Network Economics 101: ROI of Monitoring

So,  when you think back to what first attracted you to networks, it probably wasn’t the ability to complete long financial calculations. But, with the pressure from business managers and accounting to justify every cent spent in IT, that’s exactly what the job has become.

The question: How do you calculate the ROI of an upcoming network monitoring project? Not exactly something they teach you in any Cisco course. Luckily, we have a paper that walks you through the steps of calculating and presenting the return on investment (ROI) for your next network monitoring project.

It outlines three key steps for making the business case for performance monitoring:

• Determining the project’s qualitative and quantitative benefits
• Identifying the solution’s  cost
• Outlining the timeframe over which this will take place

The Reach of Virtualization

So, earlier this month I spoke about how many organizations have adopted virtualization. Turns out three-quarters of companies have some form of virtualization on their network. But, that left the question of whether this was a serious virtualization deployment or were they playing with the technology.

During the first day at Interop, we identified the virtaulization’s reach by polling exhibition attendees.  In questioning 120 attendees with positions ranging from network engineer to IT manager, we determined that virtualization extends all the way to the core of company activities.

• 55%  have virtualized mission-critical servers, including e-mail and Web servers
• 50% run other servers such as their DNS and DHCP servers in virtual environments
• 39% extended virtualization to the desktop

Read more about the  implementation rates and key challenges of virtualization in our Interop polling results release or in the State of the Network Global Study 2009 (PDF).

Outrage: Citigroup Abuse of TARP Funds

SecurityDude, CISSP-ISSAP is an IT consultant, Security & Privacy Advocate and blogger at large with over 20 years IT experience. SecurityDude shares tips, tricks, and info that the average networking professional will find interesting and indispensable.

In the last two months, I have received two letters from Citigroup advising me that they are changing the terms of both of my MasterCards.  The letters advise me of my right to Opt-Out of the new conditions, but that if I do so the cards will be canceled when they expire.

I have a FICO score of nearly 800 and no long-term debt other than my mortgage.  Citi has decided that although I have not missed a payment to a creditor in 15 years, my rate should nearly double from 7.99% to 14.99%.  This, in a time when banks are borrowing the money they lend for next to nothing.

I usually don’t run a balance, but if ‘stuff’ really hit the fan, I have over $40K in available credit to ride out the worst of it.  There is a HUGE difference in the amount of time required to pay down debt at 14.99% versus 7.99%.  Let me give you an example.  Let’s say you had a heart attack and needed $40K of medical care not covered by insurance.  If you paid $750.00 per month at 7.99%, it would take you 67 months (5 years, 7 months).  With the rate at 14.99%, it will take you 89 months (7 years , 5 months).

If along the way you missed a SINGLE payment, you would be bumped to the “Default APR of 29.9%“.  At the Default Rate, $750.00 a month would not even cover the interest payments!  You would have to pay $1000.00 a month for 227 months (18 years, 11 months).  You would have paid $187,000.00 in interest for the $40,000.0 loan. This amounts to indentured servitude.  Actually, 29.9% interest is worse.  In the 17th & 18th centuries, an indentured servent paid off his or her debt in just 7 years.  We desperately need banking and bankruptcy reform to avoid a future with no future. (I used the credit card payoff calculator at BankRate to generate these numbers)

In both cases, I said “enough is enough”.  I opted out of the change in terms for both cards.  Additionally, I wrote to Vikram Pandit, CEO of Citigroup, the Secretary of the Treasury, and Chairpersons of the Senate Banking, House Financial Services and Senate Finance Committees.  For good measure, I also wrote to President Obama’s Chief of Staff Rahm Emanuel.

I am not only outraged that Citi is trying to extort ridiculous rates on my cards, but they are doing this after receiving over 20 BILLION dollars of our tax money in the T.A.R.P. bailout.  I am no financial guru, but don’t you agree that if Citi and others RAISE interest rates, that will have a negative effect on consumer spending?  This behavior cannot be tolerated in the best of times.  2009 is definitely NOT the best of times.

If you have received similar “love letters” from your credit card issuers, I recommend you follow my lead and Opt-Out of higher interest rates.  I also recommend you similarly engage in a letter writing campaign to the financial decision-makers in Washington.  If you have never written a letter to your lawmakers, Congress.Org has good samples you can copy and modify.  For your convenience I have listed the names and addresses of all the relevant officials below.

It’s OUR money and we have to hold our leaders accountable for how it’s used.

