• Linux Administrator CONTRACT
• NATIONAL SALES MANAGER. WIRELESS...
• Calling All C++ & AI Game...
• Technical Lead
• Wintel Systems Specialist

How to snare an 800lb gorilla

James Borck, Information Age

14/02/2002 17:12:51

It may look like the same old year outside, but inside the IDG test centre, we've been busy evaluating technologies that have the power to reshape enterprise computing in the new year. In other words, we're looking at "disruptive technologies", technologies not quite ripe for mainstream adoption but packing enough latent momentum to spark sudden change in business and IT strategies.

At first glance the moniker of "disruptive" may be misleading. These are not annoying technologies, like mobile phones chirping during Lord of the Rings or pop-up instant messages from your co-workers asking if you can take a smoke break in five.

Rather, disruptive technologies are unsettling to tried-and-true (and often stale) business practices. Almost by definition, they are fringe technologies with no considerable market share, and they often lack refinement, practical application, or commercially acceptable performance. At the outset, at least, they're all buzz and no sting. But as these technologies mature and the niches they serve gain momentum, innovation catches up to customer need and lays a foundation for new business models. Even after the original disruption becomes pervasive, aftershocks may unearth additional innovations and expose new marketable services.

Disruptive technologies can emerge from grassroots efforts, such as work refining the Linux platform, or they can be helped along by benefactors, such as Defense Advanced Research Projects Agency (DARPA), the US government agency responsible for funding the early Internet.

Regardless of where disruptive technologies come from, corporate executives must recognise their significance and how quickly they can bring a previously unstoppable 800-pound corporate gorilla to its knees.

Often mistakenly interpreted as unimportant or low-margin opportunities, disruptive technologies can catch the lumbering enterprise off guard, rendering it unable to capitalise on the potential efficiencies, cost savings, or new sales channels they offer.

Although some disruptive technologies such as biocomputing and molecular computing are still ripening on the vine, others are beginning to bear fruit today.

Here, analysts from the test centre examine 10 disruptive technologies warranting consideration in enterprise planning efforts in 2002. Web services, Microsoft's .Net architecture and C# programming language, 802.11 wireless networking, and the Serial ATA (Advanced Technology Attachment) and iSCSI (Internet SCSI) storage interface technologies all made the list.

We also take a look at the impact of next-generation handheld devices, the collaborative enhancements surfacing from peer-to-peer computing and instant messaging, and the potential benefits of Trojan horses and worms in the propagation of self-healing software. The cumulative effect of all these technologies will reshape the enterprise computing model into one that features an increasingly distributed architecture.

Ultimately, the way a company approaches disruption - as a nuisance or an opportunity - will determine whether or not it is caught off guard. Use this guide to take stock of the value potential in disruptive technologies and strengthen your ability to adapt nimbly in the coming year.

Web services

By Jon Udell

[intro] It's a brave new world for application integrationDaring innovation is not the reason why Web services will disrupt the status quo. It is easy to exchange XML-formatted messages via the Internet - and that, of course, is exactly the point. In Act One of the Web drama, HTML forever changed how we publish and consume documents. In Act Two, now commencing, XML will likewise transform how business systems publish and consume business objects.

Pick an industry at random - health care, for example - and you'll find billions of dollars of inefficiencies waiting to be wrung out. The Web services movement will succeed in doing that because the technology is simple enough to become ubiquitous. It's not only big players such as IBM, Microsoft, Sun and Oracle who are weaving the Web services "stack" - SOAP (Simple Object Access Protocol), WSDL (Web Services Description Language), UDDI (Universal Description, Discovery, and Integration ) - into their offerings.

So are the smaller fry whose open-source toolkits (Perl, Python, PHP) power so much of today's Web. This universality is the key to the kingdom. It means the all-important network effect, which governs the success of any communications system, can play out again in the Web services realm. SOAP endpoints matter in proportion to the number of them that exist.

