Lori MacVittie’s posterous

Greg Ferro over at My Etherealmind has a, for lack of a better word, interesting entry in his Network Dictionary on the term "Application Delivery Controller."

He says:

Application Delivery Controller (ADC) - Historically known as a “load balancer”, until someone put a shiny chrome exhaust and new buttons on it and so it needed a new marketing name.

However, the Web Application Firewall and Application Acceleration / Optimisation that are in most ADC are not really load balancing so maybe its alright.

Feel free to call it a load balancer when the sales rep is on the ground, guaranteed to upset them.

I take issue with this definition primarily because an application delivery controller (ADC) is different from a load-balancer in many ways, and most of them aren't just "shiny chrome exhaust and new buttons". He's right that web

Read the rest at DevCentral

During the debate of WAF versus, well, just about everything, I heard an interesting thing.

See, I was taking the view that the duplication of security code across all services/applications lays the groundwork for the introduction of errors, accidental omission, and the degradation of performance. I argued that a WAF addressed all these problems and was therefore a better option.

The person with whom I was discussing the subject declared that security code did not necessarily need to be included in the application, it could be a service that, in the spirit of SOA, could be reused and that this addressed the problems just as well.

Huh. Really?

So basically it's okay to externalize security services and reuse them in order to secure applications, but it's not okay to externalize security services and reuse them in order to secure applications.

Huh. Really.  Apparently some services are more equal than others. Is this a web farm or animal farm?

Read the rest at DevCentral

My son was bemoaning the fact that while his WoW (World of Warcraft, a.k.a. Digital Crack) character has "epic" shoulders (that still cracks me up), he's still wearing green shoes.

Apparently in WoW (I am a gamer, but I stick to table-top games. MMORPGs hold little fascination for me) the power and effectiveness of items are represented by color. Green shoes are magical, but they're only one step away from "the shoes you left home to adventure in".

Worse, it seems that the shoes your character is wearing can drag down your effectiveness in general. So even though you have "epic" (very cool, very powerful) everything else, wearing green shoes drags you down.

It struck me that green shoes are like your network and delivery infrastructure; if that infrastructure is less than optimal and not up to the same level of "epic" as your application, it can drag down the overall effectiveness of that application. Even if you've got the killer application or site, if the network over which it is being delivered is congested, or drops packets, or unreliable, or just plain slow then that killer application isn't going to be as effective as it could be.

Read the rest at DevCentral

Abhik, in a reply to "Why can't clouds be inside (the data center)?" says that "the whole point (and primary benefit) of cloud computing is that someone else manages the computing resources. That set of resources is drawn as a cloud in a network diagram because you, the developer or the company using cloud resources, neither knows or cares to know the specifics of the computing infrastructure. An in-house cloud would require procurement, management, maintenance and continuous cost even during idle time -- it is just a grid."

Is it? Is that the primary reason enterprises might be considering cloud computing?

Read the rest at DevCentral

Ken Oestreich of the Fountainhead blog has an interesting take on cloud computing. Ken cites many examples of cloud computing experts who essentially claim that cloud computing cannot be done "inside" the data center. Then he postulates that yes, yes in fact it can.

In general, I agree with Ken's assessment. A CRM (Customer Relationship Management) system is still a CRM whether it's hosted inside the data center or remotely by a SaaS (Software as a Service) provider. Similarly, a cloud is still a cloud regardless of whether it's implemented in someone else's data center, such as Amazon, or in your own data center.

Most definitions of cloud computing disagree.

Read the rest at DevCentral

One of the "real world" lessons rarely taught in the university setting is that in the "real world" you're going to have to follow coding standards. Back in the day, when I was allowed to code, I often railed against some of those coding standards on the basis that they impaired application performance.

