Register Today for Interop New York 2008

IT Conference Overview

Wednesday-Friday, September 17-19, 2008

Register today for IT's most comprehensive Conference. Innovation is driving a fundamental shift in business technology, and Interop will help you build a lean, agile IT organization that can respond to today's rapidly changing business environment.

Open All Descriptions |

Close All Descriptions

Application Delivery
Conference Sessions Managing and Controlling Application Performance Tuesday, November 30 - 4:00 pm–4:00 pm In the vast majority of situations, the end user notices application degradation before the IT organization does and this damages the creditability of IT. In addition, there has been an explosion recently in term of how much bandwidth intensive recreational traffic such as Internet Radio transits the typical corporate WAN. This session will describe some of the key techniques that IT organizations can use to better identify, manage and control application usage. Optimizing the Performance of Enterprise Applications Tuesday, November 30 - 4:00 pm–4:00 pm The general buzz in the trade press is that IT organizations should optimize the performance of their company's key enterprise applications. While it is difficult to disagree with that statement, it does beg the question of how best to do it. In this session, the speakers will describe the data flow of key enterprise applications from companies such as SAP and Oracle. The speakers will identify the performance roadblocks associated with those applications and will also identify which optimization techniques improve the performance of these applications and which ones do not. The Future of Application Delivery Tuesday, November 30 - 4:00 pm–4:00 pm Over the last few years a lot of resources have been devoted to developing myriad techniques to ensure acceptable application performance. For example, several vendors have deployed products to optimize the performance of the WAN and of servers. What can IT organizations expect to see over then next year? This session will explore some of the possibilities including topics like: is storage optimization likely to happen, and if so, will anybody care? Will functionality such as symmetric and asymmetric application acceleration merge? Should you build the network you need to support applications or can applications dynamically control the network resources they need? What SOA and Web 2.0 Means to the Network Tuesday, November 30 - 4:00 pm–4:00 pm Over the last couple of years SOA and Web services has been over-hyped. Currently Web 2.0 is beginning to be over-hyped. Because of the hype, it is easy to dismiss these application development architectures as irrelevant. That would be a serious mistake. Both of these architectures are just in the early stages of influencing how applications are developed and applications build using either architecture are likely to run poorly and be difficult to manage. The panelists on this session will detail the management and performance issues associated with SOA and Web 2.0 and give their insight into what you can do to avoid them. Deploying an Application Aware Network Tuesday, November 30 - 4:00 pm–4:00 pm An increasing number of CIOs get the fact that their role is to ensure that the end user's Quality of Experience (QoE) is acceptable and predictable. In order to achieve this goal IT organizations must deploy instrumentation that has visibility into all the events that can impact QoE. IT organizations must also automate as much of the data gathering, correlation, and analysis as possible in order to be able to intervene to prevent the occurrence of QoE issues, or to respond to them in real-time or near real-time. The panelists on this session will discuss the various options that exist for deploying instrumentation and will outline a cost effective instrumentation architecture.
Top of Page
Cloud Computing
Conference Sessions Platform-as-a-Service: Building Business Processes in the Cloud Tuesday, November 30 - 4:00 pm–4:00 pm Cloud computing is often referred to as hardware-as-a-service, with the openness and complexity that implies. At the other end of the spectrum, SaaS doesn't offer much room for customization. But there's a middle ground, where providers offer an on-demand platform, often with its own coding and conventions. This class looks at how companies can build custom applications that run in the cloud, letting the platform provider worry about operations and data integration. Cloud Language: The Taxonomy of On-Demand Computing Tuesday, November 30 - 4:00 pm–4:00 pm Clouds. Grids. PaaS. There are dozens of names to describe on-demand computing, and lots of confusion. This session tries to bring some order to the chaos, offering a comparison of different on-demand computing models including hardware-as-a-service, custom platforms, and large-scale compute infrastructures such as Hadoop. Speaker - Alistair Croll, Principal Analyst, BitCurrent Alistair is a senior analyst at research firm Bitcurrent, covering emerging web technologies, networking, and online applications. Prior to Bitcurrent, Alistair co-founded Coradiant, a leader in online user monitoring, as well as research firm Networkshop. He has held product management positions with 3Com Corporation, Primary Access, and Eicon Technology. Alistair contributes to industry events such as Interop and Web2Expo, and writes for a variety of online publications including GigaOm. He is the author of numerous articles on Internet performance and security, and co-author of Managing Bandwidth: Deploying QOS in Enterprise Applications from Prentice-Hall. Running Clouds: What the Big Guys Know Tuesday, November 30 - 4:00 pm–4:00 pm A very small number of companies generate the vast majority of today's web pages, from Facebook apps to hosted sites. With compelling economics, they may be running most of the world's computing in a short while. This panel gets behind the scenes with some of the world's Big Cloud operators for a look at what they know about running large-scale computing. Moderator - Alistair Croll, Principal