oTTie

Hi There,

As every body knows that the newest family of EMC SMB storage that is the EMC VNXe series that can integrate to VCenter and Hyper V server from microsoft is a very nice offer to company that have a very thigh budget. Its low cost, economic and has user friendly interface like just click and done sort of things … now for every one that wanted to take a ride on the newest EMC VNXe interface you can download their so called demo engine ( or should i say it simulator ) that can give you a pretty much the experience of the real things.

so head this way and click here to get the feeling of the newest EMC technology.

We all know that NetApp is the leader on SMB market with their Unified Storage system, but now … theres a competitor that srhroud it from behind , yups .. thats EMC , trying to take a litle bit of the cake piece from NetApp with their new release SMB storage series, the brand new EMC VNXe series … 

A handpicked internal EMC team developed the VNXe solution from the ground-up while leveraging the experience and code of previous products. The underlying enabling technology for the product is the Common Software Execution (CSX) Environment, which EMC Distinguished Engineer Steve Todd has explained on his blog. This software which makes up the core of the VNXe, is hardware and architecture agnostic. VNXe is an Ethernet-based unified storage (NAS/iSCSI) device that starts at a cost of less than ten thousand dollars. Just as VMware software can go on a large variety of server platforms, CSX software could be used as the foundation for various EMC and OEM solutions; allowing for customization for specific requirements of markets or geographies. It will be interesting to see where EMC takes CSX software next – it could even be delivered as a software-only solution in a virtual machine.

Processes

Beyond the product, there are significant challenges in the processes required to be successful in the SMB market, including:

1. Skill set – users do not understand storage terminology
2. Marketing/Brand – SMB users are more likely to recognize consumer brands and will utilize search engines and forums as primary research tools
3. Channel – different than the VAR/integrator for mid-range

Storage management has been seeing incremental simplification and automation, which has helped storage administrators, but most SMB companies don’t have storage skills or the time to learn them. To create a brand new management tool, EMC took what it had learned from previous efforts in the market and collaborated with the Iomega team that sells into the consumer market. To be successful, this new GUI has to be great (see screenshot’s here), and EMC says that field feedback is that this tool finally meets the needs of the IT generalist. The resulting Unisphere for VNXe is a simple and clean interface that looks more like a business/web application (built with Adobe Flex) than a traditional IT management tool (built on Java). There are wizards for configuring based on email or virtualization (VMware and Hyper-V) requirements – NO storage language such as LUNs, targets or zoning. In addition to management, the product and GUI allows for customer deployment and self-service or direct linkage to the VARs who can install, repair and expand the system.

Gaining visibility in a crowded and fragmented SMB market will be one of the largest challenges for EMC. While EMC has been increasing its marketing presence over the last few years (sports fans in the Boston area will know the “EMC levels” of Fenway Park and Gillette Stadium), most SMB business people around the world will not have a brand preference for EMC on name alone. EMC is adding a new “Affiliates” tier to its Velocity partner program to enable the SMB market through thousands of partners who can learn the product though a short computer based training. It will be these partners and customer’s word of mouth that will determine whether the VNXe can penetrate the market.

Cloud Dynamics

In the last four years while EMC was developing the VNXe, cloud computing has emerged as a trend that is challenging everything in traditional IT. Many of the business applications that SMB businesses use can be consumed through cloud models. The move to cloud offerings is not happening overnight and many businesses will choose the security and control of keeping data in-house. In the broad SMB market, there is room for many offerings, just as in the enterprise there is the debate between private cloud and public cloud, VNXe provides an internal ITaaS solution for customers that will compete with the growing external cloud offerings.

So for my personal interest, i would buy this storage if i had an VMWare Infrastructure on my setup … ^_^

*some of the article was get from  wikibon.org thanks for the author for the information.

Apakah compliance itu ?