For software developers, the inflection point comes when routine programming tasks create and use Web services without any special effort, just as a matter of course. As Tom Yager notes, Microsoft's new framework and tools succeed brilliantly at making Web services straightforward for developers. But the revolution need not, and will not, wait for widespread adoption of the .Net Common Language Runtime and Visual Studio .Net. The trend on all platforms, and in all programming languages, is to radically simplify the construction and use of Web services. It is darned easy to advertise a SOAP method in Java and consume it from Perl, or vice versa, and to do these things on many different application servers and operating systems.

We can see the value of this genetic diversity as the security risks of a Microsoft monoculture grow daily more apparent. Crossing language and platform boundaries also paves the way for what may be the most disruptive long-term effect of Web services: the decoupling of domain expertise from programming language skill.

Today we think nothing of reading an ad in the newspaper for a Java or C++ programmer. But software is ultimately about the objects we use to model real-world domains, not the languages we use to represent those objects. The Web services approach kicks us up to the right level of abstraction. Because programming languages (as do operating systems) inspire religious devotion, this outcome might seem unlikely. But so did a universal cross-platform client in 1993. Things can change, and the technology of Web services looks like a powerful catalyst.

Microsoft .Net and C#

By Tom Yager

[intro] A new development framework challenges enterprise JavaAfter being thrashed in the enterprise software market by the likes of Sun Microsystems, IBM and Linux, Microsoft is pinning its comeback hopes on its new application framework, .Net. Although the freedom to use practically any programming language is key to .Net's appeal, developers are most excited about C#, the C++ derivative that Microsoft created with .Net in mind. The disruptive potential of these technologies is enormous because they change the rules for all types of Windows development, from desktop software to Web-enabled enterprise solutions.

Most of the changes are for the better. The .Net framework and C# extend Windows' reach by making powerful but often-overlooked Windows facilities - including messaging, transactions, and XML - more accessible to developers. The combination of C# and Visual Studio .Net make the creation and deployment of Web services almost automatic. And Web applications written for ASP.Net and deployed to IIS (Internet Information Server) 6.0 - the Web server component of Windows.Net - will enjoy substantial performance, stability, and scalability advantages over traditional ASP (Active Server Pages) applications.

Although worthwhile, .Net's benefits will exact a heavy cost. Current Windows developers will need expensive retraining. Visual Basic coders will be stunned by significant language changes and the complexity of the massive .Net framework. C++ programmers will applaud C#'s adherence to tenets of their pet language, but they, too, may find themselves bewildered by sweeping language and API changes.

Alterations to the JScript language, the elimination of VBScript, and the deprecation of COM (Component Object Model) interfaces to system services will add up to lots of hours spent recoding existing Web applications for ASP .Net. Rerouting an existing Java project to .Net, even if you use J# (Microsoft's Java language implementation), will add several months to the project's rollout target. A server shift from Unix to Windows will call for new skills across the entire IT staff, affecting system and database administrators alike.

With all this in mind, it's easy to understand why .Net and C# inspire a mix of interest and caution. But for companies already doing Windows development, adopting .Net isn't a question of whether, but when. Financial justifications for delaying migration will eventually be steamrolled by pressure from developers, business partners, application service providers, and tools suppliers.

Getting Windows developers aboard the .Net express is a bagatelle compared to the challenge of winning over Java, Unix, and Linux devotees. Playing against Java and J2EE (Java 2 Enterprise Edition), .Net has two primary trump cards: Visual Studio .Net and Web services. The beta of the Visual Studio .Net IDE (integrated development environment), due soon, is already a huge hit with developers, and it could continue to give Windows an edge over Java in the race to Web services.

Technically, Visual Studio .Net is not required for .Net or C# development, but it's got a slick, responsive, programmer-friendly interface and cuts through .Net's complexity so well that it is a practical necessity. Java lacks a predominant IDE, and this could be spun to Microsoft's advantage. It takes time and money to get a team of Java developers trained on the company's chosen tools, and it would be difficult to assemble a combination of Java tools that rivals the productivity benefits of Visual Studio .Net.