Analyst, BitCurrent Alistair is a senior analyst at research firm Bitcurrent, covering emerging web technologies, networking, and online applications. Prior to Bitcurrent, Alistair co-founded Coradiant, a leader in online user monitoring, as well as research firm Networkshop. He has held product management positions with 3Com Corporation, Primary Access, and Eicon Technology. Alistair contributes to industry events such as Interop and Web2Expo, and writes for a variety of online publications including GigaOm. He is the author of numerous articles on Internet performance and security, and co-author of Managing Bandwidth: Deploying QOS in Enterprise Applications from Prentice-Hall. Speaker - Jim Salem, Chief Architect, Intuit Quickbase Managing Applications in the Cloud Tuesday, November 30 - 4:00 pm–4:00 pm When it's your app on their infrastructure, you have a hard time knowing what's happening. On-demand computing environments often hide details from application operators as a result of their virtualization. New computing means new management, and this panel of experts and innovators looks at emerging best practices for managing applications when they're running in the cloud. Moderator - Alistair Croll, Principal Analyst, BitCurrent Alistair is a senior analyst at research firm Bitcurrent, covering emerging web technologies, networking, and online applications. Prior to Bitcurrent, Alistair co-founded Coradiant, a leader in online user monitoring, as well as research firm Networkshop. He has held product management positions with 3Com Corporation, Primary Access, and Eicon Technology. Alistair contributes to industry events such as Interop and Web2Expo, and writes for a variety of online publications including GigaOm. He is the author of numerous articles on Internet performance and security, and co-author of Managing Bandwidth: Deploying QOS in Enterprise Applications from Prentice-Hall. The Big Migration: Moving the Data Center to On-Demand Tuesday, November 30 - 4:00 pm–4:00 pm There's a slow, inexorable exodus going on. First busrty seasonal computing, then storage, and eventually all but specialized tasks are moving out of the corporate data center and into the cloud. But this big migration is a gradual one, and there are times when it doesn't yet make sense to embrace on-demand computing. We'll chart the course of a migration into the cloud with some of the industry's sharpest innovators in on-demand provisioning and deployment. Moderator - Alistair Croll, Principal Analyst, BitCurrent Alistair is a senior analyst at research firm Bitcurrent, covering emerging web technologies, networking, and online applications. Prior to Bitcurrent, Alistair co-founded Coradiant, a leader in online user monitoring, as well as research firm Networkshop. He has held product management positions with 3Com Corporation, Primary Access, and Eicon Technology. Alistair contributes to industry events such as Interop and Web2Expo, and writes for a variety of online publications including GigaOm. He is the author of numerous articles on Internet performance and security, and co-author of Managing Bandwidth: Deploying QOS in Enterprise Applications from Prentice-Hall. Cloud SLAs Tuesday, November 30 - 4:00 pm–4:00 pm How reliable is the cloud? Enterprises demand predictable service levels, reliable delivery, and committed availability. This panel will look at what level of service we should demand - and can expect - from cloud computing infrastructure, as well as tools and best practices for measuring it. Moderator - Alistair Croll, Principal Analyst, BitCurrent Alistair is a senior analyst at research firm Bitcurrent, covering emerging web technologies, networking, and online applications. Prior to Bitcurrent, Alistair co-founded Coradiant, a leader in online user monitoring, as well as research firm Networkshop. He has held product management positions with 3Com Corporation, Primary Access, and Eicon Technology. Alistair contributes to industry events such as Interop and Web2Expo, and writes for a variety of online publications including GigaOm. He is the author of numerous articles on Internet performance and security, and co-author of Managing Bandwidth: Deploying QOS in Enterprise Applications from Prentice-Hall.
Top of Page
Data Center
Conference Sessions Unified Data Center Network - Future or Hype Tuesday, November 30 - 4:00 pm–4:00 pm Will Ethernet unify the storage and data networks into one single fabric? Or does storage need its own network to deliver high performance? Will storage be carried over FCoE or iSCSI, or some other protocol? Or will fiber channel continue to grow and evolve? Panelists will discuss these and other issues around next-generation data center networks, take audience questions and present case studies to support their claims. Data Center Trends and Strategies Tuesday, November 30 - 4:00 pm–4:00 pm The data center is at the center of IT innovation with many exciting but also confusing developments. The session will provide a unifying vision, and a wealth of information and practical advice for companies seeking to build new data centers, planning for growth in existing data centers and transforming their operational practices. Based on hundreds of in-depth interviews with IT executives, this session provides an unbiased, insightful and unique view of best practices from real data centers around the world. Is Green About Ecology or Economy? Tuesday, November 30 - 4:00 pm–4:00 pm The Green Data Center sounds easier than it is. What are the various components of a green data center and how can companies make their existing data centers "greener"? What is the impact of green IT on the bottom line? Green is not just about the production of energy or the use of alternate sources. It is about energy strategies, energy efficiency, energy management and cost reduction. It's about sustainable computing and competitive advantage. It's about the bottom line as well as environmental responsibility and stewardship. Panelists will discuss strategies, technologies, challenges and case studies to help demystify green IT.