Malem malem … ga tahu mau ngapain, tersirat dari kemaren suatu kata yang gwe mau tau artinya “Compliance” … akhirnya, mumpung ada dosen gratisan ^_^ … kekeke, ya udah gwe tanyain aja deh …

oTTie (4/17/2011 1:17:15 AM): eh btw pak … karena loe udah BCI kan …

oTTie (4/17/2011 1:17:21 AM): gwe tanya dunks …

oTTie (4/17/2011 1:17:43 AM): compliance itu apa sich …. gwe masih ga mudeng sama definisi “Compliance” itu …

Dosen (4/17/2011 1:18:22 AM): compliance tuh menjalankan prinsip prudent, fiduciary, non repudiation

oTTie (4/17/2011 1:18:37 AM): apaan tuch ?

oTTie (4/17/2011 1:19:29 AM): Compliance (regulation), the act adhering to, and demonstrating adherence to, a standard or regulation. Regulatory compliance refers to systems or departments at corporations and public agencies to ensure that personnel are aware of and take steps to comply with relevant laws and regulations. In general, compliance means conforming to a specification or policy, standard or law that has been clearly defined.

Dosen (4/17/2011 1:19:50 AM): prudent saat buat keputusan, semua resiko dan pertimbangan dipakai, fiduciary, keputusan managerial memberikan cost benefit ratio tinggi, non repudiation bertanggung jawab setelah keputusan, dan tidak bisa menghindar

Dosen (4/17/2011 1:20:48 AM): setiap perusahaan / industry punya regulasi…tapi initinya itu…3 hal, ke shareholder, nasabah/customer dan employee

Dosen (4/17/2011 1:21:28 AM): semua regulasi ya intinya perlindungan dan manfaat ke shareholder, customer, employee dan citizen

oTTie (4/17/2011 1:22:23 AM): oOo … oke … jadi kalo archiving yang menuju ke compliance itu kita archive datanya , dan sewaktu waktu bisa dipakai sebagai bukti bila seseorang / bagian tidak menjalankan regulasi perusahaan sesuai policy yang sudah ditentukan …

oTTie (4/17/2011 1:22:35 AM): begitu yak maksudnya dengan compliance archiving …

Dosen (4/17/2011 1:22:39 AM): misal head it mau implement backup system, dari saat mengidentifikasi kebutuhan, memilih solusi, memnyeleksi vendor, menentukan vendor, mengawasi operasi dll harus tiga hal tadi

Dosen (4/17/2011 1:22:51 AM): ya…

oTTie (4/17/2011 1:22:58 AM): ooo….. oke oke …

oTTie (4/17/2011 1:23:12 AM): masuknya nanti biasa nya ke internal audit yak …

Dosen (4/17/2011 1:23:28 AM): ya bisa ke internal audit, bisa external audit

Dosen (4/17/2011 1:23:40 AM): bisa ngetrace balik…

oTTie (4/17/2011 1:24:17 AM): ya ya ya , jadi hal ini bisa dipakai bila suatu standarisasi dibutuhkan oleh suatu perusahaan untuk mencapai level tertentu kan …

oTTie (4/17/2011 1:24:45 AM): company compliance = corporate governance kan …

Dosen (4/17/2011 1:24:54 AM): nah kalo perusahaan go publik, kiblat peraturan itu sox, sec, dll…itu perturannya cuma 2 pasal yng menyangkut IT, tapi detailnya njlimet…makanya akhirnya ada cobit, itgi, dll

Dosen (4/17/2011 1:25:15 AM): governance prosesnya, compliance trace backnya

Dosen (4/17/2011 1:25:44 AM): biz cont tuh cuma bagian kecil dari governance sama compliance…

oTTie (4/17/2011 1:26:02 AM): jadi sebenarnya , 2 hal itu yang disupport oleh bagian IT kan … fungsi compliance nya setelah corporate gorvernancenya kan …

oTTie (4/17/2011 1:26:12 AM): oke oke , agak ngerti sekarang gwe

Dosen (4/17/2011 1:26:26 AM): untuk melindungi kepentingan customer/nasabah bahwa perusahaan / bisnis akan terus berlangsung sehingga aman menjaminkan aset atau kepentingan customer ke persh/bank/dll

Dosen (4/17/2011 1:27:54 AM): embrionya karena kasus worldcom, enron, pacific dll

oTTie (4/17/2011 1:30:38 AM): prepared for the battle is always good …

Dosen (4/17/2011 1:31:18 AM): http://en.wikipedia.org/wiki/Governance,_risk_management,_and_compliance

oTTie (4/17/2011 1:32:40 AM): GRC … governance , risk management and compliance … urutannya begitu …