Web services are so conceptually simple - remote object access via HTTP and XML - that one might wonder how Microsoft can score its implementation of Web services as a major win over J2EE. Indeed, there are several ways to create Web services in Java. What sets .Net, Visual Studio .Net, and C# apart is that their designs revolve around making Web services easier to create and consume. Visual Studio .Net reduces the discovery, creation, deployment, and use of Web services to point-and-click operations.

Microsoft's new enterprise technologies will certainly create turmoil as companies involved in Windows development adjust to the changing landscape. The combination of .Net and C# will also have an unsettling influence in some non-Windows shops, forcing the review of long-standing assumptions about Windows' role in their operations. Java and Unix are well-established, but their reign as unchallenged rulers of the enterprise software domain is coming to an end.

Peer-to-peer

By PJ Connolly

[intro] P2P technologies create new models of knowledge sharingIf a technology considered more disruptive to business than peer-to-peer file sharing exists - as seen by the effort to ban corporate access to sites such as Gnutella and Napster - then it has done an excellent job of covering its tracks. Although many questions concerning the security and architecture of P2P have yet to be answered, it is clear that P2P technologies are already having an effect on business collaboration - and on major platforms vendors, including Sun Microsystems and Microsoft, who are building peer services into Jxta and Windows XP, respectively.

Customer service is a particularly appealing area for companies to experiment with P2P, given the positive experience of many companies that outsource this function. Anyone who has looked for customer support on the Web knows what a painful process it can be; too often it winds up being a matter of punching in some keywords and hoping. Using P2P technologies, companies can deliver immediate, personalised support over the Web while making efficient use of support reps.

For example, Quiq's collaborative platform, Quiq Connect, allows the mass reuse of service events, dynamically populating the general knowledge pool so that customers can help themselves to solutions to old problems while support reps focus on solving new ones. Quiq Connect can even "federate" knowledge bases from multiple vendors, or different support groups within a vendor, so that they present a seamless whole, allowing business partners to better support customers with complex problems, such as computer hardware and software interoperability issues.

Unfortunately for P2P purists, the security concerns of potential customers, along with some basic physical constraints, mean that a completely serverless environment - a la Gnutella - won't be a big hit with business. Instead, we foresee more widespread acceptance of hybrid products that allow peered clients to pull data as needed from the closest peer, while pushing changes back to a central location for archiving and management.

A tough economic climate ordinarily might stifle the introduction of drastically new technologies such as P2P collaboration, but it may be now or never for companies seeking to extract the last possible competitive advantage from their knowledge and experience.

Benevolent worms

By PJ Connolly

[intro] Will virus technology be part of the future software delivery systems?

Although the prospect of using virus technology to simplify the task of delivering patches and software updates is tempting, the dangers can outweigh the benefits when the process is too automated. For example, the improved Windows Update feature in Windows XP now allows patches and updates to be downloaded automatically, although installation is still at the user's discretion.

Trojan horses, worms and other malicious code forms have proven to be incredibly successful at paralysing e-mail systems and Internet providers. It is therefore only logical to conceive of ways to use them for productive purposes, much as the Bible exhorts its readers to beat their swords into ploughshares and their spears into pruning hooks.

Granted, it would be wonderful if IT administrators could distribute patches and other software updates to desktops and servers as quickly as an e-mail virus can spread from one machine to the next. But is such a magic wand really a good idea?

Well, maybe not exactly. After all, unlike the human immune system, which produces defences, or antibodies, automatically, the computer must wait for a human to analyse samples of a computer virus, prepare antidotes and vaccines for that specific situation, and only then apply the cure.

This observation alone would seem to discredit the idea of a "digital immune system" that the security community has tossed around during the past few years, but there's an even more important point to consider. Similar to the way that auto-immune diseases turn the body's own defences against itself, so could one turn a viruslike software delivery system against its own computers. Although it would be difficult to monkey with the digital certificates that would conceivably be used to identify trusted patches, it's not impossible to subvert the certificate issuing system, as Microsoft and VeriSign found to their dismay last March.