Top of Page
Enterprise 2.0
Conference Sessions Enterprise 2.0 Tools: A Critical Evaluation Tuesday, November 30 - 4:00 pm–4:00 pm To date, technology analysts have quite properly focused on the social and business aspects of Enterprise 2.0 technologies. And yet, Enterprise 2.0 tools (including collaboration suites, pure-play blog / wiki / social-networking products, and revamped portal products from major vendors) differ quite substantially in maturity, approach, and support. This session will share customer research from noted evaluation firm CMS Watch on leading Enterprise 2.0 technologies, and provide a framework for customers to evaluate the marketplace based on their own needs. Speaker - Tony Byrne, Founder, CMS Watch The ROI for Social Networking Tuesday, November 30 - 4:00 pm–4:00 pm Social networking is a hot topic these days, mostly fueled by consumer applications such as Facebook and MySpace. Facebook alone has been catapulted to "web platform" status with thousands of 3rd party applications being built around an open API. How will businesses leverage this social networking phenomenon? Are we creating value with social networks in business or are we simply creating more distractions? Next Generation Search: Social Bookmarking and Tagging Tuesday, November 30 - 4:00 pm–4:00 pm Social bookmarking installations often go from good to great to overwhelming. Although social bookmarking offers a rich potential for discovery and connecting it requires analysis and understanding of what is hidden in the mass of shared contributions. This session will show how to manage and make sense out of this flood of information. Speaker - Thomas Vander Wal, InfoCloud Solutions, Inc.
Top of Page
Governance, Risk and Compliance
Conference Sessions Developing Metrics and Measures for Information Security Governance Tuesday, November 30 - 4:00 pm–4:00 pm Information security has become a critical issue within organizations, and a key success factor for businesses. In order to effectively maintain the integrity and security of an organization's information infrastructure effective security metrics and measures must be developed, implemented, and monitored. This presentation will discuss the concept of enterprise security metrics and measures and the concepts and topics that must be considered when developing, implementing, and monitoring them. These topics will include the identification of measurable points and activities, the development of meaningful metrics and measures, monitoring concepts, and reporting strategies. Case studies and scenarios will also be used to demonstrate operational scenarios for the benefits and challenges of this concept throughout the presentation. Speaker - John Pironti, Chief Information Risk Strategist, Getronics John P. Pironti is the Chief Information Risk Strategist at Getronics. He has designed and implemented enterprise wide electronic business solutions, information security programs, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, government, hospitality, aerospace and information technology. Mr. Pironti has a number of industry certifications including Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional and (ISSAP) and a Information Systems Security Management Professional (ISSMP). He is also a published author and writer, and a frequent speaker on electronic business and security topics at domestic and international industry conferences. The Business of Privacy Tuesday, November 30 - 4:00 pm–4:00 pm Information privacy has become a major policy, technology, and business operations issue for organizations large and small in the corporate, government, financial, healthcare, retail and other sectors. Compliance initiatives are not only complex, but can be very costly, cumbersome and confusing. As digital business communication continue to become more and more essential and ubiquitous, it is also contributing to a proliferation of personal customer data and information that organizations must protect. Clearly, corporations and technological developments haven't kept pace with data privacy needs. Information must be protected wherever it is collected, stored and used. This session will give audience members a 360-degree view of the privacy issues we face, and will inform audiences about how they can go beyond compliance to protect critical personal information while achieving greater business process efficiencies. Examples will be cited to illuminate key points. Speaker - Sathvik Krishnamurthy, President, Voltage Security Security Knowledge Management From the Inside Tuesday, November 30 - 4:00 pm–4:00 pm A current CISO with an industry leading information security program will share information on the implementation of a knowledge management process and capability that supports and enables core information security processes while also providing relevant artifacts for stakeholders, auditors and regulators. The knowledge management process achieves a reasonable balance between the due diligence security practices and the demonstration of due diligence for multiple stakeholders. The CISO will draw upon experience from two financial service firms that have implemented this process and improving their productivity by significantly reducing staff time allocated to the preparation and completion of audit and regulatory work requirements. The knowledge management framework is a combination of core processes, work flows and a repository of artifacts that leverages a vendor provided technology solution based on industry best practices along with custom developed applications. Speaker - Jim Routh, Chief Information Security Officer, Depository Trust Clearing Corporation A Security Risk Management Maturity Model Tuesday, November 30 - 4:00 pm–4:00 pm Over the years, there have been numerous advancements in IT security designed and built with the purpose of mitigating the emerging or newly identified attack vector. As the old Latin adage states "Mater Artium Necessitas" or as we more commonly refer to it "Necessity is the Mother of Invention". Do we as IT security professionals, the guardians of the corporate jewels, ever stop and holistically look at the ever growing hodge-podge of security solutions deployed in our environments and think, Has my security architecture been built on the Necessity is the Mother of Invention philosophy? Is there a better way to approach IT security? The good news there is! Speaker - Carl Banzhof, Vice President and Chief Technology Evangelist, McAfee Security By Compliance - A Discussion of Information Risk Management's Greatest Challenge Tuesday, November 30 - 4:00 pm–4:00 pm Compliance is top of mind in many organizations today when they think about information protection. This new level of consciousness has become a great benefit to information security professionals as well as their greatest nightmare. The leadership of many organizations are now falling into the trap of "Security by Compliance" which has created a false sense of security for them. They believe that if they meet their legal and regulatory compliance requirements the have fulfilled their requirements for information risk management and protection. This panel will discuss the challenge of taking advantage of the benefits created by new compliance requirements while also overcoming the challenge of this new operating procedure. Moderator - John Pironti, Chief Information Risk Strategist, Getronics John P. Pironti is the Chief Information Risk Strategist at Getronics. He has designed and implemented enterprise wide electronic business solutions, information security programs, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, government, hospitality, aerospace and information technology. Mr. Pironti has a number of industry certifications including Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional and (ISSAP) and a Information Systems Security Management Professional (ISSMP). He is also a published author and writer, and a frequent speaker on electronic business and security topics at domestic and international industry conferences.
