Put IT plan in corporate strategy; The proof of the pudding… ; Patterns hiding in mountains of data; Traffic on broadband

Books2Byte – December 2004


Put IT plan in corporate strategy

D. Murali

Should we adopt the new technology and risk failure, or forego the new technology and miss an opportunity to add business value?


WHAT happens when managers are overwhelmed by the rapidity and scale of change in IT? To baffle them is the dilemma: “Should we adopt the new technology and take a risk of failure, or forego the new technology and miss an opportunity to add business value?”

A `tough call’, that is, according to Tata Steel’s Managing Director B. Muthuraman, who has penned the foreword to Dinkar’s Strategic Planning in Information Technology, from Viva Books P Ltd (viva@vivagroupindia.net). Changes brought in by IT need not be `sudden and spectacular’ always, Muthuraman adds, for they can be at a `basic level’ too.

An IT strategic planner should continually do strategic analysis, advises Dinkar. Only then will he be able to point out to senior management, substantial changes in environment. This analysis has to also comprehend the `resource limitations’ of the company, expectations of the various interacting groups, and the effect that the new technology would have.

The author devotes a chapter to `the value chain in IT’ where he highlights a `different’ alignment. “IT strategic planners put in place their own strategic plans which are different from, but in alignment, with the corporate strategic plans.” Instead, the corporate plan should include the IT dimension too, “leaving the details” to be worked out by the IT planners.

Watch for `danger signals’, both internal and external, that indicate the existing IT plan as being “out of tune with the environment”. Employee discontent, customer complaints and so on, may not be due to IT failure. “Nevertheless, these signs should be treated as signals that call for an analysis of the IT strategic plan.” Keep your ears open, therefore.

IT rests on two pillars – not hardware and software, but technology and human resources. With a `not unusual’ attrition rate of 40 per cent, it is necessary to manage the HR carefully. “The success of any organisation whose core activity is IT-related can be judged from its manpower attrition rate.”

The most effective methods of retaining people, according to Dinkar are: “Concentrate heavily on training; load them with an adequate amount of quality assignments; and make sure that they are insulated from small hassles.”

Also, fit this book in their list of planned reads.

Historical trends and performance patterns


DONALD K. Burleson’s Oracle 9i High-Performance Tuning with STATSPACK, from Tata McGraw-Hill Publishing Co Ltd (www.tatamcgrawhill.com) is an encapsulation of the author’s “20 years of experience in database tuning” to help you strengthen the `backbone’ of your database using a `powerful diagnostic tool’.

Unlike most other Oracle products, STATSPACK was rolled out without fanfare, writes the author in his intro. What does it do? It captures Oracle statistical snapshots into tables; its predecessor was UTLBSTAT-UTLESTAT programs that captured snapshots at the beginning and end, “and then produced a report showing all database activity for the time period between the snapshots.”

If you were an Oracle DBA, you’d know that there’s “very little that can be done while your database is experiencing a performance problem”, except banging the head or gulping an aspirin.

Burleson lists other usual options: “You can go to the Oracle Enterprise Manager performance pack, you can run customised scripts against Oracle’s v$ views, and you may be able to determine the cause of the performance bottlenecks.”

Despite all this, “you would not be able to actually make a change to the running database in real-time to correct the problem.”

Alternatively, you adopt a `proactive approach’ to tuning “by looking at historical trends and performance patterns,” advises Burleson. “In Oracle tuning, it is very true that, `Those who ignore the past are condemned to repeat it.'”

Oracle tuning involves the tuning of server, network and disk. It may shock you to know that “many Oracle professionals discount the server environment because they have not been trained to understand how the Oracle database interacts with the server.”

Check with your IT man if he knew what the largest component of Oracle response time is. Answer: Disk I/O. Therefore, anything that the DBA does “to reduce disk I/O will have a positive benefit on the performance of the database.”

A common lapse is not to pay attention to the interaction between the Oracle database and the disk I/O subsystem, states the book. “Another confounding issue is that the disk arrays often have a separate RAM cache, and an I/O request from Oracle does not always translate into a physical disk I/O.”

Then comes `instance tuning’ – “one of the most misunderstood areas”. This involves checking all initialisation parameters, explains the book.

Bear in mind that `init.ora’ parameters are getting more complex as the database becomes increasingly sophisticated. Object tuning is an ignored area by many, but you should do better with Burleson’s help at hand.

