Zerowait Corporation

According to the Wall Street Journal, Sun Microsystems is planning a 15% cut in its workforce. Perhaps one of the major problems for Sun is that its sales force and margins are based on selling proprietary hardware. And like most products their customers pushed for commoditization over time. Linux was a commodity priced solution that pushed Sun over the edge. Economic models that go back to to Adam Smith’s have made sense for hundreds of years because they keep passing the test of time. If Sun can figure out how to make money with its Thumper products selling them as a commodity solution they may re emerge in a stronger position.

As I have written previously, there is a customer niche for the product.

The Silicon Valley computer maker said the moves, which include organizational changes aimed at bolstering its software business, will reduce costs by approximately $700 million to $800 million annually. It expects to incur total charges in the range of $500 million to $600 million over the next 12 months from the restructuring, of which it expects to incur approximately $375 million to $450 million within its current fiscal year 2009.
Sun has been struggling to reverse sagging sales, a depressed stock price and other problems. Sun reported a $1.68 billion loss in its fiscal first quarter ended in September, and has faced pressure from Wall Street to make substantial cost cuts. The company’s revenue, which dropped 7%, was triggered partly by a drop in sales of its high-end server systems, which use a proprietary chip technology called Sparc.
Sun is battling to find a consistent formula for growth since the Internet boom, when it supplied computers to power Web sites. But most of that business shifted to lower-priced systems that use x86 chips, designed by Intel Corp. and Advanced Micro Devices Inc. Sun now sells those machines, too, but its growth with those products has not been able to make up for slowing growth of its Sparc line.
More recently, Sun was among the first technology companies to feel the effects of the slump on Wall Street. The company has long relied heavily on sales to the financial services industry.

One of my friends sent me this patent to see if it was something that our company would be interested in. After reading the abstract and summary it reinforced my belief that there are several applications in the world where a network appliance fits in to a high availability architecture, but there always needs to be a balance between infrastructure complexity and stability.

If you are interested in what another California inventor has conjured up, read on.

United States Patent Application 20080016570

Abstract:

The method analyzes unauthorized intrusion into a computer network. Access is allowed through one or more open ports to one or more virtualized decoy operating systems running on a hypervisor operating system hosted on a decoy network device. This may be done by opening a port on one of the virtualized decoy operating systems. A network attack on the virtualized operating system is then intercepted by an introspection module running on the hypervisor operating system. The attack-identifying information is communicated through a private network interface channel and stored on a database server as forensic data. A signature-generation engine uses this forensic data to generate a signature of the attack. An intrusion prevention system then uses the attack signature to identify and prevent subsequent attacks. A web-based visualization interface facilitates configuration of the system and analysis of (and response to) forensic data generated by the introspection module and the signature generation engine, as well as that stored in the processing module’s relational databases.

SUMMARY

One or more embodiments of the invention are directed to an improved method and system for protecting computer networks. In one embodiment, the invention comprises a modular decoy network appliance, which runs fully functional operating systems on client hardware modules. The modular arrangement comprises front-end fully functional operating system modules and a separate processing back-end module.

The front-end presents a standard fully functional operating system, such as Windows® or a flavor of Linux®, or Sun Microsystems Solaris® that returns a standard operating system fingerprint when it is scanned by tools that attackers typically use to identify vulnerable systems. The attacker is thus lured into accessing the identified operating system and running custom or known exploits on that system.

The front-end module includes a sentinel kernel driver (or a more generalized executable module) that is hidden from system scanners as it is removed from kernel module listings or registry in Windows. Thus, the kernel does not indicate the sentinel kernel driver is running. The sentinel kernel driver monitors connections to the operating system as well as activity on the operating system and activity on services running on the operating system. When an attacker connects to a port, the sentinel kernel driver captures the data coming through the socket. Generally all relevant data coming through the socket is captured. In most cases this means whatever data is received as part of an incoming attack is captured by the sentinel driver. Captured data is sent as a slew of common UDP packets to the back end processing module over the fabric network connection separate from the vulnerable front-end modules. In this manner, there is no way for the intruder to know that his or her communications with the operating system are being analyzed.

The captured data, which contains the attack-identifying information, is sent to the back-end or processing module though the backplane fabric of the appliance using Layer 2 Ethernet communication protocol. The processing module is separate and independent from the client operating system modules and communicates the processed information to security administrators through a network port connected to the private and secure VLAN. Unbeknownst to the intruder, the exploit is thus captured, transferred and analyzed.

