dcc june regular issue

UpcountryGoing

June 2010Vol 2 Issue 14 | A 9.9 Media Publication

Securing the cloud to make it more trustworthy 8

Trusting the CloudHow it can make an organisation really smart Page 24

Milind Tamhane of Digilink talks about global branding and expansion Page 10

global ambitionsBusiness Intelligence

Having established their presence in the metros, most vendors have turned their focus towards small cities and areexperiencing enormousgrowth opportunities

DIGIT CHANNEL CONNECT 2 JuNE 2010

editorial

Vendors’ efforts to expand

into non-metros are paying off, but there’s still huge untapped potential

Q uick question: How many small and medium businesses are there in India? Quick question 2: How many of them are

located in the metros?While there’s no general agreement on the

answer to the first question (estimates range from a hundred thousand to several million), most people would not hesitate to say that the majority of SMBs are based in tier 2 and 3 towns.

Three to five years back, many vendors in the IT industry in India – like their counterparts in other segments – set out to expand their footprint beyond these six cities: Delhi, Mumbai, Chennai, Kolkata, Bengaluru and Hyderabad. What they did was open more branch offices, sign up more distributors and dealers, roll out multi-city roadshows and improve post-sales support.

With the large cities getting increasingly saturated in terms of their ability to consume technology, the common wisdom was that if India was to continue on its growth path, the next level of consumption surge would have to come from next-tier towns. Come to think of it: besides the six metros, there are close to 50 other cities in India with populations crossing or nudging one million. That’s a hell of a lot of consumers by any yardstick. And when you consider the all-round development happening in these towns – real estate, infrastructure, automo-biles, education, etc – it’s only a matter of time that IT gets its rightful place as a high-consumption item.

Small Town is Big Business

[email protected]

Write to the EditorE-mail:[email protected]

Snail Mail: The Editor, Digit Channel Connect, B-118, Sector 2, Noida 201301

sounding boardsounding board

n Puneet Datta, Assistant Director – Marketing, BIS Division, Canon India: “In a cou-ple of years, B, C and D-class cities will become a focus and integral part of market penetration plan of most companies. There is a lot more to be done in this area by vendors. A major investment on part of the vendors is to provide training facility in smaller towns.”

n Rajesh Goenka, VP – Sales & Marketing, Rashi Peripherals: “Quantity comes from metro and quality from non-metro. While the metro pie is still pretty big, busi-ness in smaller towns is also growing at a rapid pace. In fact, today, Rashi has 54 branches all across the country and our focus is increasing in tier 2 and 3 cities. Also, the trend of using high-end technology (for example, wireless) is picking up in non-metros as well.”

n Ravi Bharadwaj, General Manager - SMB, Dell India: “Dell has over the years worked actively and closely with partners to expand presence in tier 2 and 3 towns. Our PartnerDirect channel programme helps us cover about 200 such towns.”

SANJAY GUPTAEditorDigit Channel Connect

As a matter of fact, that time is ripe. According to a recent Ernst & Young report tracking the growth of small-town India, the share of consumption in non-metro cities has increased significantly over the past two years and is now more than 70%.

However, there’s still huge untapped potential that exists for IT consumption in non-metros. While consumers are enthusiastic, most local businesses continue to shy away from investing in technology. Their reluctance results from a mix of the complex nature of technology, lack of localised applica-tions and (often) poor tech support. There have been efforts to improve the situation by the likes of Microsoft and Intel on these counts, but there’s still a long way to go – many millions of businesses are yet to buy their first computer.

Will you be there to lend a helping hand?

UpcountryGoing

June 2010Vol 2 Issue 14 | A 9.9 Media Publication

Securing the cloud to make it more trustworthy PAGE 18

Trusting the CloudHow it can make an organisation really smart PAGE 24

Milind Tamhane of Digilink talks about global branding and expansion PAGE 10

Global AmbitionsBusiness Intelligence

Having established their presence in the metros, most vendors have turned their focus towards small cities and areexperiencing enormousgrowth opportunities


contents

14

18

10

8 Streamlining Support

Milind Tamhane of Digilink talks about global branding and expansion

Having established their presence in the metros, most vendors have turned their focus on small cities and are experiencing enormous growth opportunities

a d v e r t i s e r s i n d e xSamsung .....................................................................IFCIBM ........................................................................... IBCEMC ........................................................................... BCRashi Peripherals ............................................................1Compuage .....................................................................3K 7 Computing ...............................................................5iBall .........................................................................7, 33Fenda.............................................................................9Gigabyte ......................................................................11Epson ..........................................................................17Supertron .....................................................................21Quick Heal ...................................................................25Cubix ...........................................................................27Abacus.........................................................................29India Anti-Virus ............................................................31Consumermate .............................................................35

Editorial ......................................................... 02trENdS ............................................................. 30applicatioN maNagEmENt.... ........................ 12BESt of Biz.... .................................................. 28NEtworkiNg.... ................................................ 23

otherS

cover design: anil t

Managing Director: Dr Pramath Raj SinhaPrinter & Publisher: Kanak Ghosh

EditorialEditor: Sanjay GuptaCopy Editor: Akshay KapoorSr. Correspondents: Charu Khera (Delhi), Soma Tah (Mumbai) dEsignSr. Creative Director: Jayan K NarayananArt Director: Binesh SreedharanAssociate Art Director: Anil VKManager Design: Chander ShekharSr. Visualisers: PC Anoop, Santosh KushwahaSr. Designers: Prasanth TR & Anil TPhotographer: Jiten Gandhi

Brand CommuniCationProduct Manager: Ankur Agarwal

salEs & markEtingVP Sales & Marketing: Navin Chand SinghNational Manager - Events and Special Projects: Mahantesh Godi (09880436623)Business Manager (Engagement Platforms) Arvind Ambo (09819904050)National Manager - Channels: Krishnadas Kurup (09322971866)Asst. Brand Manager: Arpita GanguliBangalore & Chennai: Vinodh K (09740714817)Delhi: Pranav Saran (09312685289)Kolkata: Jayanta Bhattacharya (09331829284)Mumbai: Sachin Mhashilkar (09920348755)

ProduCtion & logistiCsSr. GM Operations: Shivshankar M HiremathProduction Executive: Vilas MhatreLogistics: MP Singh, Mohd. Ansari, Shashi Shekhar Singh

ChannEl ChamPsSr Co-ordinator - Events: Rakesh SequeiraEvents Executives: Pramod Jadhav, Johnson NoronhaAudience Dev. Executive: Aparna Bobhate, Shilpa Surve

oFFiCE addrEss

Nine Dot Nine Interactive Pvt Ltd., KPT House, Plot 41/13, Sector 30, Vashi, Navi Mumbai - 400 703 Phone: 40789666 Fax: 022-40789540, 022-40789640

Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd.C/O KPT House, Plot 41/13, Sector 30, Vashi (Near Sanpada Railway Station), Navi Mumbai 400703

Editor: Anuradha Das MathurC/O KPT House, Plot 41/13, Sector 30, Vashi (Near Sanpada Railway Station), Navi Mumbai 400703

Printed at Silverpoint Press Pvt. Ltd, TTC Ind. Area, Plot No. : A - 403, MIDC,Mahape, Navi Mumbai - 400709

Vol 02 issue 14 | June 2010

24

Before enterprises can make more innovative use of clouds, security technologies, standards and interoperability must be improved

global ambitionS

Subbaram Gowra of Gowra Bits & Bytes on his company’s warranty management solution

get Smart with biBusiness Intelligence solutions can help an organisation improve its productivity, quality, cus-tomer service levels and profitability

making the Cloud truStworthy

UpcountryGoing

security Data Backup


Over the past few years, the all enduring enterprise organi-sation has gone through many changes, constantly

transforming the technology landscape. The pace accelerated and continues to throw at us new discoveries and break-throughs. Consumerization of IT is one of the most radical and critical of changes, gradually changing employee expecta-tions of technology at the workplace. Information is accessible at all times, both for personal as well as official use.

But, do you know who has access to your confidential information? What would happen if one of your employees left his laptop in a taxi? When was the last time you backed up your data? What if a natural disaster struck and all the data was lost? Grim scenario, but it is very close to reality.

For a small to mid-sized company, the situation is even more alarming as there is a large discrep-ancy between how SMBs perceive their disaster readiness and their actual level of preparedness. A recent survey suggests that SMB downtime costs their customers tens of thousands of rupees each year. As a result, SMBs can - and often do - lose business as a direct result of being unpre-pared for disasters.

It is necessary for SMBs to more effec-tively respond to the challenge of effi-ciently storing, managing and protecting increasing amounts of business-critical data, and the best approach for them to integrate their backup environments is the one that efficiently meets the needs

of the specific environment.Personal information and company

data is valuable and it is a scary scenario to even think that your most vital infor-mation could become your greatest loss in a matter of seconds. For a SMB, the challenge is greater trying to effectively manage information growth and at the same time trying to keep up with the latest technologies to protect its informa-tion, both internally and externally. As a small or mid-sized business, reputation, relationships and time are critical to success and downtime, or lost informa-tion can cause irreparable damage.

Problem areasBut, despite acknowledging the fact that at least 40 percent of company data would be lost if computing systems were wiped out in a fire, the average SMB in India backs up less than 50 percent of company and customer data and out of that, only 23 percent back up on a daily basis and

It is necessary for SMBs to more effectively respond to the challenge of effi-ciently storing, managing and protecting increasing amounts of busi-ness-critical dataVineet Sood

40 percent backup in a month or less. The startling fact remains that though SMBs are well aware about outages and their impact, it hasn’t materialized into their preparedness, as practices indicate that this confidence is unwarranted. The aver-age SMB has experienced three outages within the past 12 months, with the lead-ing causes being virus or hacker attacks, power outages or natural disasters. It is not surprising that cost has been cited as the biggest barrier to adequate protection by SMBs.

Growing storage costs are commonly blamed on the avalanche of informa-tion that needs to be secured, managed and retained. However, backup need not be costly and in a large number of cases, SMBs are not using the storage resources they have efficiently, which leads to unnecessary spiralling costs. The average SMB manages four or more different methods for backing up and storing information. It is no wonder they are so reluctant to perform backups more frequently.