Ultimately, a viruslike software delivery system would require software publishers to deliberately put a back door into their systems, and few customers will tolerate that practice, even under shrinkwrap licensing terms. Because there's no guarantee that such a tempting target wouldn't be exploited by hackers, any IT manager deploying such a system would be foolhardy in the extreme.

Serial ATA and iSCSI

By Mario Apicella

Storage networks fuel the distributed enterpriseThe marriage of networking and storage technologies is not only simplifying the way storage is managed, it also promises to revolutionise the way enterprise storage is used, allowing corporate data to be pushed to the edge of the network to support Web services-based computing and pervasive access to information resources.

Two key ingredients in the mix are SATA (Serial ATA), a new disk storage interface that boosts the performance of low-cost NAS (network-attached storage) appliances, and iSCSI (Internet SCSI), a new protocol that will help companies build storage networks without the cost penalty of Fibre Channel.

For the past two decades, ATA (Advanced Technology Attachment) has provided reasonably priced and increasingly faster and larger disk drives. As ATA approached its technological limits, market leaders such as APT Technologies, Dell , IBM, Intel, Maxtor and Seagate have joined forces to create SATA, a serial interface offering unprecedented performance for connecting to low-end storage devices, which will in time replace ATA.

The iSCSI protocol should make SANs more affordable by using IP's packet-based transport for storage instead of Fibre Channel. Although processing TCP/IP takes a significant toll on a server's CPU, a new family of NICs (network interface cards) offers to offload that burden onto application-specific integrated circuits. Finally, with 10Gbps transfer rates on the horizon, iSCSI promises all the performance of Fibre Channel without the distance limitations or expensive conversions between protocols.

Although getting iSCSI started in your shop is likely to require the purchase of several new hardware devices such as GbE (Gigabit Ethernet) NICs and additional network switches, the overall implementation cost still has the potential to pay off over Fibre Channel. But here's the catch: to prevent undesirable jams, storage traffic must flow on a dedicated network. So, unless you already have an exclusive path in place, implementing iSCSI will still require the expense of building one. Moreover, because of its vulnerability to magnetic and electrical interference, copper might prove to be an unreliable medium for storage networks.

These things considered, adopting iSCSI for your storage network will not guarantee huge savings over Fibre Channel. Nevertheless, iSCSI promises to be a worthy competitor to Fibre Channel, which is good for the storage market and good for storage customers.

Instant messaging

By Mandy Andress

[intro] Real-time collaboration takes corporate users by stormIM (instant messaging) is changing corporate communications, and it's doing so without the prodding or even the approval of executives and IT managers. Combining the real-time advantages of a phone call with the convenience of e-mail, IM is so compelling it often gets implemented through the back door, with distributed workgroups downloading public IM clients and using them without getting the nod from IT.

With IM, employees in one office can easily communicate with employees or partners across the country or down the hall. Customer service and support departments can use IM to communicate with customers. Users can even send files via most IM applications when a report, contract, or invoice needs to be quickly reviewed or approved.

Today, most organisations use the public IM clients provided free by America Online, Yahoo and MSN. They are not ideal for the enterprise, however, because user IDs and passwords are submitted in plain text and are unencrypted. Anyone with a network sniffer can read information sent via public IM channels. To remove these risks, companies such as Groove Networks are developing secure IM applications aimed at the enterprise. These solutions will contain the features and functionality, such as stronger authentication and encryption, which corporate users need to exchange proprietary information company-wide and with business partners outside the firewall.

IM is a compelling business tool, but IT managers must realise that many employees will be tempted to use it as a means of chatting with family and friends. If not properly controlled, IM can lead not only to a decrease in productivity but also to the inadvertent exposure of sensitive business information. Companies should implement policies detailing when and how IM can be used.

As IM technology develops, today's real-time chat capabilities will be combined with clear voice and video communications. When this technology is available, companies will be able to set up video conference calls without all the costs and equipment required today. Meanwhile, enterprise adoption will soon be spurred by more secure solutions.

