Welcome!

If everyone is thinking the same, someone isn't thinking

Lori MacVittie

Subscribe to Lori MacVittie: eMailAlertsEmail Alerts
Get Lori MacVittie via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Lori MacVittie
Why would miscreants bother with other routes when they can go straight to the source? People concerned with security of the cloud are generally worried about illegitimate access of the applications and data they may deploy in the cloud. That’s a valid concern given the needs of c...
F5 and VMware demonstrate live migration of a virtualized application across clouds without downtime or user disruption Cloud is reaching the peak of possibilities and that (often) means just more paper solutions. You know the ones; the ones that exist only on paper (or in blogs as t...
How to leverage a “private virtual cloud” such as Amazon VPC with your own dynamic infrastructure A couple of blog posts on Amazon’s recent announcement of its VPC (Virtual Private Cloud) have made much of the fact that the resources available within Amazon’s cloud via VPC aren’t ...
When you start distributing services (workloads, applications) across multiple locations, a la cloud balancing, and those locations may change on a frequent basis you begin to run into problems with finding those services and scaling the rate of change effectively. DNS was designed to ...
The ability to orchestrate processes and create new solutions using the same tools – virtual machines, unified application delivery infrastructure, management systems, and the network – means that no two cloud computing architectures, like SOA, will look the same. They are tailored to ...
Cloud changes how we deliver applications but we’re still delivering applications With all the hype around cloud it’s easy to get caught up in deployment models and architectures and how much money it is/is not going to save us and, of course, with the cool factor that always surroun...
Secure, optimized tunnels to a remote site, e.g. the cloud. Haven’t we been here before? In the continuing discussion around Business Intelligence in the cloud comes a more better (yes I did, in fact, say that) discussion of the reasons why you’d want to put BI in the cloud and, appr...
The real power behind cloud is processes, and those don’t come out of a box VMworld, in case you’ve been out of touch, is approaching fairly quickly. As with any trade show/conference there’s likely to be a lot of announcements about this and that and oh, of course, that too. What i...
Survey says IT still doesn’t agree on the definition of cloud – private or public – but everybody is doing it Every organization with a stake in cloud computing’s predicted billions of dollar market is interested in understanding what it is IT wants – and needs – for cloud. The only...
You’re going to need a dynamic infrastructure lest you effectively negate the gains achieved by higher VM densities In the continuing saga of “do more with less” comes a new phrase that’s being tossed around: VM density. For example, VMware puts forth the notion that the Total Cost of...
Just what is the bandwidth of a van full of hard drives traveling 300 miles at a speed of 65 mph? After a short Twitter discussion based on this post which suggested Ye Olde Sneakernet is the best way to transfer large data sets from the enterprise to the cloud (which is, unfortunate...
Why do application delivery vendors talk about both? Aren’t they the same thing? In general, acceleration implies that something will be done to the application: caching, compression, etc… The actual behavior of the application is changed such that the client may need to participate...
Idle resources will always need to exist, especially in a cloud architecture With IT focused on efficiency – for reduction in operating expenses and in the interests of creating a greener computing center – there’s a danger that we’ll attempt to achieve 100% efficiency. You know, the...
I was recording a podcast last week on the subject of cloud with an emphasis on security and of course we talked in general about cloud and definitions. During the discussion the subject of “private cloud” computing was raised and one of the participants asked a very good question: S...
Without processes the cloud is not a cloud   So you’ve virtualized your application infrastructure using VMware or Microsoft or the “virtualization solution de jour.” You probably also virtualized the application access via an application delivery solution so you can provide scalabi...
Simultaneously one of the best use-cases for cloud as well as the worst. What’s IT to do? David Linthicum, SOA and cloud pundit and all-around interesting technology guy, recently pointed out a short post on business intelligence (BI) vendors joining forces with the cloud to offer cl...
Back when I was developing GIS data translation software I had to fight security all the time. My desktop was so locked down I couldn’t compile  the code because I didn’t even have appropriate permission to access the file system. Why? The guy in charge of security was so paranoid abou...
When it comes to availability, coding a solution is just delaying the inevitable Jonathan Howell, in Five Things That Will Kill Your Site – an excellent read, by the way, for all web application developers – asserts that there are several ways to avoid web application death that do n...
Why Carr’s analogy doesn’t describe today’s cloud environments and how SOA can get us closer to what he describes Back when cloud first starting drifting in to obscure the computing landscape there were a lot of parallels drawn between it and grid, and a lot of analogies used to expla...
Everyone is talking about the DoS (Denial of Service) attack on Twitter but most of them are missing what really happened. We’re so used to defending against HTTP-based DoS attacks that we’ve missed that it’s much easier to DoS a site based on the most critical piece of infrastructure ...