The way outTo protect their data effectively and quickly, SMBs need a simple but powerful backup system that can automate back-ups at a reasonable cost. With simplified data protection approach, SMBs can reduce the complexity, save time and increase reliability and availability, all at the same time. A good solution will also help them to better use their storage resources to further reduce the cost of protecting information.

Every day, mission-critical data must not only remain safe, but must be acces-sible to the right people at the right time. Budgets must be met, whilst produc-tivity levels are maintained or even improved. What’s more, compliance with regulatory requirements for the proper handling of sensitive data must be achieved and verified, and the exist-ing resources should be optimised.

For SMBs, money and staff time are at a premium, and there will always be something more pressing to do than manage backups. However, as data volumes increases, so does the risk to a company’s bottom line if that data isn’t protected. SMBs should look for solutions that offer simplified management, the ability to scale as their business grows, and make the most of their current investments to ensure that backup cost does not surge.n

Vineet Sood is Head, Channel and Alliance, Symantec India

backingWho’s

you up?

To protect their data

effectively and quickly, SMBs need a simple but powerful

backup system that can

automate backups at a reasonable

cost.

Vineet Sood

With sim-plified data protection approach, SMBs can reduce the complex-

ity, save time and increase

reliability and availability, all

at the same time.

channel Q&A


DCC: Can you walk us through your professional journey?

I started Gowra Bits & Bytes as a retailing company way back in 2000. We moved on to the redistribution of components by 2004. But soon after, we thought that it was the time to transform; hence we partnered with IBM, which had very few partners during those days and we have been associated with them since then as a loyal end-to-end system integration company.

Though challenges are always a part of any industry, but the channel fraternity is a very dynamic one and to be a part of the same, one has to be futuristic to succeed. But it feels good to experiment with new things and be different than others.

DCC: How many vendors/brands are you currently dealing with?

IBM, Microsoft and Lenovo are the vendors we are directly associated with currently. Pharma-manufacturing/R&D, hospitality, healthcare and tele-com are the segments that are most profitable for our company.

DCC: How do you look at the future for the company’s operations? What are your investment and expansion plans?

We currently are an end-to-end system integration company, but there are a lot of things planned as part of our future roadmap, like consulting and services to name a few. Retail and geographical expansion is also on cards in the near future.

“We’ll help SIs/VARs StReAmlIne theIR buSIneSS pRoceSS WIth eSuppoRt”

With eSupport, we would be able to

help SIs/VARs streamline their entire business process without

much of tweaking.

We are targeting SIs/VARs who use CRM/legacy

solutions, which do not provide them full view of their after-

sales processes.

eSupport is a great retention mechanism as the market is full of action

and one has to be attentive.

DCC: Can you please brief us about some of your key achievements?

We have recently been awarded the Microsoft Gold Partnership 2010 and have also won Channel World Top-100 reseller recognition consecutively for the second year (2009 and 2010). In the past, we have also been awarded the Best Upcountry Partner award for South for IBM/Lenovo (2008).

Recently, we have launched a support management solution called eSupport, which is a first of its kind software warranty management solu-tion for System Integrators (SIs) and Value Added Resellers (VARs).

DCC: Can you throw some light on eSupport?

eSupport has four key modules - lead management, through which one can manage customer leads, lead owners and could see a graphical view of the entire lead statistics every quarter, month or year end. Then, there is call management module, which would enable the support coordinator to load every post-sale call that gets regis-tered and every call can be tracked by management. The third is warranty management module. One can moni-tor every post-sale call within or out of warranty, can have a dashboard view of all the support staff and get the status of pending as well as completed calls. The last module is AMC Tracking, through which one can track all ‘out of warranty’ assets and can also send AMC proposals respectively; thereby

getting repeat revenue out of the same customer base.

This is based on client-server archi-tecture priced at Rs 49,990 plus taxes (unlimited licenses) and we would soon be launching its web-based version, but the pricing would be higher than the earlier version.

DCC: What would be your target verticals for eSupport & what’s your say on the competition?

We are targeting SIs/VARs who use CRM/legacy solutions, which do not provide them full view of their after-sales processes. Moreover, eSupport is a great retention mechanism as the market is full of action and one has to be attentive.

Being a community member, we ourselves face similar challenges, which an SI/VAR would face and it was on demand developed in-house and once we achieved best practices, we thought we could take this to our community members also.

In a nut-shell, with eSupport, we would be able to help SIs/VARs stream-line their entire business process with-out much of tweaking, which happens in respect to CRM, as they are not engineered for our industry, targeting companies that focus highly on provid-ing efficient after-sales services.

As of now, we would not market eSupport through resellers and distrib-utors, rather we plan to sell it directly in the Indian market.n

[email protected]

– Subbaram Gowra, Managing Partner, Gowra Bits & Bytes

Subbaram Gowra, Managing Partner of Secunderabad-based Gowra Bits & Bytes shares with Charu Khera the company’s future plans and details on its software warranty management solution for SIs and VARs.

vendor speak


DCC: Which category of structured cables are currently the hottest in India and why?

Cat6 has now become the industry standard. For fibre media, both single-mode and multimode 50-micron fibre are equally popular. The reasons are obvious: these media are cost-effective and yielding speeds support all upcom-ing technologies.

DCC: In your experience, which vertical segments are driving the demand for cabling solutions? How have these segments evolved lately?

One has to consider two aspects: First, newer verticals embracing struc-tured cabling as essential services; second, structured cabling itself has now got broadened and re-christened as Information Transportation System (ITS), which means even the design and usage of media like infrared, Wi-Fi and WiMax is now within the purview of ITS services.

While we have planned residential projects, townships and commercial complexes as big new drivers, we also have educational institutes like schools considering ITS deployments as a must. Financial institutions are now spreading their wings in C-class cities and rural areas – which is yet another new vertical.

DCC: Digilink currently has about 18% share in the structured cabling market in India as per IDC. What is your target for the year 2010 and what will be your top priorities?

Yes, Digilink ranks no. 2 in the SCS category and enjoys a market share

“We are looking to make Digilink a global branD”

There has been a considerable

gap in the demand and supply for

trained system integrators/IT solution

providers. The technology changes at

a rapid pace and so do the standards. We

at Digilink have been

encouraging partners to get more and more people trained.

The top three priorities for

Digilink are to strengthen our market share in the enterprise

segment in India, promote

the DigiLink brand in SAARC and the Middle East, and ensure

high brand visibility.

of 18%. This year we will be primar-ily focusing on the following verticals - government (PSU), education, BFSI and healthcare.

The top three priorities for Digilink are to strengthen our market share in the enterprise segment in India, promote the Digilink brand in SAARC and the Middle East, and ensure high brand visibility.

DCC: What partner skills are lacking in realising the full potential of structured cabling?

There has been a considerable gap in the demand and supply for trained system integrators/IT solution providers. The technology changes at a rapid pace and so do the standards. We at Digilink have been encouraging partners to get more and more people trained in DCCE (Digilink Certified Cabling Engineer) courses. We also have corporate trainings for important clients at their premises and there are upgraded courses as well.

DCC: Are you looking at expanding your partner base for any of your product lines?

At present, we are looking to make Digilink a global brand. We already have a good channel distribution network in countries like Sri Lanka, UAE and Bangladesh. Furthermore, we will look into capturing other global markets.

DCC: What are the key challenges you think your partners face when they go out in the market? How are these different from those for active networking products?

Most of the end users still would consider cost as their primary consider-ation despite the fact that small compro-mise on performance of the physical layer will jeopardise the entire network in long run. Our partners have this as the challenge in convincing the end users.

DCC: Do you think the structured cabling segment suffers from lack of ample differentiation among different brands, thereby limiting partners’ ability to convince customers to go for a particular one?

The answer is yes and no. Yes, because superficially, there can be a hoard of brands equating their products with genuine products; however, a deeper analysis yields vast differentiations.

DCC: Can you please share some of your key partner initiatives this year?

Our Empower Partner Programme has shown great results. Now we aim to build up on the programme by launch-ing schemes for registered partners. One of the highlights of the programme is training on the latest technology in the ITS industry, which is provided to the partners along with demonstrations of products. We have just completed a 45-city road show, FITS 09, in which these training sessions were conducted.

We have just launch a channel reward programme, Zip Zap Zoom 3. The programme is designed for Digilink VARs and SIs and will run from March 1 to June 30, 2010. This scheme is available through authorised Digilink distributors and Empower resellers. n

– Milind Tamhane, Vice President - ITS Sales, Digilink

Already the no. 2 structured cabling brand in India, Digilink is setting its sights on overseas markets. Tamhane shares with Sanjay Gupta the company’s plans for 2010, the piping hot segments in structured cabling and the channel challenges

managed services Application Management


Over the past decade, it has been seen that both business and IT have made good advance-ments in learning how to

work towards meeting common business objectives. Therefore, it is not surprising that both find a common bond at the appli-cations level. During the past five years, IT operations management has become increasingly application centric along with infrastructure (servers, networks, desktops and storage) management.

But, business applications manage-ment remains challenging because of the new trend of virtualisation, which has impacted IT management in a number of ways over the past few years and has made the environment more dynamic. This, coupled with the fact that applications are becoming more distributed and complex, is making application performance management a priority in the wish list of IT managers around the globe. Business owners have been the most enthusiastic

advocates of application- centric IT oper-ations management among enterprises because of the role IT plays in adding value to the business process.

Importance of application management

Application performance manage-ment solutions offer channel partners a lucrative opportunity to partner with their customers for solutions that will help them get the best out of IT invest-ments. The heterogeneous environment of business and IT and the need for cost reductions has led to the demand for automated software for applications in order to fulfill vital business service objectives. An evolution to an automated environment is the need of the hour, as manual support is not very cost effective.

Applications have grown more complex to manage without the requi-site tools. Companies attempting to assign workforce at application-related

Today’s complex application environment demands automated tools that can ease the workload of IT managersKrishnan Thyagarajan

problems are finding the cost is too high. Application management helps IT

focus on the most important aspects of system integrity, i.e. the point where business processes and technology infra-structure converge. The focus on applica-tions elevates performance levels which results in higher systems reliability and lowers operating costs.

