This week, Stephen Ibaraki, I.S.P., has an
exclusive interview with Ross Chevalier.
As Chief Technology Officer and Chief
Information Officer, Ross is responsible for managing Novell Canada's
technology and solutions architecture team and participating in the strategic
directions for the corporation. He especially values his role serving as technical
liaison in helping customers and partners across Canada
leverage Novell technology.
Ross has over 20 years of industry
experience and has been involved in all aspects of networking, including
systems integration and IS management. Prior to joining Novell Canada,
Ross held a variety of senior leadership positions.
Moreover, Ross continues to share his
considerable experience and expertise by speaking at conferences such as
LinuxWorld Conference & Expo / Network World Conference & Expo (Toronto
An avid writer, Ross is the editor of the one Net
news for Technology Professionals, a monthly electronic publication
targeting IT personnel, systems engineers and architects across Canada.
Q: Ross, with your considerable knowledge
and experiences from a long career of successes, thank you for coming in to
share your deep insights with our audience.
A: Thank you for the invitation to be with
you for this.
Q: Why do you choose LinuxWorld / Network
World Conference & Expo as a forum for your message?
A: LinuxWorld and Network World possess
great industry credibility, and directly address the key markets that Novell is
This year, we have a keynote by David
a panel and a couple of sessions. If you want to hear more about Linux in the
enterprise, alternatives to Microsoft Exchange, and much more, come by on April
19 and 20. You can find all the details here: http://www.onenetnews.ca/article.php?id=3196§ion=general&lan=
Q: You have some interesting views on the
attempt to replicate the Windows experience using Linux. Can you talk more
about this and the alternatives to a fat client Desktop using an ASP-type model
and web services?
A: In fact, I’m not all that enamored of
the idea of trying to replicate Windows. I am far more focused on offering an alternative to Windows on both the
server and on the client. Linux on a
server provides greater scalability and security from the kernel on out. Linux on the desktop provides similar functionality
to the majority of desktop users, albeit with different applications, although
there are typically common file formats.
In an ASP world the services are hosted
externally to the backend owner and the front-end user. Linux provides a great platform for ASPs to
Web services changes the game
substantially, or more correctly, “good” web services does. Good web services have no preferred frame of
reference, no particular OS required, no particular browser required and strong
security. A web application that only
works with Internet Explorer isn’t much of a web service example. The idea of web services is that the
components built in a WS framework are reusable. Hence, a web application is not really a web
service, nor is a terminal server driven app that comes through the web.
Terminal services can sometimes be an effective way of driving applications through a
browser, but good architecture is needed to ensure sufficient back end horsepower,
and a good understanding of latency across the wire is needed to avoid the user
experience from being horrible. There
are Terminal Server clients available for Linux to reach MS Terminal Servers,
Citrix servers and of course there is the Open Source Linux Terminal Services
Project. Novell Canada staff
are contributors to the LTSP initiative.
Q: You have written about three things customers
want: increased profitability, reduced expenses and risk. How will these areas
be addressed with Novell Linux Desktop for Enterprises? What competitive
advantage will it bring to businesses?
A: There is clear,
evidentiary support that Linux on the desktop affords business the one-two
punch of dramatic cost savings and improved security. Linux on the desktop also provides freedom of
choice in deployment and the ability to avoid vendor lock-in. I believe that well over 85% of knowledge
workers could be using Linux on the desktop today with no loss of
capability. Certainly the apps will have
different names and there will be some differences in usage methods from time
to time, but overall, the experience is already very easy. The only real challenge is that the majority
of the general distros are built with the Linux enthusiast in mind. That’s not a bad thing at all, but it may not
be what’s right for the business desktop.
Novell Linux Desktop was created specifically for the
business knowledge worker. The tools and
applications that real people need every day without the complexity or the
potential support challenge of “too much choice.” Moreover, there’s the one phone call support
structure. When you implement Novell
Linux Desktop in conjunction with a Novell support agreement, you call one
number for all your issues. That mitigates
risk and increases peace of mind. Combine reduced expense, significantly better security and reduced risk
and it’s a winner.
Q: Some analysts say that to take full
advantage of Open Enterprise Server (OES) requires new skills and learning new
tools. Can you detail these new skills and tools and provide the business value
for loyal customers [to embrace OES] who still want the Netware feel?