SQL tuning can bog you down because “tuning of individual SQL statements is the most time-consuming of all of the processes in Oracle tuning.” Yet, it can “increase performance by an order of magnitude”.

Sufficiently tuned into STATSPACK?


Overheard at the digital colour lab

Staff: “Gloss or matt finish?”

Customer: “Did you say `mutt finish’?”

Monday, Dec 06, 2004



The proof of the pudding…

D. Murali

… is in the eating. Much the same could be said of IT. This book seeks to demonstrate the actual productivity gains from using technology as against just theory. Are you ready to be persuaded?


NOT theory, but demonstration of productivity gains from combining e-communication, e-training, and e-assessment. That’s what Tom Kelly and Nader Nanjiani attempt in The Business Case for E-Learning, published by Cisco Systems (www.ciscopress.com) .

The intro begins with a direct message: “E-learning equals productivity.” How? “Cisco internal analysis shows that every dollar spent on an e-learning portal for reseller development during fiscal year 2003 yielded $16 in earnings contribution.” Achieved “not by throwing technology at the problem,” write the authors, but by “an integrated productivity proposition using e-learning components and best practices.”

Improvements in online reservation throughput, and such, are often talked about. Off beat, the authors speak of how apparently trivial tasks such as “requesting reimbursement of expenses online” can improve “timeliness of filing, reviewing, auditing, and disbursement,” saving employees from frustration caused by delays. More relevant where knowledge workers abound.

E-learning can be delivered in two formats, explains the book. First is the modular approach that enables an individual to learn in `most relevant’ chunks, delivering to employees’ desktops “practice exercises, virtual mentoring, online lectures, and remote labs and simulations”. And, second is `blended’ where both traditional instruction and electronic self-paced learning are integrated. More than adopting e-learning, what is important is to convert learning into “measurable organisational success”.

At the bottom of the e-learning pyramid is e-communication, “offering the access that a work force needs for empowerment and knowledge sharing.” At the middle is e-training, for “development of skills” where “the level of use is less widespread and more specific and structured.” Top tier is e-assessment, to validate retention and performance against benchmarks, using “exam, online tests, and certifications.”

Avoid the pitfall of allowing technology to determine the nature of the program, is a caution from the authors. “Technology must address the instructional needs of learners before it can fit a learning environment.” Another piece of wisdom is to be learner-driven rather than `learner-centric’. Don’t count the hours that employees spend on e-learning, because such a micromanaging of learning activity doesn’t help. Instead, focus on objectives and environment.

One of the cases included in the book is about the University of Toyota, where just-in-time learning helps solve business problems: “When they hit an impasse, associates have the option to access an electronic learning tool that enables them to perform a specific task – ranging from creating project plans to preparing a presentation – through self-driven modules.” There’s also an on-demand tutor!

Easy read on e-learning, that ye shall not miss.

Are you losing sleep over security?


ANKIT Fadia needs no introduction to IT people. He shot into fame even before he finished school, has authored books on computer security, and is recognised as a `cyber terrorism expert’. His new book is The Ethical Hacking Guide to Corporate Security, published by Macmillan (www.macmillanindia.com) .

Trust IT, but not too much, advises Fadia, because “humans are the weakest link in the security of a network.” Thus, first comes e-mail security. The most common attacks are abusive mails, forging, and spam. NeoTracePro is a tool you can deploy “to geographically trace an IP address or hostname graphically on the world map.” E-mail forging can make a mail look as if it were from someone else, and is “very easy to execute”, with a basic knowledge of Simple Mail Transfer Protocol.

Instant Messengers or IMs are another threat. “The biggest problem with IM is that it is extremely difficult to completely block its usage,” warns Fadia. “Most IM systems have the ability to tunnel through the average corporate firewall setups.” IM imps!

High on threat level is `intellectual property theft’ where Trojans are the frequent culprits. “It is quite easy to detect the presence of a Trojan on your system,” guides the author. “The server part of a Trojan automatically binds itself to a pre-determined port number and listens for connections on it.”

So, simply type netstat – n on the command prompt to display “a list of open ports on your system.” Something to help you when at sea!

Computer users depend heavily on passwords. Cracking these can lead to serious consequences. On systems using Windows NT, passwords lie in a file called `security accounts manager’ or the SAM file, informs the book.

Then, there is the problem of identity theft, using proxy servers, proxy bouncing, IP spoofing, and onion routing. A dangerous type of attack is `buffer overflow’ arising from “lazy programming or poor memory management by the application developers.”