With the received data, the processing module generates a report of the attack. The report consists of user-friendly information that paints a picture of the attack for a system administrator. This may include information on which sockets were accessed, what happened at a particular socket, the key strokes entered or bytes transferred to the port, what files were transferred, registry changes, how the attack was run, what happened on the primary network, on its servers or how the network services were affected. The report may also include information on the location of the attacker or the attacker’s service provider. Graphical representations of key information and interactive mapping of the attack locales by region or country may be utilized in one or more embodiments of the invention.

The processing module is used to generate an attack signature by analyzing all the data passed through the socket. The signature is generated by analyzing the attack payload including the keystrokes or transferred bytes and any files uploaded to the client operating system of an ASCII or binary nature. The files uploaded are assumed to be of a malicious nature created to deliver a malicious payload in the form of a compiled program or an interpreted script. In the event that no malicious files are uploaded to the operating system, the signature generation engine analyzes all the keystrokes or bytes delivered through the socket and creates a pattern signature which when applied to an IDS or IPS system, enables the IDS or IPS systems to detect the attack if repeated on production systems. Once generated, the attack signatures can be viewed by a system administrator to determine the appropriate course of action. The system administrator can instruct the signature to be uploaded to the intrusion detection system (IDS) or intrusion prevention system (IPS) for the protected network where it is added to the IDS’s or IPS’s library of signatures to protect production systems. In one or more embodiments of the invention, the signature may be uploaded or saved in a third party system that maintains all known exploits. In this manner, other systems may be notified through secure channels of an impending threat. For example, by transferring the signature to a centralized server that communicates with multiple installations, the intruder may be thwarted before attacking other systems in other companies.

The Wall Street Journal today has a short article on the Sun ZFS solution. We have some customers who have switched to the Sun Thumper solution and for their smaller storage applications they seem to like it. Other customers are working with home brewed ZFS on BSD solutions and finding a few places where it fits into their infrastructure.

With budgets tightening more customers are looking at ways to cut their storage acquisition and maintenance costs and the Sun solution seems to fit for a portion of these customers.

I think the following points from the article are the most interesting:

1) Sun Monday is introducing its latest family of hardware based on a concept it calls “open storage,” which avoids proprietary technology in favor of standard components and open-source software that can be modified by users. Sun says the “open” approach, among other things, makes its products less expensive and more flexible than competing offerings.

2) Sun’s storage hardware relies heavily on what it calls the Zettabyte file system, which is software that manages how data files are named and stored. By offering ZFS as a free open-source program, Sun hopes to build a community of companies and developers, such as exists for the open-source Linux operating system.

3) Sun earns revenue by selling services around it’s open-source software, which is free to download and use, as well as by selling related hardware.

Time will tell what the marketplace thinks of the solution. Based on customer comments that we have heard over the last year about ZFS, I think there is a market for a commodity based solution for enterprise storage.

John Chambers of Cisco is forecasting a decline in sales.

Sales will decline as much as 10 percent in the second quarter, which ends in January, Chambers said yesterday on a conference call. In August, he predicted a gain of 8.5 percent from a year earlier.
Business changed course after the credit crunch hit, pushing October orders down 9 percent, Chambers said, adding that his comfort level with the forecast was the lowest since the dot-com bust in 2000. Chambers plans to save $1 billion in costs over the next three quarters by curbing hiring, business travel and relocations.

When Cisco has to tighten its belt, people notice. Zerowait can help lower operating costs for companies and we look forward to working with many more companies to show them how they can operating costs while maintaining their High Availability Service levels.

Cloud Computing seems to be the ‘hot’ term now. But it seems like it might turn into another way for vendor’s to lock customers into their services.

Service providers won’t admit this, but once they’ve got your data, they’ll try to find ways to lock you in and keep you from switching to another provider. Ultimately, we users may have to make a trade-off — sacrificing some degree of freedom and control in exchange for convenience. If the alternative is the mess we have today, that trade-off may look appealing.

Before you let your data get locked into a service provider, you better make certain that the company that has your data can meet your data recovery requirements and your data security requirements. For example not all clients will feel comfortable with their data being mixed in aggregates with other customers’ data. Providing security for your corporate data may be more important than the convenience of the solution pitched to you by the Cloud storage provider. How can you be certain that your Cloud storage provider’s employees meet your personnel screening requirements?