A: It really doesn’t require new
knowledge. OES gives the customer
freedom of choice of the kernel, either the NetWare kernel or the SUSE LINUX
Enterprise Server kernel. From an
operational perspective, the management remains very consistent. Customers wishing to deploy on the Linux
kernel will gain exposure to working with YaST (Yet another Setup Tool), but
it’s all graphical and very easy to use. Specific Linux command line skills are not required to install and
operate OES. Of course, building skills
enhances your marketable resume, so we’re already seeing a lot of enthusiasm
from existing customers to build new skills. The only area of skills development is for customers who are deploying
on the Linux kernel and also want to run Linux apps. Fortunately, Novell Training Services has
programs to help these people build skills quickly and efficiently. Using new services always benefits from skill
enhancements. If customers only want to
use older style NetWare services on a NetWare kernel, no new skills are
required at all, although in this situation the customer will not be leveraging
the amazing capability of OES.
There is also traction happening in the
Linux community to be able to deliver NetWare’s services on Linux. Because of the tight integration with SLES
and YaST, deploying OES on the Linux kernel is very easy for people with a
Check out some of the more commonly asked
questions about OES: http://www.novell.com/products/openenterpriseserver/oes_faq.html
Q: In a recent conversation with the CIO of
the largest company in their sector, he mentioned his interest in changing
completely to Linux-based servers and has already started this initiative. He
is currently trying out a variety of Linux Desktops and he is not concerned
about having exactly the same feature set as Windows. However, his overriding
concern was portability of existing MS Office documents [one example: Excel
spreadsheets] to the Open Source environment [such as OpenOffice] without
requiring any changes. Can you comment on this case study and his concerns?
When do you forecast the “critical mass” for corporate and consumer acceptance
to Open Source?
A: There is excellent file format level support in OpenOffice already. With OpenOffice as it stands in release
(1.1.3) only a small percentage of documents will require rework; these being
those documents with a focus on complex macros. In OpenOffice 2.0, now in Beta, this percentage drops as more powerful
macro tools become available. In the
case of Novell where we terminated our Microsoft Select Agreement, the number
of document format issues has been extremely small, and in many cases was
related to poor macro design.
Q: Can you provide three case studies from
your own experiences that demonstrate the value provided to businesses of
Novell products and services?
A: We have a public site http://www.novell.com/success that
documents success stories from customers who use the technology and services
every day. Customers can search by
industry, business issue (such as identity management, etc.). I strongly urge readers to visit here to find
the ones that are most relevant to their business/industry.
Q: You have a column in “one Net
news for Technology Professionals” where you express your personal
viewpoints. What prompted you to take this on and what can we expect from you
in future columns?
read a number of industry observance columns, blogs and the like and while some
are very good, there are others who spend all their time sucking up to some
other entity. Clearly I’m going to
favour Novell offerings where appropriate but my goals are to create awareness
of what’s happening in Open Source and at Novell, plus share some of my own
experiences and discoveries (even if Novell is not directly involved in some of
the things I write about). I hope that
readers will find it useful and that they may try something that they may not
have done prior to reading, examine their own perspectives, or simply get
energized. Having been in the industry
longer than some of the pundits, it’s been considered that my observations
would be valuable to folks.
As we go forward, I’ll discuss new apps and
tools, in addition to whatever is annoying me or exciting me at the time. In the next issue, there’s a piece on desktop
security targeted to the Windows desktop user. I’m appalled at how easily penetrated it is and troubled by the lack of
attention paid to these vulnerabilities by end users. Computer literacy takes time to build, but
the learning doesn’t end, and yet in some cases it looks like it has. That’s really very dangerous.
Q: What are the essential building blocks, processes for design and
deployment, and best practices around Identity Management?
A: It’s very critical to recognize that proper IdM architectures are built
to leverage an organization’s processes, not to force massive changes in
process implementation, although rationalization is a benefit of an
In the best case scenario, a Discovery
Workshop is completed to find “what is”, followed by a roadmapping session that
defines “what’s possible”, along with potential timelines and investment
summaries. Then the customer
organization can look at the overall opportunity and determine a prioritization
sequencing and plan. Once this is
complete, the mapping process begins to map the organizational processes into
the IdM architecture. As the mapping
progresses, the meta-directory and virtual directory implementations are
defined and created and the implementation timelines are struck. Workflows and provisioning methods get
documented and encoded.
IdM when well-designed does not require
every process to be attacked at the same time, in fact, a good architecture
provides great flexibility in what gets done when, allowing the technology to
fit the business and not the other way around. Key to the success of any IdM program is the early involvement of people
who have “seen the elephant”, and who can bring to bear multiple experiences
without the internal focus that is natural to employees of an organization
engaging in an IdM implementation. We
often hear that something cannot be done, not because it’s true but because of
existing perception and biases. External
resources from Novell or our IdM partners can reduce the implementation cycle
because they can facilitate getting past these barriers.