Top of Page
Green IT
Conference Sessions "Green" Storage Tuesday, November 30 - 4:00 pm–4:00 pm The next few years will bring widespread awareness of the environments impacts (especially energy costs) associated with data storage. Already several regulations and initiatives (e.g. ROHS, WEEE, and Energy Star) affect manufacturers of storage components or computers. There are also some innovative storage technologies especially targeted towards energy conservation including MAID, along with the well-known alternatives of removable storage (tape and optical). Several vendors have also begun to offer data on power use, energy consumption and cooling loads in response to competitive pressures from other vendors and customers. Some vendors and consultants are offering energy modeling as part of their TCO analysis, either for competitive reasons or as part of their professional services portfolio. This presentation will quickly review basic engineering topics relevant to understanding "Green", including stuff you may have successfully avoided, such as environmental chemistry, thermodynamics, energy vs. power, and computational and storage density and the resulting energy and cooling issues. Conceptual models sufficient to understand or even develop energy budgets will be taught. All of this will converge on a basic model for TCO that includes energy modeling. This session has been brought to you by the SNIA Green Storage Initiative. Speaker - SW Worth, Senior Standards Program Manager, Microsoft Is Green About Ecology or Economy? Tuesday, November 30 - 4:00 pm–4:00 pm The Green Data Center sounds easier than it is. What are the various components of a green data center and how can companies make their existing data centers "greener"? What is the impact of green IT on the bottom line? Green is not just about the production of energy or the use of alternate sources. It is about energy strategies, energy efficiency, energy management and cost reduction. It's about sustainable computing and competitive advantage. It's about the bottom line as well as environmental responsibility and stewardship. Panelists will discuss strategies, technologies, challenges and case studies to help demystify green IT. Green PCs - Power Conservation is Not Just for Servers Tuesday, November 30 - 4:00 pm–4:00 pm Controlling power costs is a hot topic in the data center. However, most organizations have far more PCs than servers, and controlling power management policies across many PCs with different usage patterns is much harder than managing power usage in the highly centralized and controlled data center environment. In this session, you will learn about the challenges and solutions for managing PC power consumption, such us how to identify usage patterns, manage user expectations, control policies and report on your success to upper management. The ROI is substantial, and can be proven, as long as you have the right tools. This session will show you how to save money for your company through implementing a simple power management solution. Efficient and Green IT - A Cost Model Analysis Tuesday, November 30 - 4:00 pm–4:00 pm Energy efficiency and environmental responsibility sound good as PR initiatives. But can they be done in the context of a well justified TCO/ROI project for IT cost control? Nemertes Research president, Johna Till Johnson presents a cost model analysis based on real-world data from enterprise IT efficiency and energy metrics. Speaker - Johna Till Johnson, President and Senior Founding Partner, Nemertes Research
Top of Page
IT Security
Conference Sessions Security Vulnerabilities in VOIP Products and Standards Tuesday, November 30 - 4:00 pm–4:00 pm This session will examine vulnerabilities that have been demonstrated in VOIP and IPT telephony systems, as well as showing potential security issues in the SIP protocol. Virtual Reality: Understanding the Security and Compliance Implications of Server Virtualization Tuesday, November 30 - 4:00 pm–4:00 pm Server virtualization is hot! Whether your executives think Green or simply want to save some Green, everyone is deploying virtualization - the benefits are undeniable. As we embrace Virtualization, we must strategically approach Security and Compliance from the start. Virtualization introduces new attack surfaces and a swath of new availability risks. This brave new world also impacts how we approach Compliance, Governance, and Risk Management. Corman will explore best practices and real world successes in assuring virtualization benefits while mitigating new risks. Are you virtually secure? Or are you securely virtual? Speaker - Joshua Corman, Principal Security Strategist, IBM Internet Security Systems Preventing Data Leaks: How to Identify, Protect and Sustain Sensitive Data Concept: Data Leak Prevention Tuesday, November 30 - 4:00 pm–4:00 pm For security programs to be successful in 2008, executives must be able to consistently evaluate their organization's security performance, determine the highest "at risk" areas within the organization, and ensure that their most sensitive data remains protected. This includes: evaluating sensitive information, writing enforceable policies, implementing appropriate security mechanisms, educating employees on policies and compliance, and assessing and monitoring the security program once in place. Businesses who can find a way to securely share information and protect it from exploitation while complying with strictly enforced governmental regulations will emerge as leaders. This session will discuss the value of protecting sensitive