Application management solutions have matured over time and vendors are constantly improving their solutions to keep up with the latest IT technology trends being deployed. A good applica-tion performance management solution must offer a series of feature sets called the five dimensional model described in a recent Gartner report. They are: measur-ing end-user experience, user-defined transaction profiling, application compo-nent discovery and modeling, application component deep-dive monitoring and lastly, it should possess configuration management database. The last feature is critical because the former features generate large data sets and they have to be correlated and filtered to provide intelligence to the IT managers.

The road ahead The demand for application performance management is expected to grow and this offers both vendors and partners a tremendous opportunity that can be used as leverage to reinforce their commitment to ensuring that their customers have the best of breed technologies to stay competitive. Customers have to do their due diligence when it comes to choosing the appropriate solution. With IT envi-ronments being heterogeneous, support for technologies from multiple vendors is an important feature to consider when making a purchase. Also, ease of use and implementation are going to be some key attributes of any APM solution, which must be light and easy to deploy and its footprint must have negligible resource consumption.

It is definite that integration and centralization are key factors in applica-tion management. Business owners and decision makers should have the band-width to identify and resolve any prob-lem in the application management area from a single location. The applications are the point of convergence where the business, using its sophisticated infor-mation technology, delivers quality to its customers. Therefore, to have a plan, tactic and solution in place, makes more sense for larger enterprises. n

Krishnan Thyagarajan is MD, India Sub-Continent, Quest Software

Application Complexity

Dealing with

Business owners have

been the most enthusiastic advocates of applica-

tion- centric IT operations management.

Krishnan Thyagarajan

Application performance management solutions of-fer channel partners op-portunity to partner with their custom-ers for solu-

tions that will help them get the best out of IT invest-

ments.

cloud computing Application Management


The technology landscapes of today’s enterprise hardly bear any semblance to that just a few years back. Massive strides

of advancement in storage and high performance computing along with the nascent cloud computing platform have been game-changers for today’s CIO.

Traditionally, application manage-ment has been a CIO’s way of tapping into the steady state operations of the organisation, and a means of obtaining a systemic and systematic methodology and tools that offer visibility into real-time metrics that help manage the key aspects of applications. These compo-nents are monitored for availability, performance of key business processes, and SLA compliance. While the core nature of application management

remains unchanged, the ground reali-ties of both the application management service provider and the technology deci-sion maker must now change to factor in the cloud realm.

The altered IT landscape The CIO’s world now moves from a full on-premise one to that resting in three logical units of a unified cloud environ-ment – on-premise, private cloud and the public cloud.

Before moving into the realm of addressing application management across these three ecosystems, the CIO would have to stabilize a unified cloud environment where virtualised systems and applications are moved between private and public sections of the hybrid cloud based on policy and compute

requirements and the rest is retained on-premise.

But, there are some busi-ness pain points faced by any customer wanting to be part of the ‘new world’, like, complex data integra-tion between the clouds and on-premise systems and appli-cations, analytics challenges due to disparate data sources, and, complex IT infrastruc-ture management needs due to new cloud monitoring requirements.

The IT service provider will now need to expand his offerings to include the need for industry focused solu-tions to address business pain areas either or both on premise and cloud plat-forms, conversion/migration to private and public clouds, data management solutions

The new paradigm of application management should also include private cloud management services

for the complex integration to meet the new landscape along with business intelligence and analytics solutions and a more sophisticated IT infrastructure management.

The technology pain points to be addressed now comprise of the tradi-tional, viz. monitoring Service Level Agreements (SLAs) in real-time and to detect non-compliance, understanding the nature, severity and business impact of incidents, rapid triage of performance issues and assigning the fix and diagno-sis of the RCA of incidents and speedy remediation. The unconventional comprise of the next generation Remote Infrastructure Management, a single view of systems via ITIL-based operations frameworks, consistent and high-quality service definitions created via detailed service development process, continuous improvement through adherence to an operations maturity model and a flexible delivery model that optimizes resources and delivery locations.

The solution The new application management solution should be able to address the traditional requirements of proactive performance management before end users are affected, the ability to moni-tor transactions in real time and detect problems quickly and the capability of understanding the business impact of problems and fix them quickly.

It should also include private cloud management services wherein the service provider helps customers manage existing cloud environments along with private cloud management, in addition to the more conventional service offer-ings of desktop in a cloud management, enterprise shared platform management, infrastructure management in a public cloud as well as public cloud monitoring and management.

The public cloud management service offerings will include the typical vendor management and operational level agreements aspects, administration and configuration management support of virtual resources, server OS monitor-ing, application services management, middleware services management, web infrastructure management, message queue management as well as the new remote database management.

In conclusion, only the CIO who scales his vision and models up to the hybrid environment will help his business tide the economic realities of today. n

Darshan Nandi is Operations Head, InKnowTech India

Wake up and smell

The ground re-alities of both the applica-

tion manage-ment service provider and the technol-ogy decision maker must

now change to factor in the cloud realm.

Darshan nanDi

The CIO’s world now moves from

a full on-premise one

to that resting in three logi-cal units of a unified cloud environment – on-premise, private cloud and the public

cloud.

cover story Market Expansion


UpcountryGoing

Having established their presence in the metros, most vendors have turned their focus towards small cities and are experiencing enormousgrowth opportunitiesCharu Khera



tive trends towards growth. Puneet Datta, Director – Marketing, Canon shares that in 2009, 50 percent of their sales were from B- and C-class cities. “This year, we expect 70 percent of our profits from B, C and D class cities. Infrastructure cost in smaller towns is low, acquiring manpower is easy, and many entrepreneurs are springing up in such towns. On the other hand, metros are getting over crowded, and vendors in metros are more focused on maximising their share of available market, whereas in B and C class cities, vendors have the opportunity to create the market and opportunity for growth,” he says. He adds that in a couple of years, B, C, and D class cities will become a focus and integral part of the market penetra-tion plan of most companies. “There is a lot more to be done in this area by

vendors. A major investment on part of the vendors is to provide training facility in such smaller towns,” adds Datta. Canon’s BIS division currently has 120 partners in B and C class cities, as compared to 35 in metros.

Factors driving growthThere are number of factors driv-

ing this trend—one, vendors can experience lower cost of operations in smaller cities; second, businesses in B, C and D class cities have managed to achieve operational ef ficiency and increased time to market; three, manpower recruiting costs is slightly lower in smaller cities. Also, attrition rate is minor in B and C class cities as compared to metros. Smaller cities also have a sizeable population as compared to metros, so the competition for labour is limited vis-à-vis the metros. Connectivity is also not an issue any more in B and C class cities. Few other reasons for the move towards smaller towns are low real-estate prices, qual-ity talent pool, economically viable, and lower wage levels among others.

Not only vendors, distributors as well as SIs and SPs have been aggres-sively branching out to these smaller cities. Rajesh Goenka, VP – Sales & Marketing, Rashi Peripherals believes that quantity comes from metro and quality from non-metro. “While the metro pie is still pretty big, the busi-nesses in smaller towns are also grow-ing at a rapid pace. In fact, today Rashi has 54 branches all across the country and our focus is increasing in tier-2 and 3 cities. Also, the trend of using high-end technology (for example wireless) is picking up in non-metros as well. So, both metros and B and C class cities are important and vendors should equally focus on both for overall success and growth,” he says.

Most vendors that have expanded their presence in tier-2 and 3 cities agree that the infrastructure in such cities has become comparable with that of metros and gone are the days when partners in small cities had no good infrastructure and latest technol-ogies. Vendors can now bank upon this advantage quite well.

Ravi Bharadwaj, General Manager - SMB, Dell India also believes that there is an immense opportunity that can be tapped in B- and C-class cities. “Dell has over the years worked actively and closely with partners to expand presence in tier-2 and 3 towns. Our PartnerDirect channel program helps

“Due to high demand and low require-

ment of invest-ment in terms of marketing and brand-

ing, the RoI in smaller towns

is high.” Gautam GHosH, Country Manager,

ViewSoniC teChnologieS india

“Infrastructure cost in smaller towns is low,

acquiring man-power is easy, and many en-

trepreneurs are springing up in such towns.”Puneet Datta,

aSSiStant direCtor – Marketing, BiS

diViSion, Canon india

M ost vendors are chant-ing a new mantra these days – to target B, C, and D class cities. For them,

it is not metros, but tier-1 and 2 cities that are appearing as highly lucrative destinations. Many of these IT vendors now have a strong upcountry base and their increasing upcountry focus have enabled them to do healthy business in such towns and capture a larger market share in the country. Not only vendors, many national distributors such as Redington, Ingram Micro, as well as System Integrators (SIs), box pushers and Solution Providers (SPs) have expanded their reach in B, C and D-class cities. And those who haven’t, are not far from reaching out to smaller towns.

Though metros have always been the focus for all IT vendors, when it comes to making money and captur-ing the larger pie of market share, industry watchers believe that with the changing times, more growth can be expected from tier-1 and 2 cities. Figures also indicate that these cities have been showing healthy and posi-



us cover about 200 such towns,” he adds. Adding to his thoughts is Samik Roy, Head - Growth Applications, Oracle India. “After studying the Indian market and understanding customer requirements, we realised there was enormous growth opportunities in tie-1 and 2 cities. We now work with more than 1,000 partners across the metro and B and C class cities,” he says. Shriram Krishnamachari, Head – Channels & Distribution (India and SAARC), Adobe Systems says that tier-I and II cities contribute signifi-cantly towards their market share. “We also foresee immense opportuni-ties in tier-1 and tier 2 cities and will continue to reach out to our audiences there,” he adds.

Not only IT, but sectors such as

retail, BFSI, ITeS, telecom, etc have huge growth prospects in B- and C-class cit ies. Mandeep Gupta, Country Manager – Channel Business, Emerson Network Power says, “With the burgeoning growth of retail, tele-com and domestic sectors, tier-1 and 2 cities provide a huge opportunity for the organised power solution vendors. Looking at the prospects, Emerson intends to increase its channel base by 20 percent in B and C class cities.”