The White House
President Barack Obama
1600 Pennsylvania Avenue NW
Washington, DC 20500-0003

The White House
Rahm I. Emanuel
Chief of Staff
1600 Pennsylvania Avenue NW
Washington, DC 20500-0003

Department of Treasury
Timothy Geithner
1500 Pennsylvania Ave., N.W.
Washington, DC 20220

Banking, Housing And Urban Affairs Committee
Senator Christopher J. Dodd
534 Dirksen Senate Office Building
Washington, DC 20510-0001

Finance Committee
Senator Max Baucus
219 Dirksen Senate Office Building
Washington, DC 20510-0001

Financial Services Committee
Representative Barney Frank
2129 Rayburn House Office Building
Washington, DC 20515-0001

After former President Bush signed the Bankruptcy Abuse Prevention and Consumer Protection Act of 2005, Chapter 7 bankruptcy (liquidation) became nearly impossible for consumers. The credit card issuers knew they had little risk of not being able to eventually collect on a debt and responded by irresponsibly lowering their lending criteria.  They now have a free hand to abuse consumers with punitive rates and penalties.

Interop & The IT Economy Follow Up

With the global economy in the tank and a 24 hour news cycle in hyperdrive, how much of what we are going through is real versus hype? If you look at antecdotely what’s coming out of Interop, while things are not tremendous they also aren’t that bad.

Rachel Wembley is a good set of outside eyes looking into the IT show, meaning as a reporter for Trade Show Week, she’s not writing for a publication owned by the same folks that host Interop.  I found her comments interesting:

“At Mandalay Bay Resort & Casino, where United Business Media’s Interop, with its 14,000 attendees, was in full swing, the showfloor bustled. At lunch time, people stood in lines waiting to get into the various cafes and restaurants spread throughout the complex. On the casino floor, even though it was early afternoon, there were plenty more people playing the slots, rolling the dice and spinning the roulette wheel.”

Another take was offered by Susan Fogarty of Tech Target who wrote about Interop experiences and offered comments on our IT Economy survey results.

“While walking the expo floor at Interop Las Vegas this week, I was pleasantly relieved to see that the gloomy economy has not dampened the spirits of the networking industry. Although I have heard rumors that show traffic is down, it looks pretty healthy to me (certainly a far cry better than any of the New York events). And the mood is upbeat. In fact, several conference attendees have expressed to me their belief that the economy has “turned the corner” and they are thinking about what comes next.”

Interop Take Away
Although things in IT are better than they are in other industries, a significant amount has changed. As Fogarty mentions people aren’t buying technologies simply to have them, rather they’re serious about using technologies like virtualization to cut resource and financial costs. The only issue in saving money through new technologies is making sure that you have tools in place to ensure those savings. As we found out from yesterday’s survey results, people may be reducing benefits they gain from new technologies due to a lack of tools, education, or network visibility.

Let me know what you’ve learned at Interop. How were your experiences? Have attendees changed compared to past years?

Interop IT Economy Steady as She Goes

So over the last two days at Interop, we have been polling people as they came into our booth. Given the interesting economic times we live in, I was curious to find out the economy’s effect on IT budgets and department growth – or lack thereof.

While the news isn’t great, it’s not bad either. Here’s what we learned:

• Only 22 percent of organizations’ IT departments have experienced layoffs in the last year
• One-fourth of IT departments anticipate laying off people in the next year
• Over one-third of companies continue to roll out new technologies
• IT budgets are expected to increase by 3 percent on average

Our Take
One of our Product Managers Charles Thompson mentioned that these results might be due to the network becoming a more integral component in conducting business, making it less likely to be the target of budget cuts.

My favorite comments came from Tim O’Neill of LoveMyTool.com, who said in an e-mail:

“I was shocked at this survey’s results, they seem to run contrary to the market but I feel the only reason that this is holding somewhat steady is because (hopefully) that upper management has finally come to the only rational conclusion that their business success is attached and attributable to their network and application success. Thus do not shoot your horses!”

It might also be that we have the healthier companies answering surveys. These were, of course, the companies that have not completely eliminated their travel budgets and still send employees to Interop.

Read the press release. Any thoughts? It’d be great to hear from you.

Virtualization, how hot is it?

With the constant chatter surrounding virtualization, I often feel like an audience member at the Tonight Show back in the days of Carson. Johnny is up there saying “Virtualization is hot!” And, we all can chime in with, “How hot is it?”

