One of the delimmas that faces retailers today is the need to control costs and innovate to support new ways to providing a compelling shopping experience across all shopping channels.
In Jon Stine’s recent blog Big Pipes and Lean Stores, Jon talked about the store evolving into a living breathing web site. Just like a highly dynamic web site with rapidly changing content and integration to other channels, stores will need to replicate that functionality to serve the new generation of consumers. Retailers with traditional inflexible store IT infrastructure will find it very difficult to adapt to this dynamic environment in a cost effective manner.
Guest Brian Kilcourse, Managing Partner Retail Systems Research and Jon Stine will discuss the retailers who retailers must face this dieimma head on.
Michael Heffler, Retail Solutions Manager and Bart McGlothin, Retail Solutions Architect will present how retailers can rely on the network to reduce costs and increase flexibility.
In areas including Lean Store and Lean Data Center, this involves projects such as as simplifying and moving IT equipment from the store to the data center and leveraging virtualization and centralized management of IT services in the stores .
By moving to a network-based architecture with a belt (back-up) and suspenders (survivability) to deliver services, this strategy can help retailers evolve to a private and public cloud services platfom in the future.
Steven Ross, Vice President of Technology, Chico’s FAS, Inc. is our special guest and he will present on his experience with dynamic architecture and working with Cisco data center technologies.
As I travel the world, I ask my customers two simple questions:
First, are you virtualizing your data center? (Universally the answer is yes.)
Second, have you deployed any virtual security solution? (Universally the answer is no.)
Wow. How can this be? Does a virtual data center not need security? Not a chance. It needs security more than ever. Most customers are confining their virtualized infrastructure into secure zones, or virtual local area networks (VLANs). That’s useful for a first phase, but excessive VLAN segmentation holds us back from achieving the efficiencies of the utility computing model—and it also gets really complicated really quickly.
Yesterday I had the opportunity to sit down with a panel comprised of the following folks here at Cisco Live! First off, my thanks to Friea Berg (@friea) for creating this opportunity. Events like Cisco Live are a great venue, but pulling together a group of industry peers to have a meaningful dialog around the challenges our mutual customers face, and how we can better serve them is something that magnifies the impact of these events. So, yesterday I was lucky to join the following folks: Read More »
So here we are, Monday at Cisco Live… Most likely you cut your weekend short to get here on time, or… you fought some insane TSA line-ups and a full-body x-ray scan this morning to squeeze onto an oversold flight. Regardless, you’re hopefully reading this from the comfort of a quiet, convenient spot you’ve staked out in the Mandalay Bay with a vodka-tonic within arms-reach (well maybe not). Read More »
I started my professional life using a mainframe. Back then the people running the mainframe world were known as the “data center guys.” These guys had a certain DNA combination that created an expanding waistline, a retreating hairline, a belt buckle the size (and shape) of Texas, and a penchant for big iron. This crowd ruled the data center for a long time, but virtualization in the data center is now driving a radical shift that seems to be changing everything.
Instead of having an application running on a dedicated tower of hardware power, apps are now free from the limitations of the infrastructure underneath. Hardware is evolving rapidly into dynamic blocks of utility computing (and storage and networking) that can be standardized, widely deployed, and efficiently utilized. This change is good news, as it can cut data center costs by 50 percent or more. If the big iron crowd from the mainframe days doesn’t adopt this fundamental shift, they’ll be hanging up their Texas belt buckles in the computer museum next to the punch card, the VAX, and a replica of the ILLIAC.
The same shift is also happening with security. Since most security products are primarily software based, it is not much of an effort to repackage these products as “virtual security.” But merely repackaging security products misses the point. Today’s security architecture was built at a time when the workplace was very different than it is today. End users would come into the office and work on a PC, which sat on a desk and was connected by a wire to a port on the wall. At this time, the IP address was a pretty good proxy for the user’s identity. And applications would each run on their own tower of power—hardware that was often running in a unique data center rack or racks. Therefore segmenting the data center in this era was relatively easy; it was based on IP address ranges and, later, on virtual LANs (or VLANs).
But the workplace of today (and tomorrow) looks very different. We’re no longer tied to a specific lump of hardware. We expect to access our apps in the cloud from any device, at any time, from anywhere. Therefore the IP address is a less useful means of defining data center boundaries.
We need a new capability that allows the security team to maintain its meaningful policy enforcement capability, while enabling that policy to be relevant across all infrastructure—physical and virtual. An important nuance here is that the policy should be consistently enforced across physical infrastructure as well as across virtual infrastructure from any virtualization vendor. This level of enforcement requires special access to the hypervisor. Without this access, a virtual security solution can’t see traffic between two virtual machines (VMs).
How the various security vendors plan to address hypervisor access is still an open question. And how that question gets answered is significant—and is likely to reshape the security vendor landscape.
So as we consider various virtual security solutions, simply repackaging today’s security software as a VM running in a cluster of other VMs is extremely uninteresting. Instead we must reimagine the way that we build and deploy security solutions. How do we bridge the policy model from today’s hardware-based firewalls to the virtual firewalls of tomorrow? How can we maintain a separation of duties, so that security policy definition is separate from traditional network operations? And how will we orchestrate all of these components in the dynamic, nimble data center of tomorrow? These are not small issues. But of course, that’s what makes my job fun.