On Elephants and Analytics

June 26, 2008

In On EP and Analytics, good friend and respected colleague Opher Etzion applies the well known metaphor of the big elephant to describe how, if you are observing certain specific domains of a subject, like fraud detection, then your view of the whole elephant is biased by your lack of perspective of the entire big elephant.

I am pleased that dear Opher continues to use this metaphor in counterpoint because the same metaphor can be used to describe the carefully selected group of vendors that have banded together to called themselves CEP Vendors.  This group, many founding members of the EPTS, have formed a merry band of well-intended event processing “specialists” and the same lovely elephant causes this group of bonded colleagues to make elephant-blinded statements, as Opher has made in his quoted post:

“Currently most CEP applications do not require analytics.” 

The reason, I believe, that Opher makes the statement above is because the group of software vendors calling themselves “CEP vendors” represent a very small part of the overall event processing elephant;  and hence, since these self-described CEP applications appear to require very little or no analytics, then, by the same logic, CEP requires no analytics. 

(I should outline the boolean logic in a future post!)

For example, one friend and colleague in Thailand is the CTO of True Internet, a leading telecommunications, voice, Video and Internet service provider in Thailand.   True processes myriad events on their network using a dynamic, self-learning neural networking technology.    The US company providing this very clever and highly recommended event processing application does not call themselves a “CEP vendor”; however, they process complex events better and more interesting than the band of merry self-described “CEP players”.

Again,  visualize the gentle giant elephant metaphor that Opher likes to use as a basis for his comments in CEP counterpoint.

When folks define the term “complex event processing” to match a technology marketing campaign that is primarily driven by software running rules against time-series data streaming in a sliding-time windows, and then go on to take the same software capabilities and apply these capabilities to problems that are suitable for that domain, then you match Opher’s elegant description of “a small view of the overall elephant”.

The fact of the matter is that the overall domain of event processing is at least two orders of magnitude larger (maybe more) than the combined annual revenue of the self-described companies marketing what they call “CEP engines.”  The very large “rest of the big elephant” is doing what is also “complex event processing” in everyday operations that are somehow overlooked in “other” analysis and counterplay.

Therefore,  I kindly remain unmoved from my view  that the self-described CEP community, as currently organized, is not immune to counterpoint using the same gentle giant elephant metaphor.  I like this metaphor and hope well-respected colleagues will continue to use this metaphor; because we can easily apply this elegant manner of discussion to explain why the current group of self-described CEP vendors are, in a manner of speaking, selling Capital Market Snake Oil because they are making outrageous claims about the capabilities of their products, as if they can solve the entire “elephant” of event processing problems.   Recently, in this article, CEP was positioned as a technology to mitigate against corporate megadisasters like the subprime meltdown.

Advice:  Tone down the hype.

Furthermore, the noise in the counter arguments marginalize most of the real event processing challenges faced by customers.

In consistant and well respected rebuttal, Opher likes to use the “glass half-full, half-empty” metaphor.   Opher’s point is a valid attempt to paint my operational realism as “half empty” negativism; while at the same time positioning the promotion of the (narrow) event processing capabilities of the self-described CEP rules community as “half-full” thinking. 

For the record, I do see my worldview as “half full” or “half empty”; but an unbiased pragmatic view based on day-to-day interaction with customers with what they would call “complex event processing” problems. 

These same customers would fall over laughing if we tried to bolt one of these rule-based, time-series streaming data processing engines on their network and told them they can detect anything other than trival business events, business opportunities and threats, in near real-time. 

Is it “half empty” thinking to caution people that a “glass” of software that is being touted as the answer to a wide range of complex (even going so far in a recent news article to imply CEP would have magically stopped the subprime crisis!) tangible business problems is not really as that it is hyped to be?  

If so, then I plead guilty to honesty and realism, with the added offense of a sense of fiscal responsibility to customers and end users.

Advertisements

ICT Cmte: Thailand’s Cyber Law Compliance Seminar

June 12, 2008

ICT Cmte: Thailand’s Cyber Law Compliance Seminar

American Chamber of Commerce in Thailand

Date & Time: 17-Jun-2008

Details: This month You are invited to attend a Computer Crime Act Compliance Seminar. Find out what the Thai “Cyber Law” requires, when it will start to be enforced and how you can comply. If your business or hotel offers Internet access to customers, employees or end users, this will be a practical session for you to gain a better understanding of the Thai Computer Crime Act.


Open Service Event Management

May 17, 2008

One of the benefits of working in different countries is to get the perspectives of various client’s event processing problems.    Of interest to event processing professionals, companies are moving away from expensive software solutions and increasingly moving toward experimenting with economical and open software packages to solve complex problems.   

Recently, I was talking with a client about their experience with commercial security event management (SEM) solutions, for example ArcSight.   In his opinion, ArcSight was not an economically viable solution for his company, so he recommended I take a look at Open Service Event Management (OSEM). 
 
OSEM helps organizations collect, filter, and send problem reports for supported systems (ProLiant and Integrity) running compatible agents.   OSEM automatically sends service event notifications when system problems are detected.

I have not had a chance to look under the hood of OSEM and see how it can be used to collect and send events to emerging rule-based event processing engines.    However, this looks like an interesting lab project and I would like to hear from readers who have experimented with this systems architecture.