With this morning’s release of Network Instruments’ State of the Network Study, I can tell you it’s more than just a fad. During late March and early April, we interviewed around 450 network professionals and found 75% had implemented some type of virtualization. This might mean they downloaded a copy VMWare ESX and played around with it, or they have fully deployed virtual environments. But three-quarters of companies have virtual machines on their networks.

Taking it a step further, we asked how many applications they have running in virtual environments. On average, 27% of applications run on virtual machines. But, we expect this number to more than double by 2011, with 60% of applications running in virtual environments.

With this I’d say that virtualization is more than just hype. In addition to adoption, we also looked at the chief troubleshooting challenges of virtualization and other emerging technologies like unified communications in the State of the Network. Check out the press release or download the full State of the Network 2009 Global Study.

Detecting the Downadup / Conflicker Threat

“The Downadup worm—also called Conflicker—has now infected an estimated 10 million PCs worldwide, and security experts say they expect to see a dangerous second-stage payload dropped soon,” according to NetworkWorld.

Although most of you are surely aware of the worm, how do you go about detecting infected systems on your network? We posted a new filter to detect the specific worm that can be used with Observer and/or GigaStor. Check here for other specific worm, virus, or hack filters.

Install it on your Observer and mine data out of your GigaStor to see if anyone is infected.  You could also apply the filter to the real-time “Top Talkers” statistic, and this would only show you who was infected in real-time.  Another way would be to setup a trigger and alarm.  If you had an Observer Suite system, the alert could be configured to set off an SNMP trap or email.

Beyond looking at our signatures, you can also take advantage of GigaStor’s Security Forensics which allows you to upload Snort rules and investigate the path of attacks, worms, etc on your network in context of all other network activities.  Read more (PDF).

Destination: Performance Tour

With bags packed and ready, we’re about to embark on a 10-city North American troubleshooting tour. The tour, Destination: Performance, will introduce network professionals to the latest troubleshooting trends and techniques including:

• Application performance monitoring
• VoIP and Unified Communications analysis
• Device and route monitoring
• Back-in-time troubleshooting
• Enterprise-wide reporting

Join us for lunch and enjoy highly relevant presentations from our resident network troubleshooting experts. You’ll learn new approaches to optimizing network performance and handling application rollouts and problem isolation. In addition, see how the Observer platform tackles performance challenges by providing high-level to packet-level views and expert analysis.

Destination: Performance tour stops include:

Minneapolis, MN – February 12, 2009 (Event Full)
Dallas, TX – March 3, 2009
Chicago, IL – March 4, 2009
Toronto, ON – March 5, 2009
Boston, MA – March 10, 2009
Philadelphia, PA – March 11, 2009
Atlanta, GA – March 12, 2009
Phoenix, AZ – March 24, 2009
San Francisco, CA – March 25, 2009
Seattle, WA – March 26, 2009

Save your spot now.

Remove Ads From Windows Live Messenger

SecurityDude, CISSP-ISSAP is an IT consultant, Security & Privacy Advocate and blogger at large with over 20 years IT experience.

SecurityDude shares tips, tricks, and info that the average networking professional will find interesting and indispensable.

Even before I began specializing in Network Security, I have held mixed opinions about IM (Instant Messaging).  Way back in 1992, I was contracting to a large West Coast bank that used an IM program implemented as a DOS TSR called Office Logic by LAN-Aces.  For the benefit of readers who have never worked in a DOS-only environment, a TSR (Terminate Stay Resident) program is the original ‘popup’.  TSR’s were loaded at startup and sat in the background (using precious RAM) until you typed a special key combination to bring it up.  In the case of Office Logic, when someone IM’d you, it would pop-up a ‘DOS window’ and interrupt what you were doing.  I always viewed TSR’s as annoyances rather than a productivity tool, but users loved them.

In the past two years, several of my vendors and customers have standardized on what was originally MSN Messenger, but is now Microsoft Windows Live Messenger.  They made it clear that I “must” be on their IM if I wanted to do business with them.  The new Windows Live Messenger (WLM) interface is somewhat improved over the older MSN Messenger, but they added animated advertisements.  I find these annoying beyond polite description.   Fortunately, there are some solutions.

One solution is a program called A-Patch (yuck, yuck) that allows you to customize the WLM GUI and remove anything you don’t want to see (like ads).  A-Patch backs-up your original files and allows you to roll back if you want to revert to defaults.  A-Patch worked great.  No more ads.

