesting. I recently met with a large Novell customer in the financial industry. They were still a loyal user of SNA/3270 protocols. I asked them why! They reminded me that SNA still had some features that were truly great – better than TCP/IP. Yes, they were moving their infrastructure over time to TCP/IP, but for some applications they were staying with SNA.

Then I asked them whether they would have preferred if their vendor would have gracefully moved them over to TCP/IP. Yes, that was the right answer!

History is full of examples. Successful franchises use proprietary approaches and succeed. Successful franchises use proprietary approaches and fail. Successful franchises evolve to leverage the open industry and succeed. What applies in a particular case? Judgment.

NetWare

Long before I arrived at Novell, the company was confronted with a similar choice. What was the best way to add value to customers and partners that were involved in the NetWare franchise? Novell made the tough decision to move to an open approach. I think they got it 100% right. Here’s why.

NetWare is a great platform for client/server computing, storage management, and administrative control of these features. Customers love it and use it as the base for many of their applications. It also provides a core operating systems capability. Here is where the value becomes less clear. Today, it is clearly not a growing operating system. Because operating systems are designed to do so much, sustaining them (i.e. keeping them up to date and responding to changes in hardware technology and customer needs) – requires a great deal of investment – investment that does not feed differentiation because most of it simply duplicates comparable investments in other operating systems. The true value of the NetWare franchise is in its services that work on top of the operating systems kernel.

This is looking like IBM in the 1980s and 1990s. The IBM middleware team figured it out. Their value was in their services. It was not in a tight tie to the MVS platform. The IBM SNA team did not figure it out. Their unique value was related to the quality of their hardware and software – not the protocol, as they thought. By tying their future to the protocol, they became irrelevant.

So by analogy, if the value of NetWare is in the services – it is time to shift the model. It is time to get these trusted NetWare services on a standard operating system platform and let the industry infuse innovation into the product. So roughly one year ago Novell launched its Open Enterprise Server product, a product which began the transition of NetWare services to an industry standard platform – Linux.

Opposing points of view

I have discussed Novell’s decision with many customers. I remember during BrainShare in March going to a meeting of Novell Users International (NUI) and discussing this decision that Novell made several years ago. Although the decision was made a long time ago and the product has been out over a year, there are still concerns about the decision.

One set of concerns are from people who believe that with enough attention, Novell still has the possibility to invest in the NetWare operating system and keep up with Windows and Linux. I respect this point of view. Honest people can differ. But I don’t agree with this point of view.

Another set of concerns are more immediate. Current customers and partners have a great deal invested in NetWare and are aching for the next feature. I really understand this perspective because it appears in every single platform transformation. When IBM was investing in multi-platform middleware, they were disinvesting in mainframe software. Investment decisions are made, and there could be needed features that cannot be provided in the short term. But this does not change the fact that the migration is the right long-term decision for both the vendor and the customers.

Still a different set of concerns relate to “how the transition was done.” People with these concerns agree conceptually with the move. After all, Linux clearly is the platform of the future. However, they feel that more could have been invested in migration aids. While this point is debatable, it is worth listing what Novell has done to help with migration:

• Virtually all of the NetWare services now run on Linux and are managed the same way using the same tools as were in NetWare.
• Migration tools are built into Open Enterprise Server to ease the transition to Linux.
• Customers can run a mix of NetWare and Linux servers in the same environment so they can migrate at their own pace.
• Migration assistance is available through the deployment web site: www.novell.com/deployment
• Free online NetWare to Linux training is available at www.novell.com/netwaretolinux.
• Focused migration assistance is available through dedicated consulting practices.
• Novell has committed to ten years of support for NetWare – so customers can move at their own pace rather than as a forced march.
• The next version of Novell Open Enterprise Server will allow virtualization of NetWare on Linux so customers can retain a NetWare environment, but gain all the advantages of Linux (e.g.: hardware, driver and application support).

Where does the platform go from here?