content within an organization and study the steps required to plan, implement, deploy and sustain a solution to secure it. Speaker - Todd Graham, Chief Scientist, RSA, The Security Division of EMC Building Security into Your Software Development Lifecycle Tuesday, November 30 - 4:00 pm–4:00 pm In the beginning, software vendors thought that they could handle security vulnerabilities as they handle software bugs using their regular support process. Unfortunately, it's not so easy. Software security vulnerabilities are not like other software defects; they have a timeline and they are not simply triggered by random user events. Once attackers know how to exploit a vulnerability, they will actively attack until it is patched. This "window of vulnerability" has gotten smaller with auto-update and patch management solutions, but having a window of vulnerability at all is a problem. If you are not doing anything to reduce security flaws during your development cycle, you certainly have them in your software. In this presentation, Chris Wysopal will explain the steps that reduce security defects and how they will be beneficial to securing your code. Speaker - Chris Wysopal, Co-Founder and CTO, Veracode Fixing the Security Blind Spot: New Strategies to Monitor and Stop Insider Threats Tuesday, November 30 - 4:00 pm–4:00 pm According to a survey from the Computer Security Institute, 2007 marked the first year that insider threats topped external attacks as the most pressing security issue. Despite efforts to prevent these breaches, businesses remain shockingly vulnerable. Internal blind spots leave companies open to fraud, policy violations and theft of intellectual property. Security managers lack the real-time monitoring and policy enforcement tools to effectively see and manage end-user activity. What can security teams do? This session will discuss existing approaches and current constraints to preventing insider threats. Attendees will learn new strategies and techniques for minimizing their risks. Speaker - Paul Smith, CEO, Packet Motion Anatomy of a Malware Attack Tuesday, November 30 - 4:00 pm–4:00 pm Today the threat has changed. Hackers are no longer kids trying to create a name for themselves; they're professionals with a vast network and are capable of increasingly sophisticated and highly targeted attacks. In fact, many of today's attacks are so stealthy that the victims may not even realize their systems have been compromised for days, weeks or even months. So how do organizations address malware attacks as part of their overall risk management program? What steps can you take to ensure that your organization is not the next TJX or Ameritrade. This session will provide an overview of the attacks targeting the enterprise today and an insider's look into how a malware attack is executed and what tools are needed to respond effectively. The presentation will provide recent statistics on malware from the Kaspersky Anti-Virus Research Lab in Moscow and the specific business risks they represent. Key components of the presentation will include: risk analysis, virus dissection, and recommended mitigation frameworks. Speaker - Tom Bowers, Evangelist, Kaspersky Lab What About the Endpoint? A Discussion of Endpoint Security Concepts and Trends Tuesday, November 30 - 4:00 pm–4:00 pm The attack community has begun to shift gears and focus more on the endpoint and less on the network and supporting infrastructure that the endpoint relies upon. This new level of attention has already resulted in numerous attacks using spyware tools, Trojan horse applications, keystroke loggers, and other malicious software that is being installed without the knowledge of the users and under the radar screen of current endpoint protection techniques. This session will discuss the key concepts that need to be considered when choosing an endpoint security solution and highlight some of the capabilities that exist in the market today for endpoint security solutions. Moderator - John Pironti, Chief Information Risk Strategist, Getronics John P. Pironti is the Chief Information Risk Strategist at Getronics. He has designed and implemented enterprise wide electronic business solutions, information security programs, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, government, hospitality, aerospace and information technology. Mr. Pironti has a number of industry certifications including Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional and (ISSAP) and a Information Systems Security Management Professional (ISSMP). He is also a published author and writer, and a frequent speaker on electronic business and security topics at domestic and international industry conferences. NAC, NAC, What's There? Tuesday, November 30 - 4:00 pm–4:00 pm Network access control has been offered as the Swiss army knife of IT security solutions. It has promised to provide authentication, policy enforcement, identity and access management, ongoing security for the life of a connection, seamless usage in any network that is NAC enabled, and many other capabilities. If NAC is the answer then what is the right question to ask? This session will provide a realistic perspective on what NAC can and cannot provide in regards to information security. Concepts that will be discussed will include an update on vendor interoperability and standards, case studies of successful and not so successful implementations, an overview of what NAC truly can and cannot provide, discussion of requirements (both network and application), and what the future holds for NAC.