The Amazing Alpine Golf Club, Bangkok – Thank You Starwood!

January 28, 2008

Wow!    Sometimes we are reminded why they say “Amazing Thailand!”

Today I was a guest of Starwood Hotels and Resorts  to play in a special Starwood golf event at the Alpine Golf and Sports Club just outside of Bangkok.   Thank you Starwood and the General Manager of the Royal Orchid Sheraton, Mr. Charles Jack, who was very kind to invite me as his guest.

This is one of the finest golf courses in Thailand (and Thailand has many fine golf courses!) 

The Starwood folks were fantastic!  Everyone was amazing.   Some holes had professional golfers offering tips to help my game.  Other holes had delicious Chinese and Thai food.  One hole had supurb freezing cold champagne waiting to refresh us from the hot Thai sun!!

The Alpine Golf Course was really challenging, so the champagne was needed as much as appreciated.   There was large water hazards on almost every hole; and some of the holes had so many large bunkers I thought I was on the beach!    You could not miss a shot, because it you did, it was either in the water, the sand, on rolling hills covered with green trees – and believe me, that is where I played most of the day!!

Everything was great, an amazing experience with a touch of class you can only find in Thailand, plus the added luxury of being the guest of Starwood, which is a also an unbelievable class act as well.

Being a loyal Starwood customer has great privileges, not to mention some of the finest hotel and resort properties in the world, so please, take my advice and become a Starwood member if you are not already.

By the way, I am currently staying at another exceptional Starwood property, the Plaza Athenee Le Meridian.   This is a fantastic property.  I highly recommend you stay at the Plaza Athenee Le Meridian if you are in Bangkok for business or leisure.

Also, when the current renovation is complete, the Royal Orchid Sheraton, where I often spends weeks at a time, is also highly recommended if you enjoy life on the busy Chao Phraya River.


CEP in Layman’s Terms: Reuse and Agility

January 18, 2008

We often hear a lot about the core benefits of SOA, which include reuse and agility.

This week, I was in a meeting with Manoo Ordeedolchest, Board Member of Software Park, Thailand, Former President of the Software Industry Promotion Agency (SIPA), Former Dean, The School of Technology, Shinawatra University and a Lecturer at Chulalongkorn University, National Institute of Development Administration (NIDA), as well as other universities. 

We were discussing CEP and our proposed CEP Center of Excellence concept for Software Park.  One of the topics we touched upon today was CEP “in layman’s terms.”    After some brainstorming about CEP, it we were moved to draw a parallel between the SOA and CEP concepts of IT agility and reuse.

Just as SOA is centered around service component reuse and the agility to create new applications from service components quickly and economically; CEP can be considered to be centered around the reuse and sharing of domain knowledge, key indicators (KIs) and other intellectual property (like analytics) when processing events.

In an SOA, we modularize services and a service-component architecture in order to share services and build new applications from these service components.

One of the business goals of CEP is to modularize and standardize declarative programming logic and reuse this logic with event processing platforms from a variety of vendors.    This permits both reuse and agility when building event processing applications, at the application logic level versus the SOA service component level.

So, in laymen’s terms CEP can be discussed using the same SOA concepts of reuse and agility, applied to event processing application logic and KIs.

In a future post, I will talk about about CEP and transparency in layman’s terms.


Keyloggers: Why Banks Need Two-Factor Authentication

January 14, 2008

Recently I briefed banking executives in Bangkok on how easy it is to steal userIDs and passwords from their on-line banking customers and why they must have two-factor authentication.   To illustrate my key points, I showed the captive audience various pictures of hardware keyloggers, for example the small black keylogger circled in the figure below.

A Keylogger

There are PS2 keyloggers (illustrated above) and USB keyloggers. There are even keyboards with the keyloggers built into normal looking keyboards, so you have no idea a keylogger is there.    Don’t believe me?   You can search the net and find so many!

Today I was reminded about my recent meeting in this Network World article, Two-factor authentication: Hot technology for 2008.  This article mentions numerous token-based two-factor authentication (2FA) solutions.  However, it misses a popular and inexpensive two-factor authentication used here in Thailand and APAC:  SMS-based 2FA.

In a nutshell, SMS-based 2FA involves having your on-line banking system send an SMS message with a one-time password (OTP) to your cell phone.   You then must enter the OTP to complete your transaction.

Is this a perfect solution?

No.

But, it is much better than than just passwords!

A ten year old child can easily steal your userID and password, really.

So, the next time you are at an Internet cafe, trusting your SSL link to your bank, don’t forget to take a peek at the computer and look for a small keylogger.   

Well, on the other hand, also don’t forget to bring your own keyboard (or laptop) 🙂


See How Trees, Flowers and Grass Grow in Silence

December 23, 2007

In the mist of event processing debates, evaluations, meetings, complexity and evangelism, sometimes we should just pause and take a break.

See how the trees, flowers and grass grow in silence.

See the stars, the moon, and the sun move in silence.

Slow the world down with a simple kind of pleasure.

And so I did today, by visting Divana in Bangkok.  

After returning from a very pleasurable afternoon at Divana Nurture, I highly recommend this hidden gem in a very busy city to my guests here in the Kingdom of Thailand.

I welcome you to come visit us in Thailand in the New Year, take a break and enjoy a simple kind of pleasure.   

Hope to see you soon.