I started this post by talking about NetWare and GroupWise – and the path to enhance them. As always, I got involved in something else – namely the logic for moving to open platforms. So we will return to the strategies for NetWare and GroupWise more directly in the next post.

In my last post I described emerging market forces that are creating a new segment of software infrastructure: the infrastructure for corporate governance. I described how two key components, user management and workflow, already exist in identity management systems (such as Novell’s award-winning Identity Manager). (By the way, e-Security also has a workflow system to further strengthen this part.) The missing piece was an event management system that manages relevant and correlated events. Best in the industry is e-Security. Here’s why.

Functional description

E-Security’s product directly addresses the ever-increasing security threats and regulatory pressures, and it allows businesses to:

• Gain the visibility and insight required to manage a security environment more cost-effectively.
• Continuously monitor compliance with internal policies and government regulations (e.g. SOX, HIPAA, GLBA, FISMA, NISPOM, DITSCAP).
• Identify and resolve incidents faster and more cost-effectively through centralized, automated collection and resolution of threat and policy data.
• Provide operational metrics to continually assess security/compliance posture.
• Reduce operational costs associated with compliance monitoring, incident identification, and remediation.

Technical innovation and design

To achieve these goals, e-Security’s architecture emphasizes the five following attributes in terms of scalability, in-memory computational method, real-time threat analysis, reporting analytics, and event collector flexibility without compromising performance:

1. Scalable platform built on a message bus backplane, which handles the increasing data volume of corporate governance in a consistent way. Despite any temporal data floods on the network, e-Security’s message bus is able to reliably handle messages in flight, ensuring a high degree of reliablity and durability for each of the business-critical events sent from corporate governance’s devices and/or applications sources.
2. In-memory correlation algorithm for real-time threat analysis of ever-growing data volumes from any source across the enterprise related to corporate governance.
3. Visibility into data for instant analysis and collaboration via virtual situation rooms, Security Operation Centers (SOC) or Network Operation Centers (NOC).
4. Scheduled or on-demand accessibility to a wealth of security and compliance data for historical analysis, trending and reporting.
5. Flexible collector mechanisms to monitor the increasing variety of event sources across the corporate network, including firewalls, routers, biometric devices, mainframes, databases and applications.

Software architecture

The product is composed of three component subsystems, which form the core of its functional architecture:

1. Message Bus Platform – an event-driven scalable framework
2. Data Source Integration – an extensible collector framework
3. Application Integration – an extensible application framework

The software treats both “services” and “applications” as abstract service endpoints which can readily respond to asynchronous events. Services are “objects” that do not need to understand protocols or how messages get routed to the peer services. Adding all these attributes together summarizes how and why e-Security’s product established itself as the best in the industry.

The creation of an ecosystem: through architecture and partnerships

Message bus

Corporate governance applications are potentially tracking large number of events. This was anticipated by Sentinel’s scalable message bus. This message bus enables not only the communication of event information between Sentinel components, but it also enables Sentinel to pass events to other interested applications (e.g. Identity Manager). In-memory algorithms are used to further improve performance and scale, and provide real-time identification of “governance events”.

Connectors taxonomy

It is uncertain what the ultimate breadth of corporate governance will be. It is critical that the underlying architecture enables the collection of events to be very extensible. In this way, if new types of devices are added, a flexible taxonomy makes it easy.

Sentinel has already proved itself in this area. Initially, event monitoring started as a network vulnerability issue (which of course persists as a key issue today). Later, as compliance reporting emerged as a new area, software components became new data sources. Sentinel’s extensible architecture allowed a simple focus to a new class of sources.

Today, the security perimeter, software components, operating systems, applications, and devices can all be sources in this infrastructure.

Ecosystem

Aside from having an architecture that encourages diversity in data source types, e-Security as a business has secured a partnership with over one hundred partners in their ecosystem. In the industry, they are the incumbent for event management.

With a heritage in network security, a large set of partners in e-Security’s ecosystem are network device partners. We will marry this with Novell’s I/T partners and further build out the ecosystem.