Anyone with a firm grounding in computer science knows that the introduction of a local scope necessarily means more work (and thus memory and cycles consumed) to set up the stack: copying variables, pushing parameters, etc... That means that a conditional statement with just one statement unnecessarily introducing a local scope degrades performance. But that price is often willingly (or unwittingly) paid in the enterprise because of coding standards which dictate format of code. Sure, modern compilers often optimize that code anyway but are you sure yours does? Have you checked? Does it require a flag and has that been set for all applications?

Read the rest at DevCentral

An interesting InformationWeek article asks whether SOA intermediaries such as "enterprise service bus, design-time governance, runtime management, and XML security gateways" are required for an effective SOA. It further posits that SOA governance is a must for any successful SOA initiative.

As usual, the report (offered free courtesy of IBM), focuses on SOA infrastructure that while certainly fitting into the categories of SOA intermediary and governance does very little to assure stability and reliability of those rich Internet applications and composite mashups being built atop the corporate SOA.

Effective SOA Requires Intermediaries via InformationWeek

In addition to attracting new customers with innovative capabilities, it's equally important for businesses to offer stable, trusted services that are capable of delivering the high quality of service that users now demand. Without IT governance, the Web-oriented world of rich Internet applications and composite mashups can easily become unstable and unreliable. To improve your chances for success, establish discipline through a strong IT governance program where quality of service, security, and management issues are of equal importance.

As is often the case, application delivery infrastructure is relegated to "cloud" status; it's depicted as a cloud within the SOA or network and obscured, as though it has very little to do with the successful delivery of services and applications. Application delivery infrastructure is treated on par with layer 2-3 network infrastructure: dumb boxes whose functionality and features have little to do with application development, deployment, or delivery and is therefore beneath the notice of architects and developers alike.

SOA intermediaries, while certainly a foundational aspect of a strong, reliable SOA infrastructure, are only part of the story.

Read the rest at DevCentral

Dear Internet Tough Guy,

You know who you are. You're the individual who has an insecurity complex, probably due to a sad childhood, the story of which no one is really interested in hearing. You're the troll that prowls technology blogs and forums looking for someone to voice an opinion with which you disagree just so you can tell them they're an (idiot|moron|fool) without any context or reference.

You're the person who posts comments without leaving a name, e-mail address, or website because deep down you're afraid of voicing your opinion (insults) without hiding behind the digital equivalent of mommy's apron: anonymity.

Read the rest at DevCentral

Green IT is a fairly well hyped topic at the moment. While the term may be seen as hype, there are tangible benefits to employing green tactics within IT. Even research firm Gartner sees it as one of the hyped technologies organizations can use now to see real benefits.

Jackie Fenn, vice-president and Gartner Fellow on green IT via The Standard 

Another set of technologies that's benefit to companies now is green IT, which is valuable in more ways than one, Fenn said.

"The happy thing about green IT is that the greater good is aligned with the selfish benefit of saving money," she said.

But how much money are you really saving? And how much good are you doing at the same time? It's nice to say "it can" but wouldn't it be nicer if you could quantify how much good and how much money this concept might actually save? A hosting firm with an albeit good reason to dig into the subject, claims from a study that web servers produce an excess of 632kg of CO2 annually by wasting 1000 kWh of energy.

Read the rest at DevCentral

SC Magazine reports that (1) cloud computing environments may not be very secure and (2) a VPN can improve the security of cloud computing environments.

Countering cloud computing threats via SC Magazine

Technology such as two-factor authentication systems, when married to encrypted VPN connections, can secure an internet connection into a cloud computing-based service.

That's the verdict from the Information Systems Audit and Control Association (ISACA), which concludes that using such techniques would tend to make interception of files and transmissions almost impossible.

Sarb Sembhi, president of the ISACA London Chapter, said, "While there is no such thing as a totally secure system, especially a system that is accessible across the internet, our belief is that, with the right technology, the new generation of cloud computing system can be made as secure -- if not more secure -- than existing server-based office systems."

ORLY? I think I've read something like that before...

Read the rest at DevCentral