Biggies in the industry such as IBM too have been expanding its footprint in tier-2 and 3 cities with a

bouquet of hardware, software and services offerings. Anoop Nambiar, Country Manager - Business Partner Organisation, IBM India says, “Smaller cities offer enormous untapped poten-tial and small and medium enterprises offer great business opportunities in these markets. We have already strengthened our presence in tier-II cities such as Kochi, Jaipur, Nagpur, Bhuwaneshwar, etc. By starting our hub in these cities, we are able to better cater to the requirements of surrounding tier-III cities as well. Simultaneously, IBM is also looking to build a wide-reaching tier-2 channel partner network in major cities across the country.”

According to Rajan Sharma, GM, Gigabyte India, tier-1 and 2 cities are

big opportunity areas for the company. “These cities are giving us consistent 50 percent plus growth against our overall growth of 25-30 percent. The customer segment is getting more informed in smaller towns and hence RoI is getting better for top brands. Our focus on high-end products in smaller towns have also seen immense acceptance. B and C class cities are now more preferred by vendors, are given more focus by establishing post-sales service centres, giving technical support to partners, customer educa-tion, channel interaction, supply

chain, spread, availability and best possible RoI on selling the products. Also, as part of our expansion plans, we will be appointing at least 53 more partners in the tier-2 locations by the end of this year.”

Saturation in metros?While it is too early to state that

tier- II and III cities have been giving more Return On Investment (ROI) to all vendors as compared to metros, it is evident that there is some sort of saturation happening in the Indian metro cities in terms of overall sales for all IT products and services. “As such, Asus has been actively involved in reaching out to B and C class cities, which still hold tremen-dous growth potential as well as a demand for IT products. We have already started extending our reach to B and C tier cities through vari-ous channel initiatives like chan-nel meets, technical seminars and advertising in local media. We have come to understand that the major-ity of sales in the Indian market will be driven by the newly educated and demanding population inhabiting in the smaller cities. With growing needs of the ITES and BPO industry that is now shifting to the smaller cities of India, we feel that we will definitely get better RoI on invest-ing our time and resources in the smaller metros on a long term basis,” opines Vinay Shetty – Country Head, Component Business, Asus.

Gautam Ghosh, Country Manager, ViewSonic Technologies India, sharing his plans with respect to expansion in smaller towns, says, “ViewSonic is focusing on B, C and D class cities, as there is a demand for new technology, which is not being catered by all the vendors as seen in the metros. Due to high demand and low requirement of investment in terms of marketing and brand-ing, the RoI in smaller towns is high. Looking at the increasing demand, we also plan to provide resident engineers in B and C class cities, where new service centres cannot be opened.”

Challenges prevail Expansion in B, C and D class cities

has certain challenges and though some companies have been reluctant in going there full strength, they sure do have plans in store.

Acer plans to open 350 retail stores

“We also foresee im-mense op-

portunities in tier-1 and tier 2 cities and

will continue to reach out to our audiences

there.”

sHriram KrisHnamacHari,

head – ChannelS & diStriBution (india and SaarC), adoBe

SySteMS

“Both metros and B and C

class cities are important and vendors should equally focus on both for

overall success and growth.”

rajesH GoenKa, VP – SaleS & Market-

ing, raShi PeriPheralS



by the end of 2010, with expansion on the channel retail front primar-ily focussed on the tier-2 and 3 cities. As for the challenges of addressing customers in B and C class cities is concerned, S Rajendran, CMO, Acer India says, “National distributors have also been aggressive in reach-ing out to smaller towns and this has resulted in higher growth in the consumer PC business. But a key challenge sometimes with addressing

C and D category towns is the lack of proper infrastructure to reach out on multiple platforms - information, prod-ucts along with soft aspects such as training, hands-on demo, etc. But we are getting these challenges addressed though increase in market coverage through own managed sales force and are also co-opting our tier-1 partners for better addressal and focus.”

Lack of proper communication between a partner (in B or C class city)

and a vendor can also sometime be a cause of concern.

The path aheadFor those (vendors/distributors/

SIs) that are optimistic about their expansion plans in B, C or D class cities, the future seems bright. The growth in B, C and D class cities is going to be more evenly spread and will not only be concentrated to a few cities. Considering the simple factor that the number of B, C and D class cities in India is huge, returns for vendors through expan-sion in these small cities could also be considerably huge. The point is clear – vendors who want to promote sales in this fast-growing business segment and capture a larger market share, will have to shift their focus towards smaller towns. However, they have to play smart and choose the right market for their product. It won’t be long before we see almost everyone shifting their focus towards B, C or D-class towns. n

[email protected]

“National distributors

have also been aggressive in reaching out to smaller

towns and this has resulted

in higher growth in the consumer PC

business.”

s rajenDran, CMo, aCer india

security Cloud Computing


Before enterprises can make more innovative use of clouds, security technologies, standards, and interoper-ability must be improved

At this early stage in the development of public clouds, the offerings are a mix of commodity consumer and mainstream enterprise applica-

tions that deal with relatively nonsensitive data such as email, instant-messaging services and Web-based shared spaces and those that handle more sensitive data like Salesforce.com and EMC’s Mozy. But if cloud computing is going to meet enterprise needs for confidentiality of customer data and compliance with legal directives, it will have to provide increased levels of security to support more sensitive enterprise applications. Public cloud computing also introduces new stakeholders into the security equation – third party service providers, infrastructure vendors and contractors – and loosens the control that IT has on each of these three areas.

If cloud computing is to succeed as an alterna-

tive to the corporate data center, IT departments will require relationships with cloud providers that allow them to trust cloud services and verify events in the cloud. It will have to effectively support a high level of security, similar to current control-centered models, and be implemented in a way that allows enterprises to develop confi-dence in extending portions of their own data centers into a public cloud.

Scalability and Multi-tenancyPublic cloud computing describes a computing architecture that extends the service-oriented approach into a marketplace model. Providers offer services that “run in the cloud” as they are accessible using Internet Protocol and are loca-tion independent, meaning that users have no need to know where the underlying IT resources exist.

cloud trustworthy

Making the



Cloud services have two hallmarks: They are scalable (the required resources of storage and computing power can be increased or decreased based on custom-ers’ needs), and they are multi-tenant (they provide simultaneous, secure hosting of services for various custom-ers utilizing the same cloud infrastruc-ture resources). Today’s cloud computing comprises three types of services: n Software as a Service (SaaS). An appli-cation is hosted as a service provided to customers. Examples include Salesforce.com’s Web-based CRM application and Gmail and Google Docs from Google.n Platform as a Service (PaaS). The combination of software and infrastruc-ture services with application develop-ment tools so that Web applications and services can be built and hosted. n Infrastructure as a Service (IaaS). Facilities commonly provided locally, by a desktop computer or a data center, are offered as remote resources so that a customer can define and manage computational or storage tasks. But before cloud computing can live up to its promise for the enterprise, it needs further refinement, especially in the area of security. To date, most of the public cloud-oriented applications have been consumer-centered applications built on commoditized data storage and transaction processing. At this initial stage, the applications and data being processed in clouds are predominantly non-sensitive, and the cloud services offer minimal or only generally available security. The cloud offerings themselves are proprietary computing islands, with few standards and only limited possibili-ties for interoperability.

Trends in information growth will only make the problem more pressing for enterprises. The IDC study, “The Expanding Digital Universe,” notes that while individuals will create most digital information, corporations will be respon-sible for the security, privacy, reliability, and compliance of at least 85 percent of

the rapidly expanding digital universe.It is clear that public cloud comput-

ing must become more secure if it is to become more accepted by the enterprise. With this progression, trust and veri-fication will again be the key security enablers. Enterprises will need to assure the confidentiality, integrity and avail-ability of their data as it is transmitted, stored or processed by third parties in the cloud services chain.

Security is the Big Question MarkTaking advantage of cloud computing means major changes for enterprise IT organizations. The biggest will be reduced control even as they are being tasked to bear increased responsibility for the confidentiality and compliance of computing practices in the enterprise. This makes security a major issue as IT departments look at cloud services and providers.

Changing relationshipsA key issue for cloud computing is that aspects of traditional infrastructure security move beyond an organisation’s control and into the cloud. This will lead to fundamental changes in the number and roles of security stakeholders as enterprises turn over control of security infrastructure and processes to outside contractors. Trust relationships between the various cloud stakeholders need careful consideration as public cloud computing evolves to manage sensitive enterprise data.

Conventional data centers have based security on fortresslike structures that protect the data within secure physical, hardware, and software infrastructures: their security rests primarily on control-ling access by users and maintainers of the data and infrastructure. In cloud computing, a data center still exists – somewhere – but who controls it? Cloud computing diffuses many of the tradi-tional corporate security boundaries and

Public cloud computing introduces new stake-holders into

the secu-rity equation and loosens IT’s control.

Public cloud computing must be-

come more secure if it

is to become more ac-cepted by the enter-

prise.

If cloud computing is going to meet enter-prise needs for confi-dentiality

of customer data and

compliance with legal directives, it will have to provide increased levels of security

to support more sensi-tive enter-prise appli-

cations.

substitutes transient chains of custody for the data, with major implications for security and trust for sensitive enterprise data and applications.

The sharing of control raises many questions of responsibility. How will you know which employees of your cloud provider have access to what information and applications? That access needs to be fine-grained with only a selected and controllable few having broad access.

StandardsBefore sensitive and regulated data move into the public cloud, issues of security standards and compatibility must be addressed including strong authenti-cation, delegated authorization, key management for encrypted data, data loss protections, and regulatory report-ing. How will these requirements be met across individual cloud infrastructures and across multiple clouds chosen by the consumer as best practices? Existing cloud service providers may become the de facto models around which security and federation of authorization controls might emerge. Or answers may come from work currently being conducted by various agencies to questions such as which existing standards could be applied to cloud computing, what gaps exist, and what new standards need to be developed.

Portability between public cloudsWhile cloud computing conveys a prom-ise of open architecture and easy integra-tion, the early cloud offerings have tended to create security “silos”. Enterprises will require information and identity porta-bility between varying clouds so that they can mix and match their services in an open, standards-based environment that permits interoperability.

Portability will become a major issue as more complex services get delivered by multiple cloud infrastructures. Clouds will have to talk to each other securely.

