Over the last couple of years, IBM, despite having a rich internal technology ecosystem and a number of competitive blade and CI offerings, has not had a comprehensive integrated offering to challenge HP’s CloudSystem Matrix and Cisco’s UCS. This past week IBM effectively silenced its critics and jumped to the head of the CI queue with the announcement of two products, PureFlex and PureApplication, the results of a massive multi-year engineering investment in blade hardware, systems management, networking, and storage integration. Based on a new modular blade architecture and new management architecture, the two products are really more of a continuum of a product defined by the level of software rather than two separate technology offerings.
PureFlex is the base product, consisting of the new hardware (which despite having the same number of blades as the existing HS blade products, is in fact a totally new piece of hardware), which integrates both BNT-based networking as well as a new object-based management architecture which can manage up to four chassis and provide a powerful setoff optimization, installation, and self-diagnostic functions for the hardware and software stack up to and including the OS images and VMs. In addition IBM appears to have integrated the complete suite of Open Fabric Manager and Virtual Fabric for remapping MAC/WWN UIDs and managing VM networking connections, and storage integration via the embedded V7000 storage unit, which serves as both a storage pool and an aggregation point for virtualizing external storage. The laundry list of features and functions is too long to itemize here, but PureFlex, especially with its hypervisor-neutrality and IBM’s Cloud FastStart option, is a complete platform for an enterprise private cloud or a horizontal VM compute farm, however you choose to label a shared VM utility.
Last Monday, Stephanie Balaouras and I recorded a podcast on a recent hot topic amongst Forrester clients — Enterprise Role Management (ERM). For the most part, people understand fundamental provisioning so I wanted to take this time to go through ERM in a little more detail.
Over the past few months, I have been asked many questions about taking ERM to the next level — about how to expand and automate identity management infrastructure. Before determining whether this is the right step for your company, however, it's important to understand the two most important benefits from doing so and also recognize the prerequisites.
Among others, two benefits of ERM are security and compliance. Achieving a more mature role management system will increase your organization’s security around information sharing, and it will enable understanding of the segregation of duties. Before achieving this level of security and compliance, it’s important to simplify your identity repository and create a clear-cut set of records. This allows for a recertification phase when managers can take the time to revoke or grant access to existing accounts. Once you have created a clean, up-to-date role management database, your organization is ready to look forward to taking ERM to the next level.
After speaking with many clients on this topic, I have garnered a solid list of best practices that everyone should be aware of before attempting to strengthen any ERM system. These practices include data points around user population and recertification timelines, whether or not a hierarchical approach should be adopted to organize roles, and the value of tools such as Web single sign-on and security incident and event monitoring as they relate to role management.