RE: Anyone know why the Alpha market is so so quiet?

-----Original Message-----
From: John Smith [mailto:a@xxxxxxxxxxxx]
Sent: June 13, 2007 1:07 PM
To: Info-VAX@xxxxxxxxxxxx
Subject: Re: Anyone know why the Alpha market is so so quiet?

Main, Kerry wrote:
-----Original Message-----
From: Arne Vajhøj [mailto:arne@xxxxxxxxxx]
Sent: June 9, 2007 3:07 PM
To: Info-VAX@xxxxxxxxxxxx
Subject: Re: Anyone know why the Alpha market is so so quiet?

Dr. Dweeb wrote:
Main, Kerry wrote:
As I mentioned earlier, it is not the roll-out of the patches
that
is
the issue. Heck, that is relatively minor as you can even easily
do
this with all of the Windows security patches.

The big issue by far is the re-certification and testing of
important
business applications with all of the monthly OS security
patches.

For small and some medium businesses with small numbers of users,
this is not an issue as they simply apply the patch and reboot.
If
a
OS security patch breaks the kernel or an application, then they
can
simply roll-back with minimal impact as the numbers of users are
not
that large.

That is usually not the case with large IT environments with
mission
critical environments.

OK. Just so you guys "get it", here is a real example.

A system software upgrade is tested and validated. To be deployed
at 8
different sites over a period of 1 year, sheduled deployment
determined by
PM downtime of 24*7 manufacturing operations - which by its nature
is
planned a long way in advance.

2 smaller sites go live before a memory leak rears its ugly head
in
a large
site, number 3, crashing the application and stalling part of the
factory
shipping processes. The resulting cleanup operation consumes DBA
and
sysadmin time at every occurrance and occurs at different
intervals
depending on the transaction volume of the factory - the larger
the
factory,
the larger the problem. We are talking daily on a large factory.

The IT troubleshooters get on the job and isolate the error,
create
a simple
reproducer and report it as priority 1 bug to the supplier, who
duly
fix it
within 3 days! The IT guys check out the reproducer and the
instances of
live code where the problem was evident and verify that the
supplier
patch
has indeed solved the problem.

Q1: Which version of the software was installed at the following 5
sites?
Q:2 When was the software updated at the 3 already installed
sites?

A1: The broken version.
A2: Never (yet)

In order to release a systems software upgrade, the entire
application must
pass certification. This is an $7B pr. year manufacturing company
-
a
houshold name - SOX compliant and accutely aware of the necessity
for
application certification before deployment.

Why you ask?

Because the cost of bringing a larger factory down completely is
like
$50,000 per hour, while the cost of having a DBA cleanup the
stalls
is zero,
because he is already sitting there and it is in his job
description. The
risk is evaluated, the costs apportioned and the decision made. A
management no-brainer, because the certification requirement and
procedures
are very clear and unambiguous. As bizarre as it seems, this is
the
daily
life of people who maintain and operate the big iron that controls
large
manufacturing - not just that particular site.

When the application is recertified on the patched vendor
software,
the
patch to the vendor software will be applied to the production
environment
in a controlled and phased manner - not before.

Here endeth the lesson in reality for you guys who wouldn't know a
real
high-availability corporate production environment if it landed on
your
head!

But the conclusion is that Kerry arguments against Linux does not
hold water.

Because if those systems where running Linux - how many security
patches would have been installed on them in that period ?

Arne

Thank you - you just made my point.

:-)

With 5-20 Linux (and Windows) security patches being released each
and every month, this company would not get approval from the
business units to test and apply all these patches against all the
important apps, so the business would have to risk not being hacked
with all of these well documented security patches not being
applied.

With 50-60% of all security issues being internal related, that is a
huge risk.

And think about this in the financial sector with systems running
billions (and in some OpenVMS systems, trillions) of $'s through
their systems daily, weekly, monthly. With all of the internal
people
taking laptops, PDA's back and forth to home, on the road and work
etc all open for Trojans, worms etc that are looking for systems
with
documented holes to exploit.

It really blows me away that serious financial institutions can
justify moving to Linux (Windows) with so many monthly security
patches being released each and every month.