Confidentiality and privacyBusiness units are already tasking IT departments to protect their data in the private and public clouds, with the expectation that sensitive information will either be desensitized or deployed with verifiable access authorization to protect its privacy and confidentiality. IT organisations have historically not developed the capability to effectively identify and classify users and sensitive data. Without this ability, they will face hurdles in extending security function-



alities to cloud environments.How will your cloud provider

ensure confidentiality and privacy? Recently, one cellular provider was embarrassed, for example, when its employees viewed Barack Obama’s past phone records. How will such incidents be prevented? How will you protect against insider threats, like an employee of the cloud provider walking off with sensitive enterprise information? Cloud providers will have to address this fundamental responsibility.

Viable access controlsInformation governance requirements

will need to be balanced with the users’ desire for efficient yet robust access control. Users and corporations will expect transparency and convenience of access. For many clouds such as those delivering popular services to the general public, a token-based approach may not be tolerated by the users.

Another major pain point is the lack of delegated authorization. While some cloud services provide for delegated strong authentication that enables access control based on user identity, few, if any, provide delegated authorization to enable access control based on the content of the information itself. This capability is turn-ing out to be increasingly important given the advent of Web 2.0 where fine-grained entitlements for authorization manage-ment and control will be most essential.

ComplianceMany business units are being drawn into using cloud services by the attrac-tive economics, bypassing IT depart-

ments to host their applications and data in the cloud directly. This creates several problems for the IT organizations with reduced internal and external control. The business units’ activities multiply the IT department’s compliance chal-lenges even while legal and compliance departments are expecting the IT depart-ments to be able to report on and demon-strate control over sensitive information. Additionally, a cloud provider’s SAS-70 compliance must be carefully assessed by each enterprise customer to see if the certification meets the compliance policy established by their own enterprise.

Reporting will be a key requirement for any cloud environment where

Personally Identifiable Information (PII) and other sensitive or regulated data live. Who will be accountable for ensuring compliance is met – you or your cloud provider? Will you have access to log data from the cloud environment where your company’s information lives so you can correlate it with events in other systems? What if someone steals data from your cloud-based system in an attempt to break into systems in your company’s internally managed data center?

How do those events get correlated? Who is accountable if there’s a breach of PII? Will you even know where your information is physically located? These questions could potentially create an issue for compliance with international regulations.

Security service levelsAs all types of data will end up in the clouds, there will be an increasing need for varying security service levels that match the sensitivity of different types of

Sensitive data in the cloud will

require granular security,

maintained consistently throughout

the data lifecycle.

The founda-tional infra-structure for a cloud must

be inher-ently secure whether it is a private or public cloud or whether the service is SAAS, PAAS or IAAS.

IT depart-ments will

require relationships with cloud providers that allow them to

trust cloud services

and verify events in the

cloud.

data. The real challenge will be mapping security levels to information or business processes so that they can be transferred to the cloud at the lowest possible cost, but the highest necessary level of secu-rity.

Principles for Securing the CloudPublic cloud computing requires a secu-rity model that reconciles scalability and multi-tenancy with the need for trust. As enterprises move their computing envi-ronments with their identities, informa-tion and infrastructure to the cloud, they must be willing to give up some level of control. To do that, they must be able to trust cloud systems and providers, and verify cloud processes and events. Important building blocks of trust and verification relationships include access control, data security, compliance and event management – all security elements well understood by IT depart-ments today, implemented with existing products and technologies, and extend-able into the cloud.

Identity securityEnd-to-end identity management, third-party authentication services, and feder-ated identity will become a key element of cloud security. Identity security preserves the integrity and confidentiality of data and applications while making access readily available to appropriate users. Support for these identity management capabilities for both users and infrastruc-ture components will be a major require-ment for cloud computing, and identity will have to be managed in ways that build trust. It will require:n Strong authentication: Cloud computing must move beyond weak user name-and-password authentication if it is going to support the enterprise. This will mean adopting techniques and technologies that are already standard in enterprise IT such as strong authenti-cation (multi-factor authentication with one-time password technology), federa-tion within and across enterprises, and risk-based authentication that measures behavior history, current context and other factors to assess the risk level of a user request. Additional tiering of authentication will be essential to meet security SLAs, and utilizing a risk-based authentication model that is largely transparent to the users will actually reduce the need for broader federation of access controls.n More granular authoriza-tion: Authorization can be coarse-



grained within an enterprise or even a private cloud, but in order to handle sensitive data and compliance requirements, public clouds will need granular authorization capabilities (such as role-based controls and IRM) that can be persistent throughout the cloud infrastructure and the data’s lifecycle.

Information securityIn the traditional data center, controls on physi-cal access, access to hardware and software and identity controls all combine to protect the data. In the cloud, that protective barrier that secures infrastructure is diffused. To compensate, secu-rity will have to become informationcentric. The data needs its own security that travels with it and protects it. It will require:n Data isolation: In multi-tenancy situa-

tions, data must be held securely in order to protect it when multiple customers use shared resources. Virtualisation, encryption and access control will be workhorses for enabling varying degrees of separation between corporations, communities of interest and users. In the near future, data isolation will be more important and executable for IAAS, than perhaps for PAAS and SAAS. n More granular data security: As the sensitivity of information increases, the granularity of data classification enforcement must increase. In current data center environ-ments, granularity of role-based access control at the level of user groups or business units is acceptable in most cases because the informa-tion remains within the control of the enterprise itself. For information in the cloud, sensitive data will require security at the file, field, or even block level to meet the demands of assurance and compliance.n Consistent data security: There will be an obvious need for policy-based content

protection to meet the enterprise’s own needs as well as regulatory policy mandates. For some categories of data, information-centric security will necessitate encryption in transit and at rest, as well as management across the cloud and throughout the data lifecycle.n Effective data classification: Cloud computing imposes a resource trade-off between high performance and the requirements of increasingly robust security. Data classification is an essential tool for balancing that equa-tion. Enterprises will need to know what data is important and where it is located as prerequisites to making performance cost/benefit decisions, as well as ensuring focus on the most critical areas for data loss prevention procedures.n Information rights management: IRM is often treated as a component of identity,

a way of setting broad-brush controls on which users have access to which data. But more gran-ular data-centric security requires that policies and control mechanisms on the storage and use of information be associated directly with the information itself.n Governance and compliance: A key requirement of corporate information governance and compliance is the creation of management and validation information – monitoring and auditing the security state of the information with logging capabilities. Here, not only is it important to document access and denials to data, but to ensure that IT systems are configured to meet security specifications and have not been altered. Expanding reten-tion policies for data policy compliance will also become an essential cloud capability. In essence, cloud computing infrastructures must be able to verify that data is being managed per the appli-cable local and international regulations (such as PCI and HIPAA) with appropriate controls, log

collection and reporting.Sensitive data in the cloud will require granu-

lar security, maintained consistently throughout the data lifecycle.

Infrastructure securityThe foundational infrastructure for a cloud must be inherently secure whether it is a private or public cloud or whether the service is SAAS, PAAS or IAAS. It will require:n Inherent component-level secu-rity: The cloud needs to be architected to be secure, built with inherently secure components, deployed and provisioned securely with strong interfaces to other components, and, finally, supported securely, with vulnerability-assess-ment and change-management processes that produce management information and service-level assurances that build trust. For these flex-ibly deployed components, device fingerprinting to ensure secure configuration and state will also be an important security element, just as it is for the data and identities themselves.n More granular interface secu-rity: The points in the system where hand-offs occur – user-to-network, server-to application – require granular security policies and controls that ensure consistency and accountability. Here, either the end-to-end system needs to be proprietary, a de facto standard, or a federation of vendors offering consistently deployed secu-rity policies.n Resource lifecycle management: The economics of cloud computing are based on multi-tenancy and the sharing of resources. As a customer’s needs and requirements change, a service provider must provision and decom-mission those resources – bandwidth, servers, storage, and security – accordingly. This lifecycle process must be managed for accountability in order to build trust.

ConclusionCloud computing promises to change the economics of the data center, but before sensitive and regulated data move into the public cloud, issues of security standards and compatibility must be addressed including strong authentica-tion, delegated authorization, key management for encrypted data, data loss protections, and regulatory reporting. All are elements of a secure identity, information and infrastructure model, and are applicable to private and public clouds as well as to IAAS, PAAS and SAAS services. In the development of public and private clouds, enter-prises and service providers will need to use these guiding principles to selectively adopt and extend security tools and secure products to build and offer end-to-end trustworthy cloud computing and services. Fortunately, many of these secu-rity solutions are largely available today and are being developed further to undertake increas-ingly seamless cloud functionalities. n

Courtesy: RSA

Building a Trustworthy Cloud

networking Convergence


With an intelligent network platform, organisations can get the best out of collaboration and business process applications Ashok kumAr

Technology-enhanced collab-oration is the next wave of opportunity for innovation and transformation for busi-

nesses. In fact, collaboration is one of the most important tools to help increase an organisation’s agility and deliver new levels of productivity. The Economist Intelligence Unit predicts that by the end of this year, 62 percent of employees will work with teams in different locations, and by 2011, 30 percent of the global workforce will work remotely.

To corroborate this, take the aver-age employee - he carries a PDA and a laptop, and is constantly connected to colleagues, partners and customers via e-mail, IM, Twitter, Linkedln and a host of other web 2.0 applications. In addi-tion, with close to 14 billion devices connected to the Internet, we are in the midst of an evolving digital culture where employees are looking for a secure and stable network to help them remain productive no matter where and when they work.

To meet these expectations, busi-nesses need to create a cohesive strategy that keeps its separate parts working as a whole towards its overarching busi-ness goals. Yet many enterprises have grown their IT infrastructures in ways that isolate resources to support indi-vidual transactions. This approach results in silos of information and appli-

cations, hampering access to networked resources. And enabling interaction can only be achieved by generating a strategi-cally planned IT evolution.

Need of the hourToday’s intelligent networks have to be built with strategic roadmaps steering them toward peak technical and business performance. So, if organisations want to stay competitive, they have to migrate to more resilient, flexible architectures that support expansion and adapt to the changing marketplace requirements. With an intelligent network as a plat-form being utilized as a tool for change, businesses can achieve new efficiencies, integrate network collaboration and busi-ness process applications and increase productivity. Moreover, when companies virtualise crucial network functions and improve collaboration, they get more from their resources and can move and manage assets with greater flexibility.

Using this approach, an enterprise can evolve to an intelligent network that makes the most of resources, applications and business processes and enables IT to add value to the organisation’s business.

