Comments on: The way it is and the way it should to be http://www.johnmwillis.com/ibm/the-way-it-is-and-the-way-it-should-be/ JOHNMWILLIS BLOG Wed, 02 Jun 2010 23:53:59 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: IBM and the History of Autonomics | John M Willis ESM Blog http://www.johnmwillis.com/ibm/the-way-it-is-and-the-way-it-should-be/comment-page-1/#comment-3671 IBM and the History of Autonomics | John M Willis ESM Blog Thu, 27 Mar 2008 07:54:57 +0000 http://www.johnmwillis.com/ilike/the-way-it-is-and-the-way-it-should-be/#comment-3671 [...] in IBM’s product(s) muck, I have yet to see an example of any of their Tivoli solutions that self configure and self heal. In fact, I challenge anyone at IBM to debate me on the merits of Autonomics as it [...] [...] in IBM’s product(s) muck, I have yet to see an example of any of their Tivoli solutions that self configure and self heal. In fact, I challenge anyone at IBM to debate me on the merits of Autonomics as it [...]

]]> By: Adam Jacob http://www.johnmwillis.com/ibm/the-way-it-is-and-the-way-it-should-be/comment-page-1/#comment-3414 Adam Jacob Fri, 21 Mar 2008 17:04:37 +0000 http://www.johnmwillis.com/ilike/the-way-it-is-and-the-way-it-should-be/#comment-3414 Hi John, this is Adam with HJK. In the last couple of months I've hard the opportunity to talk with all sorts of people who are building or running large "Web 2.0" infrastructures. In their world, using tools like Puppet, Nagios, OpenNMS, Capistrano, and a whole host of others is common place. The choice of tools vary, but the need for more automation rarely does. The last great frontier in Open Source infrastructure tools is Auditing and Compliance. We integrate a whole bunch of world class tools to provide well managed, fully automated infrastructure. In most large companies, though, that's not enough. You also need to be able to report on and instrument the internal corporate policies by which those systems are managed. If your business is run by sending charts, graphs, and reports to executives, you'll find the Open Source answers often lacking. Things like SarbOx compliant Identity Management solutions just don't really exist. You can build them (and I have) but a world-class open source alternative just doesn't exist yet. (Since it's bound to come up, what I mean when I say "SarbOx compliant Identity Management solution" is a system that allows a user to be managed in a single place, and have that action cascade to all the relevant systems. With an auditable log of when they were given Authorization, when it was taken away, and ideally, when and where they used it.) This same story can get told for every piece of the Open Source stack. The core technologies are awesome. The degree of automation you can get with them is world class. The amount of scaffolding you need to build around them to integrate them into a large, complicated enterprise? Daunting. Now, all that said. If you had a $500k services budget, you could put those technologies in place. If you had that budget and a heart of gold, you would open-source it, and lower the bar even further. So, whose building the rocking Open Source compliance and auditing stack? :) Hi John, this is Adam with HJK. In the last couple of months I’ve hard the opportunity to talk with all sorts of people who are building or running large “Web 2.0″ infrastructures. In their world, using tools like Puppet, Nagios, OpenNMS, Capistrano, and a whole host of others is common place. The choice of tools vary, but the need for more automation rarely does.

The last great frontier in Open Source infrastructure tools is Auditing and Compliance. We integrate a whole bunch of world class tools to provide well managed, fully automated infrastructure. In most large companies, though, that’s not enough. You also need to be able to report on and instrument the internal corporate policies by which those systems are managed. If your business is run by sending charts, graphs, and reports to executives, you’ll find the Open Source answers often lacking.

Things like SarbOx compliant Identity Management solutions just don’t really exist. You can build them (and I have) but a world-class open source alternative just doesn’t exist yet. (Since it’s bound to come up, what I mean when I say “SarbOx compliant Identity Management solution” is a system that allows a user to be managed in a single place, and have that action cascade to all the relevant systems. With an auditable log of when they were given Authorization, when it was taken away, and ideally, when and where they used it.)

This same story can get told for every piece of the Open Source stack. The core technologies are awesome. The degree of automation you can get with them is world class. The amount of scaffolding you need to build around them to integrate them into a large, complicated enterprise? Daunting.

Now, all that said. If you had a $500k services budget, you could put those technologies in place. If you had that budget and a heart of gold, you would open-source it, and lower the bar even further.

So, whose building the rocking Open Source compliance and auditing stack? :)

]]>