Q: What Linux solutions are available for business messaging and
collaboration? Discuss the challenges and recommended processes.
A: This is a very important question because I believe it is about much
more than software or hardware. Collaboration is a social element as much as a business tool, and good
architecture facilitates both. At the
core of any collaboration effort must be security. Security is really about confidence and trust. In the Linux world, the security is built at
the kernel level, so leveraging that is simple. The collaboration architecture is then built to leverage the security
that is inherent in the platform and then makes specific additions particular
to the collaborative process. By this I
mean, for example, make it easy to leverage digital signatures, or provide
Organizations also need to look at how
people really work. I talk about this
often in regard to Instant Messaging. I
often ask attendees at sessions if they have a policy regarding IM. Typically over 80% do, and the policy is no
IM on the corporate network. Then I ask
how that’s working out and invariably someone is honest enough to say it
isn’t. The issue here isn’t that IM is
bad or that the users are troublemakers but that the architecture is built in a
way that impedes work. When we do
storage assessments we constantly find email archives full of old messages that
have no reason to be kept because their usable life is less than a minute.
Novell brings a number of offerings to bear
in collaboration on Linux, including secure high performance server side
components such as GroupWise, flexible choices for workstations on Windows,
Linux and Macintosh as well as calendaring, and secure instant messaging. We also work closely with partners who
deliver integration with PDAs and RIM devices and our backend services. Partners also deliver excellent offerings in
the realms of central antivirus, antispam and document management. We don’t see the need for everything to come
from a single vendor, as long as standards are used, freedom of choice is very
Q: What are your five favorite Tips,
Tricks, and Traps?
A: 1) Don’t use Internet Explorer unless you absolutely have to. Get Firefox.
2) Invest in a good antivirus program and update it at least weekly.
3) Buy a license for a personal firewall, and for spyware detection /
prevention software, and use them. Same
deal for anti-spam software.
4) Protect your kids online. Limit
their time on the computer and encourage them to go outside and play.
5) Install a Linux desktop, like Novell Linux Desktop, and use it for 30
days. Then objectively look at what, if
anything, you cannot do with NLD that you could do with Windows. Once you
decide to stay on Linux, rejoice in the fact that you will get more life out of
your PC and not be a giant target for every black hat hacker out there.
Q: You choose the area. Can you share your
top ten “best practices” for businesses?
A: Be happy to, and as you might expect,
Novell can help you with every one of these.
1) Consolidate hardware as part of the next buying cycle to more efficient
structures such as blade architecture. It reduces operating expenses significantly and frees up space. Tie this to virtualization and with good
architecture you’ll save even more.
2) 99.999% uptime isn’t good enough. Explore clustering and distance failover and get some help if the skills
to do this are not present in the organization today.
3) Get a tight grip on your IT hardware and software assets. Know what is deployed where, and what you are
paying for. If you have old hardware
lying around unused, make sure it is fully depreciated, then get it off your
books and then hire a decommissioning firm who can provide you certification of
destruction. There’s a hidden property
tax attached to hardware, even fully depreciated hardware. Your corporate finance professionals will
understand this clearly.
4) Use a concentric ring security model, and maximize the security at the
perimeter but reducing the number of entry points. Avoid being dependant on technologies that
must be installed on a client workstation and do as much as possible centrally.
5) Compress your security perimeter by avoiding network extensions and
leverage standards in security alternatively to proprietary frameworks.
6) Create a centralized identity management framework that is platform and
operating system agnostic. Leverage
metadirectory and virtual directory capabilities to link line of business
systems and data storage via identity based computing. Identity management can also positively
impact the security framework. The
identity framework must include an audit component for legislative compliance
and proof work.
7) Focus on all new application development being done where the only
client side requirement is a browser. Leverage the identity framework as conveyed above as the authentication
and authorization engine, and then use web services technologies to build
reusable objects and screens for the delivery of the final application.
Integrating identity with web services provides for work being an activity, not
a place, and because of the identity component, the user only sees what he or
she needs to see to get the job done.
8) Be extremely careful with the use of wireless networks. Wireless networks remain for the most part,
open with no encryption. This is bad. Unfortunately the WEP model supported on
Windows workstations is also not secure. Consider instead WPA architectures that have more capability with more
frequent key rotation.