Going in for advisory services to plan the network while integrating new tech-nologies can:n Seamlessly integrate technologies such as voice and video into a secure converged network.

nAlign IT investments closely with busi-ness strategy and goals. n Deploy new applications quickly and enable them to communicate and collab-orate effectively. n Allocate more of the budget for network expansion by lowering opera-tional costs through virtualisation of IT resources. n Move the business environment from transactions to interactions. nMaintain network health and continu-ously improve performance.

What the future holdsSuch a converged IT architecture transforms the network into a plat-form for network service delivery while optimizing business applications, enhancing collaboration and virtualis-ing resources. Using an architectural approach also allows for a new conver-sation to take place - businesses can talk about capabilities and how these capabilities are leveraged across the enterprise to deliver business value instead of just talking about products and features.

Because the network often trans-ports data, controls the entire commu-nication system and enables the mobility of the workforce, it becomes crucial to maintain the ongoing health of a network. For example, imag-ine a high profile customer making an online transaction based on the current stock market price. In the middle of his net banking process, the network suddenly fails, causing a downtime of ten minutes. During this time, the stock price has fluctuated and the customer incurs a huge loss because his transaction did not take place in real time. In the BFSI sector, such a scenario is unacceptable. Such an incident can best be avoided by allowing experts to assist in monitor-ing the network, resolving problems and managing changes.

In the future, as the organisation adapts to change, the lifecycle begins anew - continually evolving the network and improving results. Hence, a successful business will be one that has a structured path for growth. So, the need of the hour is a plan that combines customized technology solu-tions and services that not only helps meet business challenges of today, but also maximizes the future potential of technology investments. n

Ashok Kumar is Vice President, Cisco Services, Cisco, India & SAARC.

networks Building intelligent

Today’s intelli-gent networks

have to be built with

strategic road-maps steering them toward

peak technical and business performance.

Ashok kumAr

An enterprise can evolve

to an intelli-gent network that makes the most of

resources, ap-plications and business proc-esses and ena-bles IT to add value to the

organisation’s business.

business intelligence


In the last decade, many enterprises across sectors have moved to central-ized IT solutions, and have consoli-dated countrywide operations through

IT investments. This has majorly improved operational performance, reduced the cost of operations, and increased reach to custom-ers. Currently, these enterprises are looking at enterprise-wide Business Intelligence (BI) solutions, to leverage their present investment in IT infrastructure for improving productiv-ity, quality, customer service levels and profit-ability.

Transaction systems automate business. BI systems analyse business performance, and help the firm to enhance business by opti-mizing all risks. It offers the functionalities of visualising transaction data in tabulated forms and contents associated with trend charts and graphs, so as to pin-point the problem areas of business as well as the growth areas. It helps users at all the three levels of business—stra-tegic, tactical and operational, to view and analyse data as per the relevance of each func-tion, and facilitate them to make decisions. It offers monitoring key indicators of business

Business intelligence solutions can help an organisation improve its productivity, quality, customer service levels and profitabilityDurai rajasekar

continuously, and receiving automated alerts whenever the threshold limit or target is exceeded or not achieved.

How is enterprise-wide BI different?Some conventional ERP (Enterprise Resource Planning) systems help busi-nesses automate transactions through data capture at operational level, and ensure data and business integrity are maintained through orchestrated busi-ness processes and rules. They have MIS systems to complement and verify if the transaction processing is complete at the operational level, and provide periodic static reports to management, which are statistic and statutory in nature. So why should an enterprise spend on BI?

The differentiator here is that a BI solution provides a unified view of data extracted from multiple transac-tion systems such as SCM, CRM etc., and provides analyses and informa-

tion support for MIS/DSS/ESS users. Information engineering across

the entire organisation precede a good BI implementation

like what business

Get Smart with BI

business intelligence


process engineering does for a good ERP implementation.

However, integration of BI and ERP can provide tremendous value to organisations in various areas such as inventory holding analysis, inventory movement analysis, cash requirement analysis, price variance analysis, produc-tion optimization analysis, and cost anal-ysis for products, operations, purchases and so on. All this is easily delivered on a BI platform which comes with a dash board, score card, balance score card, alerts, work flow for issue resolution, digi-tal dash board for top management view, and so on. While ERP is deployed for stan-dardization of processes and integrity of data, a BI solution is deployed for stan-dardization of information and unified view of same data.

Moreover, BI is a highly customiz-able platform. Because information and analysis requirement varies among businesses and wholly depends on data models, data marts built for BI also vary and hence the whole BI platform will get customized for the business. Therefore, information engineering will have to precede deployment of BI solutions.

Who needs enterprise- wide BI?A frequently asked question is which size of businesses will need to deploy BI. A business, whether big or small, faces the same risks, but at different scales. Perhaps a lower level of investment and TCO will be the key for small businesses. The other part of the question is at which level is BI to be employed. When it comes to the use of BI, it is a necessity at every level, with a different set of purpose at each level. While at CEO/CFO level, the information require-ment is for strategic initiative purpose (eg: Why my product sales is not picking up

in the southern region?), at the tactical level, it is required for tactical decisions (Which are the channels in the southern region that do not perform well in certain product sales), and at operational level, it is purely for transaction-based decisions (Who will pick up stock of which product and at what time?)

Though it’s a general idea that BI comes as an overpriced IT tool which makes it a luxury, it is actually a different case in reality. Generally, the TCO for a BI solution should not exceed a certain percentage of TCO of the ERP system itself. But in terms of ROI to the organisation, it is higher, because the return on BI investments takes into account leveraging the investment in the ERP system also. (e.g: Price variance for the same raw material with the same qual-ity and delivery commitment from two unconnected vendors, detected through BI, will bring enormous cash benefits to the organisation using BI if these procure-ments operations are decentralized for strategic reasons. The savings in rational-ization of this price variance alone will pay for the investment in BI, at one go.)

Thus, the ROI on BI can be measured by judging the quality and effectiveness of decisions which the users take. This is based on the most recent and real-time data coming from ERP systems, and the improvement in revenue or saving in cost that result due to such decisions.

The whole need of a BI implementa-tion depends on the percentage of use of ERP data by various decision makers in the organisation, and whether the data is coming directly from the system or through tabulated forms using spread sheets and intermediary manual processes.

ChallengesThe implementation of BI in an enter-prise cannot be confined to only corporate

BI systems analyse business perform-ance, and

help the firm to enhance business by optimizing all risks.

The whole need of a BI implementa-tion depends on the per-centage of use of ERP

data by vari-ous decision

makers in the organi-

sation

BI solutions offer moni-toring key indicators

of business continu-

ously, and receiving automated

alerts when-ever the

threshold limit or target is

exceeded or not

achieved.

offices, or a few analysts, or any selected geo, or a set of customers. Today, IT penetration has already reached far and wide in any enterprise. This definitely has thrown a challenge to solution providers in terms of both sales and service deliv-ery. The recent global meltdown and the fear of loss of business from European and Pan American markets have been good for Indian IT companies, who have invested in innovative BI solutions. These have now emerged as a ready-to-use solu-tion to enterprises, which are turning aggressive in pushing sales and need BI to know where to push what. Enterprises continue to analyse TCO and ROI, as long as the solution offered can justify that the product will sell.

The other challenge is with SMBs, which will take some more time, because BI is still finding its feet with large enter-prises, which have already invested heavily in IT infrastructure and which have just started looking at BI. SMBs will continue to be followers of adopt-ing either ERP or CBS systems. But then there are still a handful of SMBs who have a foresight and thirst for innovation and early adoption, and such SMBs will also look out for BI, though not all.

From a typical Indian perspective, the main challenge is to move users away from the hard copy report-based deci-sion support to online interactive anal-ysis-based decision support, and justify benefits in relation to the investment.

To wind up on the life and future of BI, here is a brief gist of a Gartner paper published in 2009, predicting these developments in the business intelligence market: n Because of lack of information, processes, and tools, through 2012, more than 35 percent of the top 5,000 global companies will regu-larly fail to make insightful decisions about significant changes in their business and markets.n By 2012, business units wil l control at least 40 percent of the total budget for business intelligence.n By 2010, 20 per cent of organisa-tions will have an industry-specific analytic application delivered via software-as-a-service as a standard component of their business intel-ligence portfolio.n By 2012, one-third of analytic applications applied to business processes will be delivered through coarse-grained application mash-ups. n

Durai Rajasekar is Senior Vice President, Ramco Systems.

best of biz Image Management


E-mail has undoubtedly emerged as one of the most popular communication mediums online and it has revolution-

ized how businesses interact and trans-act with each other. According to a market research firm, person to person email daily volume surged to 210 billion messages in 2008. There are several reasons why e-mail has become an inte-gral part of our lives today. It is fast and delivered instantly. No other method of communication can provide this speed of service. Besides, it is inexpensive compared to telephone calls, faxes or even couriers. Email is also easy to filter. The subject line on an email makes it easy to prioritize

messages. The reader can identify critical correspondence quickly and deal with it immediately, unlike regular mail which needs to be opened and reviewed first.

Having a business email account not only provides a business an easy and inexpensive mode to manage and conduct business, but it is also critical to project and promote a professional image of the business itself.

Creating the right impression A business e-mail address plays an impor-

tant role in how individuals or organisations actively market

their products, services or skills. It helps to communi-

cate useful information about the user of the address in the case

of the company name being used in the email is the same as the domain

name.Several free email providers can

provide you an email address, but what counts is the image that your company email address projects to the people you interact with. For example: [email protected]

On its face, a business email address may seem like a small aspect of your company’s online presence, but your email address can say a lot about who you are and what you do. A generic email address may give your customers the impression that the business is small or that you are not keen about investing in the image of your business.

Having a business email account is vital to project and promote a professional image of the organisationShekhar kirani

Having a business email address, unlike a generic email id, is also an inex-pensive form of advertising for your busi-ness. Every time you or anyone in your company sends out an e-mail, it serves as a reminder of who you are and what your business is called.

Once you get a business email id, it is also important to drive the discipline of having all the employees of the organi-sation use the business email id. If your employees are not using your business domain name in their email address, you could have your business correspon-dence end up in other people’s personal email accounts where it might not be regularly checked.