Top of Page
Networking and Services
Conference Sessions Implementing Policy and Control Tuesday, November 30 - 4:00 pm–4:00 pm There is general agreement that IT organizations need to implement control functions in the IT infrastructure in order to both improve application performance and to provide enhanced security. There is also general agreement that IT organizations require the capability to set policy in an automated fashion. There is, however, wide disagreement as to what type of control functions need to be implemented, where they need to be implemented, and just how automated and granular the policy capabilities need to be. This session will explore those issues and position the attendees to develop an effective strategy for implementing policy and control. Is There Anything New to Say About the WAN? Tuesday, November 30 - 4:00 pm–4:00 pm In the 1980s, IT organizations began to deploy TDM-based WANs. In the 1990s, many IT organizations migrated their WANs first to Frame Relay and then to ATM. In this decade, many IT organizations have migrated to MPLS based networks. However, there is very little buzz in the industry about a technology that is the successor to MPLS. In this session the panelists will address the question of whether or not there are any fundamental changes coming to WAN services or are today's MPLS services the end of the line for at least the foreseeable future? How Networks Can Assist Applications Tuesday, November 30 - 4:00 pm–4:00 pm Historically the way that networks have assisted applications was by providing sufficient bandwidth. However, recently vendors have started to integrate functionality such as SSL processing and WAN optimization into network devices. Now we are beginning to see a movement to provide APIs directly to the switch's and router's operating systems and to also run portions of an application directly on switches and routers. The panelists on this session will discuss the spectrum of functionality that is being integrated into network devices as well as the pros and cons of doing so. Do Applications Require a Next Generation LAN Design? Tuesday, November 30 - 4:00 pm–4:00 pm As recently as a decade ago, the majority of LANs were based on shared media. Today, they are based on switching and are designed for two key parameters: speed and availability. However, there is a growing interest in implementing more services, such as security, in LAN switches. This session will help IT organizations determine what functionality belongs in each class of LAN switch. To achieve that goal, this session will look at how the functionality that gets deployed in access and backbone switches either enables or inhibits IT organizations from being able to easily support key initiatives such as mobility and unified communications. Managing Virtualization Tuesday, November 30 - 4:00 pm–4:00 pm If you believe the articles in the trade magazines, it seems like all of the physical components of IT (i.e., desktops, networks, servers, firewalls, storage, application front ends, etc.) are being virtualized. The promised benefits of virtualization are compelling. However, there is just one problem: How can IT organizations that are currently struggling to manage their physical assets start to manage all of those virtual assets? The panelists on this session will detail what capabilities exist today to manage virtualized resources and will identify what new functionality you can expect to see over the next year. IT Roundtable Tuesday, November 30 - 4:00 pm–4:00 pm This session will be a roundtable discussion with senior IT professionals (Director through CIO) to discuss the current status of the IT function - at 100 Kft, what are the key challenges and opportunities facing IT organizations today.
Top of Page
SOA
Conference Sessions SOA - Hype or Happening Tuesday, November 30 - 4:00 pm–4:00 pm What is SOA? Is it really happening or is it just vendor hype? Are we witnessing a revolution in software design, integration and interoperability? For many, SOA sounds suspiciously familiar, evoking the same over-promised vendor-hype of previous failed integration attempts such as CORBA. Is SOA more than web-services? And are companies really deploying service-oriented architectures, or are they just using the word as a shorthand for SOAP interfaces and a bit of ESB? Panelists will debate the hype vs. reality of SOA in today's enterprise.
Top of Page
SaaS
Conference Sessions SaaS: Best Practices and Pitfalls Tuesday, November 30 - 4:00 pm–4:00 pm Software-as-a-Service applications are often cheaper, more reliable and better performing than their in-house alternatives. Many SaaS firms started as Application Service Providers relegated to niche applications like payroll, and sold to small businesses unable to run their own infrastructure. Today big business depends on heavyweights like Salesforce.com, ADP, Taleo, RightNow and Netsuite for mission-critical parts of their business. But embracing SaaS can be a challenge. IT managers are giving up control and visibility. There may be privacy and regulatory issues. Reporting and enforcing service levels is difficult and different. Using real-world examples from some of the largest SaaS firms in operation today this session looks at the best practices - and common pitfalls- of moving significant business processes to a SaaS model." Compliance, Regulation, and On-Demand Applications Tuesday, November 30 - 4:00 pm–4:00 pm Modern business is heavily regulated, from hiring and staffing guidelines to compliance to financial tracking. An emerging benefit of SaaS models is that the SaaS provider has already passed the audit. This session looks at compliance and regulation in the context of on-demand applications, revealing some of the benefits - and risks - of outsourcing business processes to a SaaS provider. SMB SaaS: Levelling the Playing Field Tuesday, November 30 - 4:00 pm–4:00 pm SaaS puts small startups on the same footing as their larger competitors. At first, so-called ""small business" SaaS firms found that enterprise teams were their early adopters. But a new wave of simple, easy-to-use SaaS tools tied into the way smaller companies do business is changing this. This panel looks at the next generation of SaaS for SMB and how it's undermining the IT advantage of larger firms." Moderator - Alistair Croll, Principal Analyst, BitCurrent Alistair is a senior analyst at research firm Bitcurrent, covering emerging web technologies, networking, and online applications. Prior to Bitcurrent, Alistair co-founded Coradiant, a leader in online user monitoring, as well as research firm Networkshop. He has held product management positions with 3Com Corporation, Primary Access, and Eicon Technology. Alistair contributes to industry events such as Interop and Web2Expo, and writes for a variety of online publications including GigaOm. He is the author of numerous articles on Internet performance and security, and co-author of Managing Bandwidth: Deploying QOS in Enterprise Applications from Prentice-Hall. Speaker - Bill Lucchini, VP and GM , Intuit Quickbase Speaker - Mike McDerment, CEO, Fresbooks SaaS Chaos: Managing the Islands Tuesday, November 30 - 4:00 pm–4:00 pm Even small organizations have dozens of SaaS relationships. With new portals and tools being launched every day, and more and more employees using them, the SaaS explosion is a recipe for disaster. This session looks at the challenges of running multiple SaaS portals across an organization, from reporting and management to single-sign-on and administration." Moderator - Alistair Croll, Principal Analyst, BitCurrent Alistair is a senior analyst at research firm Bitcurrent, covering emerging web technologies, networking, and online applications. Prior to Bitcurrent, Alistair co-founded Coradiant, a leader in online user monitoring, as