802.11 wireless LANs

By Mandy Andress

[intro] Emerging standards prepare wireless networks for prime timeWireless networks based on the 802.11 standard, also known as Wi-Fi, were all the rage last year and promise to be even more popular in 2002, as the growing use of Pocket PCs and other handheld devices in the enterprise make the cost and productivity advantages of wireless networks more compelling. Furthermore, new standards on the horizon will resolve security concerns and interoperability issues that currently hinder deployment.

Determining which flavour of 802.11 to implement isn't easy. The 802.11b standard that provides 11Mbps throughput has been the wireless standard to date. But in the first few months of 2002, a slew of products supporting the 802.11a standard will come to market. An 802.11a network operates at a different frequency than 802.11b and can provide throughput as fast as 54Mbps. The latest IEEE wireless LAN standard, 802.11g, operates in the same frequency as 802.11b, so 802.11b and 802.11g products should be interoperable. Additionally, 802.11g provides throughput as fast as 22Mbps.

The security issues with WEP (Wired Equivalent Privacy), the security mechanism currently used in the 802.11 standard, have been well-publicised. The 802.11 standard that defines WEP specifies a 40-bit key, which is easy to crack with today's computing power. As a result, a number of wireless vendors, such as Orinoco, have developed proprietary solutions using 128-bit encryption, but these solutions are not interoperable. The IEEE is developing a nonproprietary 128-bit encryption solution, called ESN (Enhanced Security Network), which will support the new AES (Advanced Encryption Standard) encryption algorithm.

One of the bigger security issues with 802.11 networks is the need for a static encryption key. With current deployments, it is not feasible to manually change the encryption key on all access points and wireless cards every hour. To get around this problem, the IEEE has developed the 802.1x standard, an authentication framework for all 802-based LANs that will provide centralised user authentication and automated key distribution. Vendors such as Cisco, Lucent and Agere Systems already support the draft 802.1x standard or have developed proprietary solutions with similar functionality.

Both bandwidth and security shortcomings have led early adopters of wireless networks to choose such proprietary solutions. Emerging standards will overcome these shortcomings without locking you into using components from one vendor.

2G handhelds

By Maggie Biggs

[intro] The next wave of devices will yield potent benefitsToday's handheld devices might not seem like a disruptive technology, but the Palm, iPAQ, and Jornada are merely hints of what is just around the corner. Early prototypes of 2G (second-generation) handhelds - the first real post-PC devices - combine handheld technologies with molecular manufacturing processes that can pack more power into ever-smaller devices. Soon you'll be able to hold in the palm of your hand computing power equivalent to that of a desktop or laptop.

Along with increased physical hardware capabilities, you can expect post-PC devices to include other technologies, such as always-on wireless connectivity, voice and handwriting recognition, printing and scanning capabilities, and embedded OSes that can support business application access for end users.

You won't have to wait long for these devices, which are arriving now and in the coming months. For example, 4P Mobile Data Processing has introduced the DAT 500, which combines handheld technologies with cellular and printing capabilities. Likewise, SK Telecom and PalmPalm Technology have produced the IMT 2000, which combines handheld and cellular technologies. Nokia's 9290 Communicator adds BlackBerry-like e-mail functionality to the mix.

As post-PC devices advance toward corporate viability, enterprise strategists need to begin planning for deployments now. A number of challenges will need to be addressed before a successful move to post-PC computing can be made.

First, unlike traditional PC computing, there are a variety of OSes to power post-PC devices. At the moment, the embedded OS market for post-PC devices includes Palm, Pocket PC, Linux, Symbian, and Java, among others, with no clear leader.

Second, strategists will need to examine the viability of post-PC devices versus depreciation of existing end-user hardware assets. Deciding when to migrate to post-PC devices will be as important as determining how to perform the migration.

Third, you'll need to account for security in the post-PC era. In particular, post-PC devices allow your users to move about, which will stretch enterprise security resources to the farthest reaches of the planet. How will you address the real threat of mobile intruders, viruses, and the like?

Finally, existing business applications will need to be examined with an eye toward migrating end-user access to post-PC devices. For example, if your enterprise is currently Java-based, you'll want to examine how you can move client-side technologies to the small screen while maintaining the application capabilities you require.