I can only believe that the managers involved have no idea of the
security issues their techies or those pushing these platforms are
exposing the business to.

Personally speaking, I would have to ask "how can these financial
and
mission critical environments afford these platforms?"


So let me ask you these questions about this alleged incredulous
actions by
financial institutions and other bet-your-business companies:

In your travels and engagements with these organizations, *what*
rationale
have they told you was behind their decision to turf VMS out?

1) Does it have anything to do with the fact that certain critical
applications are no longer available or supported on VMS, (eg. SWIFT,
etc....)?

2) If their rationales are related to question 1) above, then have
they told
you that since their critical applications or tools aren't available
on VMS,
then they have no choice but to pay the price of patch-of-the-hour
environments.

3) Have they told you that it's because HP doesn't convince them that
VMS
has any forseeable future, ie. doubts about VMS & Itanic EOL
scenarios?

4) What about staff retention - have they mentioned that their staff
may
want to have relevant *marketable* experience with the technologies
that can
get them new jobs if the company downsizes/outsources them? I'm sure
that
has to be in the minds of everyone in the IT divisions except perhaps
the
CIO.

5) Have they told you it's because the CEO keeps reading about Linux
or
Windows doing X, Y & Z applications elsewhere and wonders why his
company
isn't doing the same?



How many of your off-VMS onto-Linux customers have come back to you at
the
end of the migration and said "We never should have switched"?


As someone stated, switching is tough enough, but switching back typically means someone got fired.

Hence, unless the App or security breach is major, you will seldom hear about all those long nights that the operations and App folks spend keeping the App environment looking "normal".

Not sure about Linux, but I know of a few OpenVMS to Windows to OpenVMS large accounts. For one, think big military hospitals. Could not deal with archaic fail-over clustering and so many viruses and security patches.

Also about 18 months ago, a big high profile financial institution went live on Windows and by noon same day had switched back. Not sure if they ever tried to flip again or not.

Also a manufacturing environment - SCADA with OpenVMS Integrity .. don't get much more critical than these environments. Here is a link on their web site (not HP).

Reference:
http://www.vista-control.com/itanium_success.htm
" Los Alamos, February 15th. 2007 After implementing mission-critical systems on Windows-based computers for many years, a customer experienced a virus in one of these systems that shut down production for two days while the infected systems were diagnosed, restored and tested. The impact was that plant production was severely impacted at no small cost. Despite internal opposition because of the established standard, Vsystem on HP Itanium servers running OpenVMS was chosen for the next system to be replaced."

...

" Customers have also proved that the better a production system is instrumented, the better the plant can be operated, increasing productivity and quality. In addition, problems can be successfully diagnosed and corrected when the historian holds an excellent data record of the period leading up to and through the problem. This invariably requires that the operating system have excellent determinism to capture fast data. OpenVMS on Itanium has been proven to meet this requirement."




So how about this -- since you've had experience with many of these
situations, --create a no-names list you can post here with the
following
attributes:


So you assume there is some master list or DB somewhere in the universe that lists this and that I have access to this?


[snip..]

As I mentioned before, part of the problem is that experienced Techies and managers are to afraid to speak up and use their experience to ask a few simple questions about changing. They are to afraid they might get labelled with the dino label.

Bit OT, but issue is related .. Kind of like with SOA, J2EE and .Net these days .. how many App or techie folks are afraid to ask if these technologies (with all that OO brings) are really the right direction for their company?

It might be, but few ever ask the tough questions about all the downsides of these new technologies.

Can't ask the tough questions, because who wants the dino label? Better to keep quiet and jump on the "grass is greener on the other side" bandwagon..

Course, then years of frustration, blown budgets and all sorts of finger pointing begins.

Ah yes, gotta love the world of corporate politics.

:-)

Regards


Kerry Main
Senior Consultant
HP Services Canada
Voice: 613-592-4660
Fax: 613-591-4477
kerryDOTmainAThpDOTcom
(remove the DOT's and AT)

OpenVMS - the secure, multi-site OS that just works.




.

Relevant Pages