9) As part of the identity architecture, look to get to a single username
and password for the edge. Use IDM
architectures to reduce the number of IDs that end users have to deal
with. Statistically, after two unique
sets, people start to write these things down and that is potentially very
dangerous. To test this situation, walk
around your company after 7 p.m. and without using an administrative identity,
see how long it is before you can be inside your corporate network by using one
that you can easily discover. Once your
single sign-on architecture is in place, make it more robust by using strong
passwords that expire regularly and cannot be reused. If your organization is particularly security
conscious, consider adding multi-factor authentication elements such as
smartcards, tokens or biometrics.
possible, avoid using systems that are big targets for black hat hackers. While this sounds very logical, it’s an
unfortunate fact that the number one messaging infrastructure in use in
corporate North America is also the single largest target for virus/worm/malware/scumware
creators. The black hats have the luxury
of knowing what they will do before you do. Having the company messaging architecture out of commission due to
infection or destruction is definitely a career-limiting move.
Q: You have many milestones in your life, share
some of the lessons you have learned.
A: Ok, here are a few. If they seem
flippant, they aren’t.
Make a life / work balance. The adage about commentary on your tombstone
about working more applies here. Don’t
ride without a helmet. You may be great
but the idiot yattering on the cell phone and eating while driving will kill
you. For that matter, don’t ride in
shorts and sandals either, but hey, it’s your life. Just remember that roadrash hurts. Worry only about the stuff you can
impact. The rest of it you have no
control over so all you’ll get from worrying is high blood pressure. If you can impact it, then do so, or move
on. For every 10 things you try, you may
only achieve three of them, and that’s pretty darn good. In the war of optimism versus pessimism,
there are many camps of advocacy, but it’s easier to get out of bed if you’re
optimistic. Read books. Listen to great music, play if you can. Never stop challenging yourself to learn.
Q: Ross, you are in an ideal position to
make predictions. So make your top predictions in any areas of your choosing
and provide specific time frames? Justify your predictions…
A: I’d rather not. I’d hate for people four centuries from now
to be beating on my reputation like they do to Nostradamus. But here are three
simple but relevant thoughts.
1) What: Everything that is today
will change. When: Every day. Justification: Chaos Theory.
2) What: The scale of Moore’s Law will
change. When: Already started.
Justification: The existence of Moore’s Law
prophesies the change itself.
3) What: If this country doesn’t get
behind developing skills and encouraging business growth and encouraging smart
people to stay here, it will be a third world country. When: By 2050 if things don’t change soon. Justification: Economists in the
Federal government believe this too, but nothing is happening to address
it. We still lose smart folks to other
parts of the world. I don’t do political
rants, although I could. Call Dennis
Q: What are your favourite information
links, tools, and other resources? Why?
A: People are the best sources. Different perspectives see different things and that’s often interesting
and useful. I enjoy conversation with
other technologists, not specifically for a particular subject but to try to
learn to see what they see.
Sourceforge, Freshmeat – because they are great places to look at
what interesting people in IT are doing.
Technology Review – MIT’s magazine is truly awesome. Every technologist should subscribe and
discover what smart folks in other fields are doing. The interrelationship opportunities are
fascinating and compelling.
I subscribe to a number of RSS feeds that show up nicely in
Firefox. In addition to the Linux and
Macintosh feeds, I like The Register and Slashdot as examples.
I use web searches a lot but I’m cautious about the citations and
understand the way the relevance scores are calculated. Everyone knows Google and that company is
quite forthcoming about how their rankings are done. An excellent search tool that is less
well-known is Teoma. Try it out at www.teoma.com
Q: Ross you are a dedicated guitar
collector and you spend your leisure time restoring and working on classic cars
and motorcycles. Comment on these passions?
very much enjoy the hunting part of collecting. There’s a great deal of enjoyment in tracking down a specific
piece. The big auction that happened in Toronto recently
had some truly awesome instruments although well outside my price range. I’ve slowed down on the collecting a bit due
to space considerations, but every now and again the mood strikes. I recently spent some time looking for a
Gretsch White Falcon, but didn’t find one that struck me. As we keep growing the business, the stock
will reach the point where I can go get one of Paul Reed Smith’s original
I don’t do much in the way of restoration
any more, time being the challenge, but we still enjoy keeping the old cars on
the road and driving when the weather is good. A few of us from Novell attended the BMW Driver School last
year and I’d like to do the next section this summer.
Q: Ross, thank you for taking the time to
do this interview and sharing your depth of experiences with our audience.
A: You’re welcome.