After getting a business email address, you should consider providing your business and contact details in all your emails. The easiest way to do this is to set up a standard email signature which is automatically added to the bottom of all your outgoing emails.

When you register your business domain name with an authorized regis-trar or reseller, you may have the option of procuring a business email package with it for a nominal fee. You can select a business email package that best meets your requirements. The size of your busi-ness will help determine the mailbox size, i.e. the number of emails that you will probably need to store.

Image MattersClearly, prior to doing any business on the Internet, which includes transact-ing using your business email id, you will need to select and register a domain name. The domain name represents your company’s brand and identity on the Internet. Selecting the right domain name increases your visibility on the net. A .com domain name offers you one of the best options because it helps lend instant visibility and credibility for your brand online, both in India and globally. A .com is appropriate for businesses of all sizes and it is one of the most widely used domain name extensions around the world too.

In a world where impression counts, it is vital that you make the right one with a business email address. A busi-ness email address introduces your busi-ness to potential customers and helps your customers to remember you each time they receive an email from you. It promotes your business in a sustained and cost-effective way unlike any other online marketing tool. n

Shekhar Kirani is Country Manager, VeriSign

Business iD Matters

Why

A business e-mail address helps to com-municate use-ful information about the user of the address in the case of the company name being used in the email is the same as the

domain name.

Having a business email

account is critical to

project and promote a

professional image of the

business itself.

Shekhar kirani

trends


trends

D-Link has announced the promo-tion of Rajesh Sahore as Sales Head-India & SAARC. Sahore

has been the channel face of D-Link since 2007 and was successful in establishing D-Link as the ‘Channels Most Preferred Networking brand’ in India. In his new role as Sales Head for India & SAARC region, Sahore will be instrumental in driving sales and marketing strate-gies, demand generation and exploring untapped market.

Sahore has an experience of over 18 years in active solutions selling, network integration, consulting and key account management. His past experience includes successful stints with reputed organisations like Cabletron Systems

Pte., Cisco Systems India, Allied Telesyn International Asia Pte.n

Sahore promoted as D-Link’s Sales Head-India & SAARC

McAfee lists top 5 malware & spam trends in Q1 2010

M cAfee has unveiled itsMcAfee Threats Report: First Quarter 2010, which uncovered that a USB worm has taken the No. 1 spot for top malware worldwide. Spam trends show that email subjects vary

greatly from country to country with diploma spam out of China and other Asian countries on the rise. Earthquake news and other major 2010 events drive poisoned Web searches, and U.S.-based servers host the majority of new malicious URLs. Threats on portable storage devices took the lead for the most popular malware. AutoRun related infections held the No. 1 and No. 3 spots due to the widespread adoption of removable devices, mainly USB drives. A variety of password-stealing Trojans rounded out the top five. Those include generic downloaders, unwanted programs and gaming software that collects statistics anonymously. Unlike past studies, the popularity of these threats ranked consistently worldwide.

One of this quarter’s biggest discoveries was that China, South Korea and Vietnam have the most significant diploma spam, which promotes the purchase of forged documents to establish qualifications for items such as jobs. Singapore, Hong Kong and Japan have exceptional rates for delivery status notification spam, indicating a possible issue with preventative mail-filtering capabilities.

“Our latest threat report verifies that trends in malware and spam continue to grow at our predicted rates,” said Mike Gallagher, Senior Vice President and Chief Technology Officer of Global Threat Intelligence for McAfee.

Rajesh Sahore, D-Link

Printer, copier & MFP market grew 36% in Q1 of 2010

Canon India launches 15 new prodcuts

C anon India has announced the launch of 15 new products, expanding its range to 82 IT peripheral products from its printing divi-

sion. With the launch of these new products, Canon expects the new products to contribute over 50% to the printer division’s revenues in 2010.

The new range includes 2 single format Inkjet printers, 3 all-in-one printers, 2 laser printers, 6 projectors, 1 scanner and 1 laser Multi-function device. Each of the newly launched printers has Wi-Fi. Canon aims to capture a 50% market share of the wi-fi printing market in India by end of 2010.

According to Kensaku Konishi, President & CEO Canon India, “To align with our corporate ‘green commitment’ and need for cost reduc-tion in printing by businesses and convenience in printing for home users, our new products launched today feature auto duplex printing, wi fi capabilities and network capabilities ready for enterprise and home printing.” n

T he combined printer, copier and multifunc-tional product (MFP) market in India totalled nearly 0.8 million units in the first quarter of

2010, representing 35.7 per cent growth over the first quarter of 2009, according to Gartner.

“Most of the major vendors experienced signifi-cant shipment increase in the first quarter of 2009. Shipments by HP, Canon and Samsung, the top 3 vendors, contributed 76 percent of the total market in Q1 2010,” said Vishal Tripathi, Principal Research Analyst at Gartner.

“Canon registered 93 percent growth, followed by Samsung with 54 percent and, in midst of an ongoing shortage of materials, HP still managed to register 26 percent growth as compared to Q1, 09 shipments. Though Xerox also registered a substan-tial 166 percent shipment growth, it only represents 1.8 percent of the total market in terms of shipments. Increased government spend in Q1 added to the total growth of the market,” he added.

Ricoh, with 25 percent market share, has emerged as the No.1 vendor in A3 Flatbed Copier/MFP in the first quarter of 2010, followed by Canon with 19 percent market share. Samsung, with 40 percent market share, was the leader in A4 Flatbed category, ahead of Canon with 28 percent market share.

The page printers market in India grew 73 percent in Q1 2010. n

CORRIGENDUMIn the May 2010 issue on Virtualisation Special, the content of the news item “Fujitsu launches Celsius workstation portfolio” (Page 24) did not match the headline. The cor-rected news is being carried in this issue. The error is regretted.

trends


Channel fraternity in Bareilly faces curious cases of thefts

T he computer fraternity of BCDWA (Bareilly Computer Dealers Welfare association) has been witnessing strange incidents of theft since the last few months. So far, three cases of similar nature have been reported in the region. According to Manas Pant, Ex-President, BCDWA, “A

Dell laptop has been stolen from AP Sales Corporation two days back. The incident was caught by the CCTV and as per the footage; the theft was executed by a lady.”

Looking at the pace with which these accidents have been increasing in the channel community over the past few years, associations are expected to play a larger role. Associations should have a forum where such information can be shared and appropriate actions can be decided upon to solve such issues.

“Most often, stolen items are sold at places out of reach from the place of incident, and if all dealers in the region have the information as well as the serial number of the stolen item with them, they can track such items and report the incident to the police,” explained Pant. The entire channel fraternity of Bareilly has been protesting against the incidents. “We have now approached the DIG/SSP of Bareilly, NK Shrivastava, who has assured us of effective actions,” added Pant. n

Charu Khera

Ki n g s t o n Te c h n o l og y C o m p a ny h a s announced the release of an entry-level line of HyperX memory modules for

overclockers and gamers. The HyperX ‘blu’ memory modules have a new look, run at standard JEDEC speeds and timings, and have headroom for enthusiasts to push the performance enve-lope.

“The enthusiast commu-nity knows the HyperX name is synonymous with high speed, high quality and stylish design. HyperX blu enables us to bring these features to market at a lower price point. HyperX blu is the latest addition to

the HyperX family in our

ongoing strategy to match HyperX products

with the various enthusiast market segments,” said Ann Bai,

DRAM Memory Sales Director, APAC Region, Kingston. HyperX blu is available in

DDR3, 1600- and 1333MHz 4- and 2GB kits of two. This series is also available in DDR2 800MHz, single modules and kits of two. Kingston HyperX memory is backed by a lifetime warranty and free technical support. n

Hewlett-Packard (HP) India has announced a contest for all its channel partners across India called “Win With HP AiOs - It Pays

you Back”, which is woven around the company’s latest LaserJet printers.

A HP channel partner can register on www.hp.com/in/win and answer three simple questions in order to win prizes such as bikes, LCDs, digicams and much more.

The contest is open till 31st June 2010 to all HP channel partners. n

Kingston unveils HyperX ‘blu’ memory modules

HP rolls out contest for its channel partners

trends


Canon India rewarded its top-performing channel partners in its 8th annual ‘Wings of Glory

2010’ programme by taking them for a six day excursion to London. The program acknowledged those partners who grew higher than the respective division which they represent and did a business of more than Rs 2 crore with Canon annually.

Canon India’s President and CEO, Senior Vice President, all Directors across all the businesses were part of this excit-ing trip. Canon also invited the spouses’

of the partners to join this trip to build and nurture a better bond.

According to Alok Bharadwaj, Senior Vice President-Canon India, “Our initia-tive, ‘Wings of Glory’ seeks to acknowl-edge the top performing partners of Canon for their year around hard-work and to motivate them to outperform themselves each year. ‘Wings of Glory’ is Canon’s Annual Property that focuses on growth and business benefits of their valued partners. This concept has been well accepted by the partners and they find it inspirational and encouraging.” n

Canon hosts ‘Wings of Glory 2010’ in London

WD appoints Redington as ND

We s t e r n D i g i t a l ( W D ) h a s announced the appointment of Redington (India) as a National

Distributor (ND) to sell WD’s full range of internal and external products in the coun-try. Now, WD will expand its reach through Redington’s extensive network of over 18,700 channel partners in India.

“Strengthening our channel base is one of our focus areas for 2010 and we are keen to work with a firm that brings deep domain expertise coupled with a pan India footprint. Redington (India) Ltd. has an established capability in these markets and will provide immense value to our offerings. We are delighted to have

Redington as our distributor, and look forward to a long and mutually beneficial relationship” said Sushil Bandi, Country Manager for the Indian Subcontinent, Western Digital. “The Indian economy is witnessing a digital revolution with people becoming increasingly aware of technol-ogy and its impact on our lives. With the boom in digital content just at it nascent stage, we expect demand of information storage across businesses and households to see a sharp increase. This partnership will prepare us to meet high expectations of this fast-growing market segment,” said Khwaja Saifuddin, Director Sales – MEA & South Asia, Western Digital.n

Worldwide mobile PC shipments grew 43% in Q1 2010

Worldwide mobile PC shipments totaled 49.4 million units in the first quarter of 2010, a 43.4 percent increase from the first quarter of 2009, accord-ing to final results by Gartner. This year-over-year growth is the highest

the mobile PC market has experienced in eight years and represents about $36 billion in end-user spending. Shipments to the consumer segments continued to be the main growth driver, but there was an uptake in the professional segment. Gartner expects to see higher growth in the professional market toward the end of 2010 and into 2011 as part of a larger refresh cycle.