The last chapter is on `social engineering’ that banks on trust or fear in the victim’s mind. You may find that the social engineer who conned you is gone even before you know what hit you.

Firewalls can fail against this, because the attacker is confident, smooth talking, good at manipulating expressions and tones, and in the know of how things work in your company.

Secure the book.


“All of a sudden, the milkshake glass tilted onto my keyboard and spilled all over!”

“Oh, then you swabbed the mess?”

“No, I waited till everybody left and then swapped the thing with another computer’s!”

Monday, Dec 13, 2004



Patterns hiding in mountains of data

D. Murali

Data mining may help a telecom operator to figure out exactly when his customer switched loyalty. It’s insight that can be used as a business tool.


LOOK at these recent reports. If the Food and Drug Administration of the US ties up with major health insurers and reviews patient histories, such a study can reveal possible safety red flags about drugs in use; but according to Harvard Medical School professor Jerry Avorn, cited in www.boston.com,such data mining would cost about $500,000 per drug.

A tax compliance software called GoSystem has a data mining engine by the name FormSource; it helps identify planning opportunities from the simplest to the most complex returns, as www.webcpa.com informs.

A few weeks ago, Fujitsu and France Telecom agreed to launch a joint research project on grid computing technology. According to www.rednova.com, the first phase of the project will focus on facilitating analysis of France Telecom’s huge volume of data, such as for data mining and customer billing.

The common thread in the above stories is `data mining’. The topic, therefore, is hot; and so is the second edition of Data Mining Techniques by Michael J.A. Berry and Gordon S. Linoff, published by Wiley Dreamtech India P Ltd (www.wileydreamtech.com) .

The book is aimed at data mining practitioners, not software developers, clarifies the intro. Therefore, “ideas are presented in non-technical language with minimal use of mathematical formulas and arcane jargon.”

While data warehouse provides the company with a big memory, you achieve intelligence only when you are able to comb through the bits, notice patterns, devise rules, come up with new ideas, figure out the right questions, and predict the future; to do which you need data mining, advise the authors.

Data mining comes in two flavours, not shallow and deep, but directed and undirected. The former “attempts to explain or categorise some particular target field such as income or response”.

The latter is more challenging; it finds patterns among groups of records “without the use of a particular target field or collection of predefined classes.”

For their target audience – that is, those in marketing, sales, and customer relationship management – the authors provide numerous real-world examples.

Here is one such, to explain why data may be at the wrong level of detail when using declining customer usage as an early warning before the customer leaves a cellular operator. “For seven months, the subscriber used about 100 minutes per month. Then, in the eighth month, usage went down to about half that. In the ninth month, there was no usage at all.”

If you inferred that the customer switched loyalty only in the ninth month, you may be wrong. “Looking at minutes of use by day instead of by month would show that the customer continued to use the service at a constant rate until the middle of the month and then stopped completely, presumably because on that day, he began using a competing service.”

“If you torture data sufficiently, it will confess to almost anything,” is a Fred Menger quote. But with Data Mining Techniques to help, you will need to torture data less, to know more.

`Secrets’ of developing accounting package


WE know that accountants live in a different world, disclosing their secretly sacred work in a format that many don’t understand. To know their minds, try a different route: Learn the `secrets of developing an accounting package’! Which is what Bharati and Krishna reveal in Database Programming Using VB.Net & SQL Server 2000, from VK Publishers (www.vkinfotek.com) .

The first chapter running to about a hundred pages explains the components of .Net framework, user interface elements of VB.Net, and OOP implementation.

What follows is a crash course in accounting. Double entry lies at the core of accounting, say the authors, and more flatteringly for bean-counters, it is extolled as “the finest discovery of human intellect.”

Auditors should particularly focus on the inputs about SQL, so they can issue a command that may possibly read: USE FinAccounting SELECT *FROM AccountsTable WHERE AccountName LIKE `Osama%’

There are only four types of `new accounts’ – viz. creditor, debtor, bank and general. This may not gel with how your munimji operates, yet the discussion that runs across the book guides one to create a chart of accounts, develop `dialog’ boxes, `filter’ to make subsets of datasets, build a `tran class’ as field vs transaction matrix, and so forth.

To the question, “what is a transaction?” an accountant may respond that it is the financial interaction between people.

