Re: Anyone know why the Alpha market is so so quiet?
- From: "John Smith" <a@xxxxxxxxxxxx>
- Date: Wed, 13 Jun 2007 13:06:33 -0400
Main, Kerry wrote:
-----Original Message-----
From: Arne Vajhøj [mailto:arne@xxxxxxxxxx]
Sent: June 9, 2007 3:07 PM
To: Info-VAX@xxxxxxxxxxxx
Subject: Re: Anyone know why the Alpha market is so so quiet?
Dr. Dweeb wrote:
Main, Kerry wrote:is
As I mentioned earlier, it is not the roll-out of the patches that
importantthe issue. Heck, that is relatively minor as you can even easily do
this with all of the Windows security patches.
The big issue by far is the re-certification and testing of
abusiness applications with all of the monthly OS security patches.
For small and some medium businesses with small numbers of users,
this is not an issue as they simply apply the patch and reboot. If
canOS security patch breaks the kernel or an application, then they
notsimply roll-back with minimal impact as the numbers of users are
missionthat large.
That is usually not the case with large IT environments with
critical environments.
OK. Just so you guys "get it", here is a real example.at 8
A system software upgrade is tested and validated. To be deployed
different sites over a period of 1 year, sheduled deploymentdetermined by
PM downtime of 24*7 manufacturing operations - which by its natureis
planned a long way in advance.a large
2 smaller sites go live before a memory leak rears its ugly head in
site, number 3, crashing the application and stalling part of thefactory
shipping processes. The resulting cleanup operation consumes DBAand
sysadmin time at every occurrance and occurs at different intervalsfactory,
depending on the transaction volume of the factory - the larger the
the larger the problem. We are talking daily on a large factory.a simple
The IT troubleshooters get on the job and isolate the error, create
reproducer and report it as priority 1 bug to the supplier, who dulyfix it
within 3 days! The IT guys check out the reproducer and theinstances of
live code where the problem was evident and verify that the supplierpatch
has indeed solved the problem.sites?
Q1: Which version of the software was installed at the following 5
Q:2 When was the software updated at the 3 already installed sites?application must
A1: The broken version.
A2: Never (yet)
In order to release a systems software upgrade, the entire
pass certification. This is an $7B pr. year manufacturing company -a
houshold name - SOX compliant and accutely aware of the necessityfor
application certification before deployment.like
Why you ask?
Because the cost of bringing a larger factory down completely is
$50,000 per hour, while the cost of having a DBA cleanup the stallsis zero,
because he is already sitting there and it is in his jobdescription. The
risk is evaluated, the costs apportioned and the decision made. Aprocedures
management no-brainer, because the certification requirement and
are very clear and unambiguous. As bizarre as it seems, this is thedaily
life of people who maintain and operate the big iron that controlslarge
manufacturing - not just that particular site.the
When the application is recertified on the patched vendor software,
patch to the vendor software will be applied to the productionenvironment
in a controlled and phased manner - not before.real
Here endeth the lesson in reality for you guys who wouldn't know a
high-availability corporate production environment if it landed onyour
head!
But the conclusion is that Kerry arguments against Linux does not
hold water.
Because if those systems where running Linux - how many security
patches would have been installed on them in that period ?
Arne
Thank you - you just made my point.
:-)
With 5-20 Linux (and Windows) security patches being released each
and every month, this company would not get approval from the
business units to test and apply all these patches against all the
important apps, so the business would have to risk not being hacked
with all of these well documented security patches not being applied.
With 50-60% of all security issues being internal related, that is a
huge risk.
And think about this in the financial sector with systems running
billions (and in some OpenVMS systems, trillions) of $'s through
their systems daily, weekly, monthly. With all of the internal people
taking laptops, PDA's back and forth to home, on the road and work
etc all open for Trojans, worms etc that are looking for systems with
documented holes to exploit.
It really blows me away that serious financial institutions can
justify moving to Linux (Windows) with so many monthly security
patches being released each and every month.
I can only believe that the managers involved have no idea of the
security issues their techies or those pushing these platforms are
exposing the business to.
Personally speaking, I would have to ask "how can these financial and
mission critical environments afford these platforms?"
So let me ask you these questions about this alleged incredulous actions by
financial institutions and other bet-your-business companies:
In your travels and engagements with these organizations, *what* rationale
have they told you was behind their decision to turf VMS out?
1) Does it have anything to do with the fact that certain critical
applications are no longer available or supported on VMS, (eg. SWIFT,
etc....)?
2) If their rationales are related to question 1) above, then have they told
you that since their critical applications or tools aren't available on VMS,
then they have no choice but to pay the price of patch-of-the-hour
environments.
3) Have they told you that it's because HP doesn't convince them that VMS
has any forseeable future, ie. doubts about VMS & Itanic EOL scenarios?
4) What about staff retention - have they mentioned that their staff may
want to have relevant *marketable* experience with the technologies that can
get them new jobs if the company downsizes/outsources them? I'm sure that
has to be in the minds of everyone in the IT divisions except perhaps the
CIO.
5) Have they told you it's because the CEO keeps reading about Linux or
Windows doing X, Y & Z applications elsewhere and wonders why his company
isn't doing the same?
How many of your off-VMS onto-Linux customers have come back to you at the
end of the migration and said "We never should have switched"?
So how about this -- since you've had experience with many of these
situations, --create a no-names list you can post here with the following
attributes:
Industry --eg. financial, manufacturing, medical, pharmaceutical, retail,
etc...
Old Environment - VMS, Solaris, Windows, Linux, zOS, etc....
New Environment - VMS, Solaris, Windows, Linux, zOS, etc....
Reason for Migration - HW vendor dead, application not supported on old OS,
tools not available, needed new apps so figured they'd use Asian talent with
zero VMS experience, whatever ......
Best Result of Migration - eg. costs reduced 20%, more TPS, whatever ......
Worst Result of Migration - patch-of-the-hour, costs increased, unstable
environment, etc.....
Overall Satisfaction w/Migration - not including scope creep
--
OpenVMS - The never-advertised operating system with the dwindling ISV and
customer
base.
.
- Follow-Ups:
- Re: Anyone know why the Alpha market is so so quiet?
- From: Dave Froble
- Re: Anyone know why the Alpha market is so so quiet?
- From: Bill Gunshannon
- Re: Anyone know why the Alpha market is so so quiet?
- References:
- RE: Anyone know why the Alpha market is so so quiet?
- From: Main, Kerry
- RE: Anyone know why the Alpha market is so so quiet?
- Prev by Date: Re: Question for the Group
- Next by Date: Re: Question for the Group
- Previous by thread: InfoVAX gateway (was Re: Anyone know why the Alpha market is so so quiet?)
- Next by thread: Re: Anyone know why the Alpha market is so so quiet?
- Index(es):
Relevant Pages
|