Another solution is to connect to the Windows Live network using a non-Microsoft client.  There are dozens to choose from and are available for Windows, Linux and Mac OS X.  If you prefer a simple, ad-free IM client that connects to AIM, Yahoo!, MSN and many others, Pidgin might be a good fit.  It is simple and annoyance-free.

Handling Server Builds From Hell

SecurityDude, CISSP-ISSAP is an IT consultant, Security & Privacy Advocate and blogger at large with over 20 years IT experience. SecurityDude shares tips, tricks, and info that the average networking professional will find interesting and indispensable.

Although I generally don’t build my own servers and workstations, I had a need that could not be met within the constraints of my budget.  Specifically, I wanted to build a “Super Server”, one that could run at least 10 virtual machines without any performance degradation.  When I looked at building this ‘dream machine’ at HP, IBM and Dell, I kept getting an answer of $6,500 to $8,000.

I instead opted to buy a bare-bones tower server with dual-socket Xeon motherboard and 8 hot-swap drive bays.  I added 2 Quad-Core Xeon 5410, 24Gb Registered ECC RAM (6 x 4Gb DIMMs), 6 500Gb Seagate Barracuda SATA II drives, a CD/DVD drive, an Intel PCI-X Quad GT Gigabit Ethernet adapter and a fast ATI All-In-Wonder HD video card.  All of this set me back about $3200.00. I used the PriceWatch to find the best prices on components. I ordered the server box through Ingram Micro.

Then the fun began.  I installed RAM, CPUs, HDs and interface card, and upon hitting the power button: nothing.  It just sat there like a brick.  I called the vendor’s tech support hotline and they had me check a few obvious things.  I was ultimately advised I needed to flash the BIOS to recognize the Xeon 5400 series CPUs.  Unfortunately, since it couldn’t POST (Power On Self-Test), I couldn’t boot a floppy and flash BIOS.  They offered to mail me a BIOS chip, but my motherboard has the BIOS soldered in place.  It took me 4 days and the threat of opening a fraud complaint with the FTC (Federal Trade Commission) to get them to agree to pay for round-trip shipping of the advanced replacement.  I made my purchase based on the claims made on their web site and I had every right to assume it would work as advertised (it din’t).

A week later, I received the replacement.  It fired up as I expected, but I could not create a 6-disk RAID5 array using the built-in Intel ICH9R RAID controller.  Intel’s documentation said I could add all 6 drives, but it refused to initialze the array and locked up the system.  After two more BIOS updates, it still didn’t work.  I then agreed to use 2 drives in RAID 1 for the Operating System and settle on the much smaller 4-drive RAID 5 configuration for data. Yet another problem cropped up.  Windows Server 2003 would not recognize any storage. Grr!  Their BIOS engineer created a custom build of their BIOS just for me (kudos for that).  That led to another problem: the new BIOS was too large to put on a floppy drive.

One of the server company’s techs pointed me to a utility called “HP USB Disk Storage Format Tool Version 2.0.6”.  With this little do-dad, I created a bootable USB drive on my 4Gb SanDisk Cruiser.  Most newer PC and Laptop BIOS offer the ability to boot from USB.  Just check the boot options in BIOS setup.  It isn’t very often you have to boot from anything other than the hard drive, but when you need to, you really need to. The BootDisk website has dozens of utilities to boot from floppy, CD-ROM and USB drive for Windows, MAC OS X and Linux.

Note: I had previously erased the U3 partition on the drive using the U3 LaunchPad Remover, so I don’t know if it will work with U3 still in place.

I successfully loaded the new BIOS by booting from the USB drive.  Guess what?  Server 2003 STILL can’t see the storage.  Lucky for me I have a licensed copy of Windows Server 2008 Enterprise x64.  Server 2008 is obviously a lot smarter than 2003 because it recognized storage and allowed me to FINALLY get the server running.  Some of you are probably wondering who I bought the ‘server from hell’ from.  Although I am still unhappy about the hassle to get them to pay shipping, their tech support team worked hard to get me a solution (imperfect as it is).  The guilty will remain un-named.

The good news is now I have a very fast server that allows me to retire three Pentium 4 servers and a Dual PIII server.  With 24Gb of RAM, I can run 12 VMs and never exceed 45% CPU load.

In closing, there is a handy gadget I just bought that I think readers will be interested in: SATA drive dock.  This is not an enclosure.  CoolGear’s SSX-35SB docking station allows you to directly insert a 2.5” or 3.5” SATA drive into the docking station without having to mess with screws, brackets and drive trays.  If you are like me and have piles of retired SATA drives that you need to inspect, format and test, this is a very handy tool.