Dosen (4/17/2011 1:32:54 AM): yak…

oTTie (4/17/2011 1:33:10 AM): okay, first layernya gwe dah dapet …

Dosen (4/17/2011 1:33:32 AM): governance prosesnya…semua tindakan ada background yang valid, semua info lengkap, akurat, jadi keputusan diambil benar

oTTie (4/17/2011 1:35:00 AM): dari E-Discovery , kontekstual searching … dll dll …

oTTie (4/17/2011 1:35:04 AM): begitu kan …

Dosen (4/17/2011 1:35:11 AM): sebelum dijalankan keputusan itu, harus di evaluasi resikonya, supaya cara yang diambil/metode yg dipakai paling aman, semua potensi resiko sudah dikelola (dirubah caranya, diasuransikan, dikurangi kemungkinan/frekuensi terjadi, dikurangi kerugian yg mingkin terjadi bila resiko terjadi, dll)

oTTie (4/17/2011 1:36:47 AM): okay …

oTTie (4/17/2011 1:36:56 AM): iya itu fungsi archivingnya kan …

Dosen (4/17/2011 1:37:46 AM): cara reduce y bisa, delete. tapi yang paling tepat dengan archiving, karena conform dengan prinsip compliance, data disimpan ditempat lain sampai umur tertentu sesuai kebutuhan perusahaan, database dapat mengecil, resiko down servernya nya jadi berkurang, performance jadi bagus

oTTie (4/17/2011 1:38:17 AM): sip sip … understood prof …

oTTie (4/17/2011 1:41:30 AM): eDiscovery and legal … end2end eDiscovery, content and risk management

oTTie (4/17/2011 1:41:46 AM): Compliance = real time policy management & enforcement

oTTie (4/17/2011 1:42:18 AM): Records & Archiving = proactive risk management on intelegent platform …

Dosen (4/17/2011 1:43:26 AM): edisc masuk compliance, bisa buat audit

Dosen (4/17/2011 1:44:15 AM): record/archiving juga begitu, bisa buat audit/compliance bisa buat governance (untuk ambil keputusan

Dosen (4/17/2011 1:44:45 AM): analogi yg gampang nih…

Dosen (4/17/2011 1:45:03 AM): informasi seperti baju celana dan semua koleksi pakaian

Dosen (4/17/2011 1:45:20 AM): baju dipakai = informasi in proction

oTTie (4/17/2011 1:45:39 AM): proction apaan pak ?

Dosen (4/17/2011 1:45:46 AM): baju masuk keranjang untuk dicuci, informasi matured

Dosen (4/17/2011 1:45:49 AM): production

Dosen (4/17/2011 1:46:12 AM): mau dicuci harus dipilah-pilah, yg clolor, non color

Dosen (4/17/2011 1:46:29 AM): informasi juga harus dipilah2, management, finance, production

Dosen (4/17/2011 1:46:48 AM): habis dicuci di jemur, disetrika, disimpan suatu saat mau dipakai lagi

oTTie (4/17/2011 1:47:31 AM): itu archiving nya yak

Dosen (4/17/2011 1:48:35 AM): pas mau makai, kita harus pakai sesuai acara, bajunya jenis apa, warna apa, dalemanya apa, warna apa, kita setelah pakai mesti bertingkah kalem (karena pakai baju koko) atau boleh rambut dispike karena pakai baju gaul, sepatunya juga harus cocok. pas mau makai, harus bisa nyari cepet, dan bisa menemukan semua lengkap tersedia, sebelum bertingkahlaku…

oTTie (4/17/2011 1:49:04 AM): kekeke, analogi yang bagus

oTTie (4/17/2011 1:49:16 AM): iya iya, ngerti gwe ….

Dosen (4/17/2011 1:49:18 AM): informasi juga harus gitu, semua info harus bisa didapatkan dgn cepat (e-disc), lengkap, baru ambil keputusan (bertingkah)

oTTie (4/17/2011 1:49:36 AM): action … setelah edisc …

Dosen (4/17/2011 1:50:13 AM): baju renang tidak perlu digantung terus, bisa ditaruh dilemari belakang (arvchiving) karena senin-jumat kemungkinan kita hanya mencari baju kerja dan baju tidur

Dosen (4/17/2011 1:50:41 AM): tapi baju renang juga jangan dibuang, karena suatu saat kita perlu renang, walaupun 3 bulan sekali