Everyone should ask their Cloud storage provider the following questions:
1) “Who has the keys to my company’s most valuable data?”
2) ” Do the employees meet our company’s security requirements?”
3) ” Do they meet the requirements of any government contracts we have”
4) ” Where is the data physically located if we need to take possession of it quickly”
5) ” What is the cost if we need to take possession of our data “

Clouds often mask the important visual clues that you need to make informed decisions, without a good set of instruments it may be hard to interpret the information you are given by the Cloud storage provider.

Everyone seems to have noticed that NetApp has canceled its much hyped Customer Conference. The NetApp folks are blaming the economy. It is interesting that NetApp is saying that their customers are unable to travel to the customer conference, because of travel restrictions caused by the economy.

“NetApp said in a statement that the cancellation was caused by “customer feedback about increasing restrictions on corporate travel,” as well as “today’s climate of economic uncertainty.”

Admittedly Zerowait’s customer conference in Reno in September was a smaller event than NetApp was planning. But our customers had a great time and learned from each other how to maximize their NetApp infrastructure and get the most out of their storage investments. At the conference we had frank discussions on how to extend their NetApp equipment’s life cycle and get more value from their storage. So by traveling to our conference our customers learned new techniques for saving their companies substantial amounts of money.

In light of the economic situation that caused NetApp to cancel their conference perhaps they can recast it as a job fair for customers who are losing their jobs, or a conference that will show their clients how to save their budgets? At the least a Job Fair would be a great way for NetApp to help their loyal customers that understand their technology find new positions in commercial sectors that are still growing.

Zerowait is still growing, and we are always looking for qualified candidates to help us with the service and support of NetApp equipment around the world. If you are a highly qualified NetApp engineer please send us your qualifications, we may be able to help you and a customer of ours.

I am returning home to Delaware from San Diego today after a very busy week of visiting our customers in Southern California. We met with customers in publishing, entertainment, micro electronics, aerospace and defense. Every customer is looking at how to consolidate their storage to get by without breaking their budget. Maximizing storage to the capacity of their current NetApp systems is one way of making their budget dollars go farther because they can avoid a system upgrade. A couple of customers are looking at Equalogic storage and some were looking into home brewed BSD solutions running ZFS.

The paradigm has changed and high priced arrays are not a priority anymore. The priority is maintaining high availability without breaking the budget. Because of tightened budgets some customers are comparing their quotes from different divisions and have noticed that their pricing was different from NetApp for different divisions within the same company and were sometimes different within the same building for systems and support. One company that I met with that has a European division noticed that NetApp pricing was substantially different and that the Europeans could purchase the identical equipment for substantially less then the US division could. This might have something to do with the opportunity registration that NetApp uses, but with many companies today the lowest acquisition cost is the most important aspect of a purchase, and the vague logic of the pricing that customers are getting seems to be an issue.

This trip was enjoyable. I met with many customers and friends that we have been working with for over 10 years. We discussed the growth and maturity of the networks we have been working on and looked at the new challenges that occur because of rich media and compliance issues. Storing data for compliance can get quite costly and our customers were asking what types of solutions we could provide them that can provide reliability without breaking the bank. And we have some solutions that are a perfect for for today’s budget constrained IT environment.

The financial panic has hit Wilmington, Delaware. Many of the companies in the news have offices here – AIG, JP Morgan Chase, Citi, Bank of America, etc. As a member of the Delaware business community we are offering to help the local financial institutions by helping them lower their costs of support and maintenance for their NetApp storage infrastructures. The employees of these companies are our neighbors and friends. If we can help these companies to reduce maintenance costs perhaps these large companies can retain some of their highly trained IT staff who are our neighbors.

Tough times call for creative solutions and Zerowait has been providing an affordable alternative to NetApp for service and support for many years for some of the largest companies in the world. Since the Dot Com bust NetApp has focused on the financial sector, and their business grew over the last few years. But now these financial companies are hurting, and their workers are looking for reliable solutions that they can afford.

We recognize that a lot of local companies are hurting right now, and we have solutions that can help them maintain their high availability storage while they are cutting their budgets. Let’s work together to solve today’s problems and let other people assign blame. If you work for a financial institution with offices in Delaware, give us a call and we will give you an additional 5% off our already low prices.

Today the news reports are all about the financial panic. The great sell off and the doom that is coming. But there are always ways to economize and people are at their best when things look bad. Today people are looking at Zerowait as an option on how they can save money and not sacrifice the high availability service and support that their NetApp storage infrastructure provides. There are always options, and in hard times Zerowait can provide an affordable alternative for high availability service and support for your NetApp infrastructure.

Don’t Panic! Zerowait has the answer! Call us and we will calm your nerves.