well as research firm Networkshop. He has held product management positions with 3Com Corporation, Primary Access, and Eicon Technology. Alistair contributes to industry events such as Interop and Web2Expo, and writes for a variety of online publications including GigaOm. He is the author of numerous articles on Internet performance and security, and co-author of Managing Bandwidth: Deploying QOS in Enterprise Applications from Prentice-Hall. Using SaaS to Make Good Products Great Tuesday, November 30 - 4:00 pm–4:00 pm On-demand applications can make a good product great. By tying an online software component to a real-world product, innovative companies are giving themselves an edge in the marketplace. This panel looks at the opportunities that SaaS offers makers of traditional products, what works, and what doesn't. Moderator - Alistair Croll, Principal Analyst, BitCurrent Alistair is a senior analyst at research firm Bitcurrent, covering emerging web technologies, networking, and online applications. Prior to Bitcurrent, Alistair co-founded Coradiant, a leader in online user monitoring, as well as research firm Networkshop. He has held product management positions with 3Com Corporation, Primary Access, and Eicon Technology. Alistair contributes to industry events such as Interop and Web2Expo, and writes for a variety of online publications including GigaOm. He is the author of numerous articles on Internet performance and security, and co-author of Managing Bandwidth: Deploying QOS in Enterprise Applications from Prentice-Hall. Platform-as-a-Service: Building Business Processes in the Cloud Tuesday, November 30 - 4:00 pm–4:00 pm Cloud computing is often referred to as hardware-as-a-service, with the openness and complexity that implies. At the other end of the spectrum, SaaS doesn't offer much room for customization. But there's a middle ground, where providers offer an on-demand platform, often with its own coding and conventions. This class looks at how companies can build custom applications that run in the cloud, letting the platform provider worry about operations and data integration.
Top of Page
Storage
Conference Sessions Identifying and Eliminating Backup System Bottlenecks Tuesday, November 30 - 4:00 pm–4:00 pm This session reveals the obvious and not-so-obvious bottlenecks found in enterprise backup systems and offers practical examples for applying technologies to achieve one's performance objectives. The goal of this session is to illustrate how one can take an existing backup system to the next level by integrating cutting edge technologies and low-cost disk. We start with the assumption that the end user has made a sizable investment in the enterprise backup system and is looking for a road map for affordable growth in both performance and capacity. We also assume that tape is here to stay (at least for now) and that the ultimate goal is to get data onto tape for off-site removal. Topics include: accelerating LAN-based backups, achieving maximum performance from tape, disk staging with ordinary disk, capacity optimized backup devices (de-duplication), block-level differencing, removable disk media, and virtual tape. This session has been brought to you by SNIA. A Crash Course in Data Replication Tuesday, November 30 - 4:00 pm–4:00 pm Replicating data over a WAN sounds pretty straight-forward, but it turns out that there are literally dozens of different approaches, each with it's own pros and cons. Which approach is the best? Well, that depends on a wide variety of factors! This class is a fast-paced crash course in the various ways in which data can be replicated, and the pros and cons of each major approach. We trace the data path from applications to disk drives and examine all of the points along the way wherein replication logic can be inserted. We look at host based replication (application, database, file system, volume level, and hybrids), SAN replication (disk arrays, virtualization appliances, caching appliances, and storage switches), and backup system replication (block level incremental backup, CDP, and de-duplication). This class is not only the fastest way to understand replication technology it also serves as a foundation for understanding the latest storage virtualization techniques. Storage Virtualization: What, Why, Where and How Tuesday, November 30 - 4:00 pm–4:00 pm Storage Virtualization is one of the buzzwords in the industry, especially with the increased acceptance of Storage Networks. But besides all hype, there is a lot of confusion too. Companies are using the term virtualization and its characteristics in various and different forms. This session describes the reasons and benefits of virtualization in a technical and neutral way. The audience will understand the various terms and will receive a clear picture of the different virtualization approaches. Links to the SNIA Shared Storage Model and the usage of the new SNIA Storage Virtualization Taxonomy will help to achieve this goal. This session is intended for IT Managers, Storage and System Administrators who have responsibilities for IT infrastructures and storage management tasks. This session has been brought to you by SNIA. "Green" Storage Tuesday, November 30 - 4:00 pm–4:00 pm The next few years will bring widespread awareness of the environments impacts (especially energy costs) associated with data storage. Already several regulations and initiatives (e.g. ROHS, WEEE, and Energy Star) affect manufacturers of storage components or computers. There are also some innovative storage technologies especially targeted towards energy conservation including MAID, along with the well-known alternatives of removable storage (tape and optical). Several vendors have also begun to offer data on power use, energy consumption and cooling loads in response to competitive pressures from other vendors and customers. Some vendors and consultants are offering energy modeling as part of their TCO analysis, either for competitive reasons or as part of their professional services portfolio. This presentation will quickly review basic engineering topics relevant to understanding "Green", including stuff you may have successfully avoided, such as environmental chemistry, thermodynamics, energy vs. power, and computational and storage density and the resulting energy and cooling issues. Conceptual models sufficient to understand or even develop energy budgets will be taught. All of this will converge on a basic model for TCO that includes energy modeling. This session has been brought to you by the SNIA Green Storage Initiative. Speaker - SW Worth, Senior Standards Program Manager, Microsoft How to be a ROBO Cop: Reducing Business Risk with Remote Recovery Management Tuesday, November 30 - 4:00 pm–4:00 pm As companies continue to decentralize, more and more employees are working from remote offices and branch offices (ROBOs) so they can be closer to their customers. Because of this trend, as much as 70% of critical business data now reside outside the corporate data center. To realize the benefits of a remote workforce while minimizing the risk, organizations need to implement recovery management practices that centralize management of ROBO backup and disaster recovery. Only by integrating high-performance backup, replication, failover, CDP, high availability and automated DR testing can today's geographically distributed enterprises cost-effectively access, consolidate and distribute data to and from the corporate office and remote locations. Learn how to use the right combination of recovery management technologies to help diminish ROBO risks, get control of ROBO data, reduce costs, improve scalability, protect distributed intellectual property and mitigate business impact by maintaining high availability and recoverability of ROBO information.