Not so the duo, Bharati and Krishna: “A transaction is a series of actions that must either succeed, or fail, as a whole. If one of the actions fails, then the entire transaction fails and all the changes made to the database so far, must be reversed or rolled back.”

The book, I suppose, can serve a dual purpose: Techies can know how accounting works, and likewise, accountants too get into the minds of system developers.


“They found that the criminal used a laptop to track his victim and murder… ”


“And the case has been transferred to the IT cops to find the criminal’s address from the hard disk!”

Monday, Dec 20, 2004



Traffic on broadband

D. Murali

Everybody would like to cruise down the information highway with speed and precision. Read up on how broadband can make things better.


AT one end of the communications equipment industry are the highly specialised engineers who create the required hardware and software.

And at the other end are customers who deploy and run these to provide communication services.

“Kumar Reddy is a long-time inhabitant of the zone between these two worlds,” mentions Eli Eisenpress in the foreword to Kumar’s book, Building MPLS-Based Broadband Access VPNs, from Cisco.

“The broadband phenomenon is well spread out across the world,” writes the author in chapter 1. With 256 kbps connectivity poised to take off in our metros from January 15, at Rs 500 per month, it is likely that India may register high-growth soon on this front. But, what is broadband?

“Broadband means any technology that allows high-speed network access to and from a subscriber premises,” defines Kumar.

VPN or virtual private network is the communication between a set of sites, making use of a shared network infrastructure.

“VPN service is one of the most important services available across broadband connections.”

It is an unusual service because it is used by a network operator to connect someone else’s network with its customers, explains the author.

“Few other services cut across different populations like this.”

Chapter 4 introduces Multiprotocol Label Switching (MPLS) technology.

“What really allowed MPLS to come of age as an infrastructure is that it could provide new IP services: VPNs and Traffic Engineering (TE).” TE is one of the oldest arts in networking, elaborates Kumar.

“It involves calculating and configuring paths through a network so as to use bandwidth efficiently.”

TE is done automatically in circuit-switched networks.

In IP networks, TE becomes necessary for linking congestion, load balancing, and handling link protection.

What are the future trends in broadband?

“IPv6 has been sitting on the shelf for almost 10 years now, waiting to play the role it was designed for, namely, to replace IPv4 as the standard Layer 3 protocol,” observes Kumar.

“IPv6 uses 128-bit addresses. There has been some interesting analysis that suggests, even in the very worst case, this provides 1564 addresses per square meter of the surface of the earth.” Another `networking nirvana of convergence’ is L2 transport over IP or MPLS networks, using pseudo-wires!

Do you see the broad road?

Work to become Internetwork Expert


WITH more than a thousand flash cards, practice questions and quick reference sheets, here is CCIE Self-study kit – CCIE Routing and Switching Flash Cards and Exam Practice Pack, from Cisco Systems (www.ciscopress.com) .

The abbreviation stands for Cisco Certified Internetwork Expert written exam.

“Notorious as being some of the most difficult certifications in the networking industry, Cisco exams can cause much stress to the ill-prepared,” caution Anthony Sequeira and Kevin Wallace in their intro.

Here, try out a few questions: Name four distance vector routing protocols.

What is a floating static route? What is poison reverse? What is Q-in-Q tunnelling? Name at least three common uses for a route-map?

Let me give you a few posers with answers: What is the default queuing mechanism used on high-speed interfaces? FIFO.

How do policing and shaping differ?

“Policing limits traffic rates typically by dropping excess traffic; shaping limits traffic rates by delaying excess traffic.”

What is the purpose of weighted random early detect (WRED)? To prevent an interface’s output queue from filling to capacity, because if a queue is completely full, all newly arriving packets are discarded.

Security never ceases to be important.

Do you know, for instance, that at the end of every access list, there is the implicit deny all statement? Or, that AAA in network security stands for authentication, authorisation, and accounting?

In the last chapter, on wireless, the first poser is on what the most widely deployed IEEE wireless standard technology is.

Let’s say you know the answer as 802.11b.

Then, check if you can name at least four major considerations when troubleshooting radio frequency (RF) connectivity.

Even as you labour to think, I know where to look for solution:

“Line of sight; antenna selection, placement, and alignment; transmission line issues; if the signal is passing through glass, metallic tinting on the glass degrading the signal; and rain, fog, and other environmental conditions degrading the signal.”

Ready for the exam?


“Now I have high-speed Net access!”

“Oh… ”

“To watch slow-speed mega serials!”

Monday, Dec 27, 2004




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s