We often talk in abstract terms about the affects of application performance on productivity. It seems to make sense that if an application is performing poorly – or unavailable – that it will certainly affect the productivity of those who rely upon that application. But it’s hard enou...
For the rest of your applications it may be the case that some are better suited to an SaaS environment than a PaaS, and in some cases IaaS is going to be your best option. It isn’t all or nothing, but rather it’s about choosing the environment that’s right for the application. Doing o...
One of the frustrations with information security is that it’s always difficult – if not impossible – to quantify risk. Without the ability to quantify risk, it’s often the case that solutions that would mitigate the risk are left unimplemented because there’s no way to prove that the...
When you’re thinking about deploying an application it would be good to remember Yoda’s words regarding the Sith: Always two there are, a master and an apprentice. ALWAYS TWO THERE ARE Like Sith Lords, there should always be two instances of any given application available...
If you happened to read my post this morning (WILS: Applications Should Be Like Sith Lords) you might be wondering if the cat got my tongue this morning or if perhaps I’ve lost the ability to ramble on write passionately about application delivery. When you’ve spent as many years a...
People often describe the act of changing focus from one related but distinct task to another as “wearing two different hats.” Like moving from “developer” to “administrator” when you’re trying to deploy an application in a testing environment. You’re the developer, but then you have t...
The concept of a server needs to go the way of the dodo One of the reasons I enjoy Twitter is that quite frequently – if you’re following the right people – you’ll see a tweet that is absolutely profound despite its simplicity and the constraints placed upon the author. Recently w...
Context, it’s always about context (or the lack thereof) I received a call recently that most people have probably received: our banking institution just wanted to verify that yes, that was Don or I making purchases at midnight in Wisconsin and then later in Indiana and yet again th...
My first read through a post on the Cloud Front Office led me to scoff disdainfully at the re-emergence of a concept central to a successful SOA implementation: the service catalog. Oh, we called it "registry" and then "registry/repository (reg/rep)" and finally "governance" but the co...
The blurring of professional and personal lives in social media and the rush of organizations to “join in” may create just that. Almost every modern organization has behavioral policies known as “zero-tolerance” these days. These policies are designed to provide a healthy, productive...
First, everyone needs to calm down. Twitter.com itself was not breached. According to Evan Williams as quoted in a TechCrunch article, the attack did not breach Twitter.com or its administrative functions, nor were user accounts affected in any way. So everyone can just stop with the “...
The “replace” in “rip and replace” essentially means getting rid of old security problems and replacing them with new ones. Twittergate is (thankfully) behind us but it’s almost assuredly going to be the case that we’ll be rehashing this one for a while. This certainly isn’t the firs...
Availability means more than the dread “d” word The focus on making servers unhackable to prevent service disruption (that’s such a politic way of saying the dread “d” word – downtime) is admirable but exposes the tendency of technical folks to go down rat holes when discussing ...
Notice that isn’t a question, it’s a statement of fact Twitter is having a bad month. After it was blamed, albeit incorrectly, for a breach leading to the disclosure of both personal and corporate information via Google’s GMail and Apps, its apparent willingness to allow anyone and...
@quine overhead an interesting question that he offered via Twitter regarding cookies and BIG-IP. Specifically someone was wondering whether BIG-IP automatically removes cookies from the browser. Our team had a quick discussion because the question isn’t as straight-forward as it ...
Is ESB just an expensive integration hub or is there more to the story than we heard… In the beginning, the ESB (Enterprise Service Bus), was marketed as much more than an integration technology. While the core of an ESB is  certainly about connectivity between services, there was – a...
One of the interesting points that discussions around intercloud brings up is the need for infrastructure to, if you’ll pardon the use of marketing jargon, align with the business. What that really means is that applications and their supporting infrastructure need to be more business-...
Apparently if you’re attending the USENIX Security conference (August 12-14, 2009, in Montreal, Canada) you can participate in the Security Grand Challenge. What is that, you ask? Here’s how the organizers describe it: The concept is very simple. The participant teams will have to...
No, that isn’t a homophonic mistake. Dan directed my attention to an interesting article recently, “Are 3-tier web architecture models too rigid?” in which the author postulates that “maybe it is time to finally break out of  the old 3-tier web architecture box and retire the concep...
Without availability scalability is irrelevant I really enjoyed Jeff Atwood’s recent blog on Scaling Up vs Scaling Out, which includes a fairly detailed comparison of the costs associated with each approach to scalability. I enjoyed it because not only did it take into consideration ...