Top of Page
Virtualization
Conference Sessions Virtual Reality: Understanding the Security and Compliance Implications of Server Virtualization Tuesday, November 30 - 4:00 pm–4:00 pm Server virtualization is hot! Whether your executives think Green or simply want to save some Green, everyone is deploying virtualization - the benefits are undeniable. As we embrace Virtualization, we must strategically approach Security and Compliance from the start. Virtualization introduces new attack surfaces and a swath of new availability risks. This brave new world also impacts how we approach Compliance, Governance, and Risk Management. Corman will explore best practices and real world successes in assuring virtualization benefits while mitigating new risks. Are you virtually secure? Or are you securely virtual? Speaker - Joshua Corman, Principal Security Strategist, IBM Internet Security Systems Virtualization Technology Primer Tuesday, November 30 - 4:00 pm–4:00 pm Feeling bewildered by a slew of new acronyms, technologies and concepts describing virtualization? Need a high-level overview of what virtualization means to you and your business? Do you want to get your arms around server virtualization, hypervisors, paravirtualization, OS virtualization, hardware assists, virtual desktop architectures, application streaming and isolation, and more? This is the session for you. Microsoft Virtualization and Hyper-V - User Experiences Tuesday, November 30 - 4:00 pm–4:00 pm With the release of Hyper-V in fall 2008, Microsoft is delivering a critical component of its overall virtualization strategy. Joining the ranks of the VMware and Xen hypervisors, Hyper-V is now part of Microsoft's next-generation server operating system Windows Server 2008, integrating it with the Systems Center management tools. Learn about Hyper-V and Windows Server 2008, and hear the experiences of early users to help you understand whether, where and how to take advantage of this new virtualization technology in your Windows shop. When, Why and How to Move to a Virtual Desktop Architecture (VDA) Tuesday, November 30 - 4:00 pm–4:00 pm With the successful implementation of server virtualization, virtual desktops are now becoming the next bit wave. IT shops are looking at how virtualization technologies and their many benefits can be extended to the desktop. Learn about different architectures for delivering virtual desktops and how to implement a successful move to virtual desktop computing. Server-Based Computing and Virtual Desktops - Old Meets New - Getting the Best of Both? Tuesday, November 30 - 4:00 pm–4:00 pm The concept of server-based computing is now new - published applications have been running in production for years on Windows Terminal Services and/or Citrix Presentation Server (now called XenApp), and are today used in over 200,000 IT shops. This architecture has been the mainstay of call centers and users working occasionally from home. Now the ability to deliver a complete virtual desktop offers new possibilities to extend this virtual model to a whole new wave of users. But how do you evaluate which technologies best fit which types of users? And how can you best use each of these technologies, with the best and most seamless user experience, along with the best management tools across the user base? Learn about how the lines are blurring across these technologies and how to take best advantage of one or both to fit the use cases in play within your organization. The Business Case for Virtualization Tuesday, November 30 - 4:00 pm–4:00 pm One of the reasons that virtualization has gained so much traction is that it brings very compelling business and financial benefits. Whether you are just starting to evaluate server virtualization or have completed your server consolidation and are evaluating virtual desktops, building a business case for your next phase can help you get the investment dollars you need to move forward. This session will give you the information you need to begin to build that business case and help your management understand why virtualization is the foundation needed to move your IT shop into the future.
Top of Page
VoIP and Unified Communications
Conference Sessions Security Vulnerabilities in VOIP Products and Standards Tuesday, November 30 - 4:00 pm–4:00 pm This session will examine vulnerabilities that have been demonstrated in VOIP and IPT telephony systems, as well as showing potential security issues in the SIP protocol. The Future of the Voice Endpoint: Telephones, Softphones and Mobiles Tuesday, November 30 - 4:00 pm–4:00 pm What is driving enterprises to deploy PC- and PDA-based softphones today, and what are the prospects for these mobile and/or converged devices eliminating the need to buy single-function desktop telephones? What are the arguments for and against eliminating the desk phone, at least for knowledge workers? Troubleshooting Converged Networks Tuesday, November 30 - 4:00 pm–4:00 pm As IP telephony deployments scale up from the pilot stage to enterprise-wide implementations, it becomes more challenging to manage them and keep them running. This session helps the audience understand common sources of problems, and how to detect and fix them. Introduction to Unified Communications Tuesday, November 30 - 4:00 pm–4:00 pm This session explains the basic concepts of Unified Communications, including communications enabled business processes; multimedia col