Dosen (4/17/2011 1:51:50 AM): ya, action setelah edisc menemukan semua info yang dibutuhkan…ada vendor mau dievaluate kontrak…maka edisc harus bisa menemukan seluruh data ttg vendor, kasus, exra perform, under perform, pricing, dll sebelum memutuskan diterminate atau awarded longer contract

Dosen (4/17/2011 1:52:11 AM): itu governance…

Dosen (4/17/2011 1:52:53 AM): minggu berikutnya bos dateng marah2…kenapa bukan vendor jagoan gue yg menang?

oTTie (4/17/2011 1:53:19 AM): kekekeke….

Dosen (4/17/2011 1:53:47 AM): ,aka bisa disuguhkan informasi bahwa governance sudah jalan (dgn edisc) dan bos ga boleh menghukum karena bisa menunjukkan waktu ambil keputusan semua peraturan, sow, dll sudah dievaluasi (compliance)

Dosen (4/17/2011 1:54:23 AM): kenapa server itu rusak ?

Dosen (4/17/2011 1:54:51 AM): maka rusak bisa diperbaiki tanpa mengganggu produksi…karena cluster/ha…(ini risk management)

Dosen (4/17/2011 1:55:33 AM): jadi service availability (kalo ada yg rusak, tetap berproduksi) bagian dari governance dan compliance

Dosen (4/17/2011 1:55:55 AM): inget…service availability intinya meeliminir SPOF

oTTie (4/17/2011 1:56:15 AM): single point of failure …

oTTie (4/17/2011 1:56:20 AM): ini risk management kan …

Dosen (4/17/2011 1:56:23 AM): kalao ada bencana ? tenang kita akan segera beroperasi lagi dalam 24 jam, 2 hari atau 3 hari dll…ini biz cont

Dosen (4/17/2011 1:57:05 AM): jadi risk management itu untuk meningkatkan availability dan untuk segera service continuity…

Dosen (4/17/2011 1:57:37 AM): AVAILABILITY = NO/LESS SPOF

Dosen (4/17/2011 1:57:51 AM): CONTINUITY = RTO, RPO

oTTie (4/17/2011 1:58:03 AM): RTO RPO itu apa pak ?

Dosen (4/17/2011 1:58:12 AM): itu intinya.. RTO = berapa lama setelah disaster kita segera beroperasi

oTTie (4/17/2011 1:58:30 AM): range to operate …

oTTie (4/17/2011 1:58:46 AM): ??

Dosen (4/17/2011 1:58:47 AM): RPO = DATA berapa jam/hari sebelumnya yg bisa dipulihkan sebagai acuan beroperasi kembali

Dosen (4/17/2011 1:59:00 AM): RTO = Rcovery Time Objective

Dosen (4/17/2011 1:59:08 AM): RPO = Rec Point Objective

oTTie (4/17/2011 1:59:10 AM): ow okay ..

oTTie (4/17/2011 1:59:48 AM): ini teorinya sama kayak oracle point in time recovery

Dosen (4/17/2011 1:59:54 AM): RTO berapa lama setelah disaster, RPO balik ke berapa jam/hari sebelum disaster

Dosen (4/17/2011 2:00:34 AM): ya…gitu prinsipnya, semakin pendek RPO, semakin sering membackup,

oTTie (4/17/2011 2:00:38 AM): hampir sama seperti itu kan …

Dosen (4/17/2011 2:01:26 AM): urutannya vaulting, backup, mirror, replikasi, ha…dari yg paling lama RTO dan RPO ke paling cepet RTO dan RPO

Dosen (4/17/2011 2:02:25 AM): nah berdasarkan risk management, bisa diputuskan, RTO/RPO pakai yg paling lama (paling murah) atau harus paling cepet (paling mahal)

oTTie (4/17/2011 2:03:36 AM): oke oke … got it ..

Dosen (4/17/2011 2:04:22 AM): org risk management biasa dgn terminology cold backup, warm backup, hot backup, HA/Continous Operation

Dosen (4/17/2011 2:05:00 AM): tapi ini untuk system secara keseluruhan, bukan backup/restore solution

Dosen (4/17/2011 2:05:29 AM): bicara ttg spare hardware, network, license, facility dll

oTTie (4/17/2011 2:08:55 AM): corporate governance itu biasanya tertuang di handbook perusahaan ya pak ?