“Mini-notebook PCs were a big part of the bump in mobile PC shipments in the first quarter of 2010, with shipments growing 71 percent over the same period last year,” said Mikako Kitagawa, Principal Analyst at Gartner.

HP continued to be the No. 1 vendor in worldwide mobile PC shipments, as it accounted for 19.2 percent of shipments in the first quarter of 2010. However, HP and Dell were the only vendors in the Top 5 to grow below the industry average. ASUS and Acer experienced the strongest growth rate among the top-tier vendors with ship-ment increases of 113 percent and 48.4 percent, respectively. Gartner analysts said this growth was driven by sales in the low-end consumer market.n

Gigabyte announced a brand new version of its channel incentive programme titled

“Gigabyte Summer Sensation” for its registered motherboard reseller partners in India. Effective from April 1 - June 30, 2010, this scheme is open to all registered resellers who buy Gigabyte motherboards from authorized Gigabyte distributors in India, which are Avnet (India), Ingram Micro, Redington (India) and Neoteric Infomatique Ltd.

In Mumbai, Bangalore, Hyderabad, Kolkata, Chennai, Delhi, Punjab and Chandigarh, the scheme is valid only if the products are brought from Gigabyte premium partners.

This is the 5th consecutive chan-nel incentive program from Gigabyte and it is designed to reward loyal reseller partners for their excellent sales performance over the quar-ter and to increase brand traction for Gigabyte in the channel during the promising peak summer buying season.

“We hope the attractive scheme will help expand our present base of registered motherboard reseller partners, especially in newer B, C and D class locations,” says Rajan Sharma General Manager – MB, Gigabyte India. n

“Gigabyte Summer

Sensation” launched

trends


Fujitsu has announced an expanded portfolio of Celsius workstations

specially optimized for Adobe. Now optimized for Creative Suite 5, Fujitsu’s Celsius W380, Celsius W480, Celsius M470-2 and Celsius R570-2 provide design professionals with a comprehensive selection of Celsius workstations ideally

suited for their needs. All the systems have been

specially configured to ensure optimum performance and stability for creative profes-sionals working in online, print and video media. The workstations come preinstalled with a unified product design based on Fujitsu’s intensive

field tests. n

Panduit has signed a partnership agreement with Datacraft to offer a comprehensive suite of integrated services and Unified Physical Infrastructure (UPI) based solutions to address diverse physical infrastructure needs of clients across Asia Pacific and Japan.

This partnership will extend Panduit’s physical infrastructure solutions to the multinational corporations and small-medium enterprises sectors in this region.

From now on, Datacraft will be able to provide end-to-end service to clients who wish to move their physical datacentre to a virtual datacentre. This service will enable its clients across all 13 countries in Asia to enjoy the benefits of virtualisation, like simplified operations management and increased availability, all at lower risks. n

McAfee has announced that it has entered into a definitive agree-

ment to acquire privately owned Trust Digital, which is a technology provider of enterprise mobility management and security software.

McAfee expects that this acquisi-tion will extend its endpoint market, addressing a wide range of mobile operating systems. Following the completion of this proposed acquisi-tion, McAfee expects to couple Trust Digital’s enterprise mobility manage-ment solution with McAfee’s endpoint protection capabilities to deliver a comprehensive mobile security solu-tion. Customers will benefit from centralized management and reporting of the integrated technologies through the McAfee ePolicy Orchestrator (ePO) console. n

McAfee to acquire Trust Digital

Fujitsu expands Celsius portfolio

Panduit and Datacraft partner to provide UPI based solutions

security Cyber Crime


The Internet has become the central ner vous system for our networked life. As a global network of loosely connected

IP-based networks, it reaches everywhere and provides a common platform for communication to governments, businesses and consumers.

With the Internet, however, a new kind of criminal has emerged—the cyber crimi-nal.

The pervasive nature of cyber crime today threatens loss of proprietary corpo-rate information to the loss of life. Various forms of cyber crime have emerged, from predators exchanging child porn and scam-mers stealing identities to countries attack-ing countries.

The US FBI estimates that various types of computer crimes in the U.S. now cost the industry about US $400 billion, while officials in the Department of Trade and Industry in Britain said computer crime rose by 50% in 2006 over 2005.

It is estimated that only 5% of cyber-criminals are ever arrested or convicted because the anonymity associated with Web activity makes them hard to catch, and the trail of evidence needed to link them to a cyber crime is hard to unravel. The CERT Coordination Center estimates that as much as 80% of all computer security incidents remain unreported.

Combating the threatThere are certain steps to be taken before

A mechanism that can unravel the real persona of an alias is the way to keep cyber crime at bayDr Antonio nucci

PreventingKnowing is

security Cyber Crime


we can successfully combat cyber crime.

First, it is important to increase our understanding of the many languages and dialects (protocols, applications and services) being spoken in the cyber world.

Network traffic monitoring and measurement is increasingly regarded as an essential function for under-standing and improving the perfor-mance and security of our cyber infrastructure. With networking tech-nologies and services evolving rapidly, as witnessed by the explosive growth of the Web, accurate network traffic monitoring is required to ensure secu-rity in a cyber world.

Second, it will be timely to promptly identify and tag cyber users and communities of cyber users whose activity and content may harm the safety and transparency of the cyber world.

Third, it is critical to gain visibility into who is the real person behind an alias or cyber-identifier used to enter the cyber world. A critical problem in this digital world is knowing with whom you are interacting.

The weak linksCritical to the success of a network

monitoring tool is its ability to accu-rately—and on a real-time basis—identify and categorise each flow of packets associated with a transaction and connection by application.

Identifying network traffic using port numbers was the standard in the recent past. This approach was success-ful because many traditional applica-tions used port numbers assigned by or registered with the Internet Assigned Numbers Authority (IANA).

The accuracy of this approach, however, has been questioned because of the evolution of applications that do not communicate on standard ports. Many current-generation P2P appli-cations use ephemeral ports, and in some cases, use ports of well-known services such as Web and FTP to make them indistinguishable to a port-based classifier.

Techniques that rely on inspection of packet contents have been proposed to address the diminished effective-ness of port-based classification. These approaches attempt to deter-mine whether or not a flow contains a characteristic signature of a known application.

Studies show that such approaches

work very well for today’s Internet traffic, including P2P flows. In fact, commercial bandwidth management tools and network security appliances use application signature matching to enhance robustness of classification and deep inspection of packet content even in the case of encapsulated proto-cols within each other.

Newer threatsYet, recent ly several threats

appeared to use this technique to hide their presence and break through fire-walls and other security devices. The progress in hardware acceleration has allowed packet content inspection techniques to run at speeds as high as 40 Gbps and have made them the most commonly used approach to gain visibility into any Internet stream.

Nevertheless, packet-inspection approaches face two severe limita-tions. First, these techniques only identify traffic for which signatures are available. Maintaining an up-to-date list of signatures is a daunting task. Information is rarely fully updated and complete. Furthermore, the tradi-tional ad-hoc growth of IP networks, the continuing rapid proliferation of applications of different kinds, and the relative ease with which almost any user can design and infiltrate a new application to the traffic mix in the network with no centralised regis-tration, contribute to this gap.

Second, packet inspection tech-niques only work if full packets (header and payload) are available as inputs and are completely harm-less whenever coarser information is provided. Unfortunately, only a few service providers today have equipped their networks with packet inspec-tion appliances, while a majority of them have access only to traffic flows extracted directly from the routers, either sampled or un-sampled.

To overcome these two fundamental problems of packet content inspection appliances, research has focused on a new family of techniques called ‘flow-features-based analysis.’ The common goal of these techniques is to identify which application class a traffic flow belongs to when using traffic flow information only.

The shortcomingsThese techniques achieve the flow-

application class mapping by extract-ing and analysing hidden properties of the flow, either in terms of ‘social

With net-working

technologies and services

evolving rapidly, ac-curate net-work traffic monitoring is required to ensure

security in a cyber world.

Reconstruct-ing today’s

missing links be-tween the cyber ID

and the real person will make the

cyber world a safer place

to visit.

It will be timely to promptly

identify and tag cyber users and communi-

ties of cyber users whose activity and content may

harm the safety and

transparency of the cyber

world.

interaction’ of hosts engaged in such a flow or the spatial-temporal behavior of several flow features. These features range from flow duration and number and size of packets per flow to inter-packet arrival time.

A variety of more sophisticated data mining algorithms have been proposed on top of such framework, such as supervised and un-supervised machine learning, clustering and graph-theoretical approaches. These help increase the detection rate while decreasing the false-positive rate.

However, these techniques lack a fundamental attribute that make them impractical from an operational perspective—a precision identification of the application responsible for the observed flow in contrast to packet content inspection techniques.

This is a fundamental question to answer, as today’s network operators must know the nature—legitimate or malicious—of any single bit of infor-mation flowing through their pipes. Furthermore, as the application classi-fication process might still be prone to classification errors, these techniques are not reliable for content billing or for robust application security.

The ideal solution should lever-age the merits of the packet content inspection techniques by guaranteeing high accuracy in classifying applica-tion-specific traffic, while providing the robustness of the flow-based behav-ioral analysis techniques.

Know your cyber worldWhile governments have increas-

ingly expressed their concerns about the cyber threat to public safety and national security, we still have not done enough to shed light on the cyber world and its users.

The cyber infrastructure must not be thought of as just the physical infrastructure made of optical fibers, servers and routers. Rather, it is about protocols, applications and services being used to enable communications among any number of end points (users).

We must discover who is behind a nickname, Mac or IP address, or VoIP number—perhaps by using biometric techniques to profile users’ communi-cation as they access the cyber world. Reconstructing today’s missing links between the cyber ID and the real person will make the cyber world a safer place to visit. n

Antonio Nucci is CTO, Narus Inc.

dcc june regular issue

Documents

tier towns

small cities

dell india

smaller towns

canon india

large cities

towns real estate

dclass cities