Dosen (4/17/2011 2:09:51 AM): kalau persh keuangan, bank atau sudah listed, harus ada Management Statement…kaya HSE Statement, Quality Statement, Vision Mission

Dosen (4/17/2011 2:09:57 AM): ada aturannya

oTTie (4/17/2011 2:10:16 AM): semacem guideline gitu yah ?

Dosen (4/17/2011 2:10:31 AM): ya..

Dosen (4/17/2011 2:10:46 AM): Governance Policy

Dosen (4/17/2011 2:13:36 AM): ya..emang gitu, biasanya di Management Statement ditulis bahwa Governance/Compliance guideline yg disusun berdasarkan policy ini harus ditaaati oleh BOD, BOC, Management, Karyawan dan Supplier

Dosen (4/17/2011 2:14:37 AM): kaya HSE aja, kan gitu..harus ditaati oleh semua pihak yg berhubungan dengan pers…makanya kalo suatu perusahaan kontrak ama CoPhi, maka diharuskan ikut compliance policy, HSE policynya CoPhil

oTTie (4/17/2011 2:15:15 AM): untuk compliance certification yang dibutuhin apa aja pak ?

Dosen (4/17/2011 2:15:35 AM): IT Compliance ?

oTTie (4/17/2011 2:16:19 AM): iya …

Dosen (4/17/2011 2:17:04 AM): bisa pakai framework ITIL (IT Strategy, IT Operation), framework ISACA ambil CGEIT, Framework ITGI ambil CITG, atau CMMI

oTTie (4/17/2011 2:17:33 AM): kalo loe ambil yang ITIL path yak …

Dosen (4/17/2011 2:17:47 AM): yg ngetop ISACA ama ITIL untuk governance ama compliance

Dosen (4/17/2011 2:18:25 AM): kemarin mau ambil isaca ga punya duit, ujian paper based, setahun cuma 2 kali jun-dec, plg lambat daftar 6 apriil utk june

oTTie (4/17/2011 2:18:38 AM): paper based ?

Dosen (4/17/2011 2:18:48 AM): iya, biasanya di UI atau JIS

oTTie (4/17/2011 2:19:05 AM): ujiannya kayak anak kuliahan gitu ?

oTTie (4/17/2011 2:19:10 AM): pake kertas ?

Dosen (4/17/2011 2:19:11 AM): udah lulus ujian belum certified, masih harus masukin CV, audit pengalaman dll

Dosen (4/17/2011 2:19:17 AM): iya

Dosen (4/17/2011 2:19:31 AM): bayarnya $600, ga lsg certified lagi

oTTie (4/17/2011 2:19:32 AM): buset … banyak banget yah prequirement nya …

oTTie (4/17/2011 2:19:56 AM): makanya gajinya gede yak

Dosen (4/17/2011 2:20:59 AM): masih perlu 2 tahun lagi lah

oTTie (4/17/2011 2:21:37 AM): hu uh … ntar ntaran aja softskill nya … perlu diasah …

oTTie (4/17/2011 2:22:08 AM): tapi setidaknya gwe ngerti teorinya, tinggal pengembangan dan aplikasi di actual case daily ..

Dosen (4/17/2011 2:22:27 AM): dah tidur ah

oTTie (4/17/2011 2:22:33 AM): ho oh …

oTTie (4/17/2011 2:22:43 AM): ngantuk juga gwe …

oTTie (4/17/2011 2:22:54 AM): emang kalo belajar , bikin ngantuk yak

Dosen (4/17/2011 2:23:08 AM): dasar

oTTie (4/17/2011 2:23:31 AM): yeee … ga papa toch pak, kan ngewarisin ilmu itu beramal namanya …

oTTie (4/17/2011 2:23:33 AM): kekekeke…..

Dosen (4/17/2011 2:23:58 AM): bolanya dah kelar jadi ngantuk

oTTie (4/17/2011 2:24:04 AM): dasar …

oTTie (4/17/2011 2:24:14 AM): ya wess …

Dan si Dosen pun sign out … kekeke ^_^ gapapa … setidaknya kini gwe nggak norak norak amat … jadi tau arti dari kata compliance itu apa …. kekekeke…