R & D

Driving business with innovation

Symantec's Centers of Innovation in India are committed to fostering and sustaining innovation to satisfy customer needs and market demands. By Vinita Gupta

Symantec is looking at long-term success and customer loyalty through innovative next-generation technologies, architectures and standards. The company invests 15% of its revenue into R&D. Research and product development at Symantec are driven by customers’ needs or market demands, like the need for archival due to government regulations. Even while working on projects whenever they come across new problems the company tries to evolve innovative solutions. For example, while detecting malware the company came across different kinds of emerging threats and is working on the problem.

The company believes that its internal R&D efforts helps strengthen its businesses and improve its competitive positioning. Basant Rajan, the recently appointed CTO at Symantec India said, “With more than 300 US patents in technologies addressing security, systems management, and storage needs for consumers, small businesses, and enterprises we are dedicated to meeting the changing needs of consumers and enterprises by providing the most innovative software and services.”

Archiving and indexing file formats

The rapid growth in, and use of, electronically generated and stored information is inundating most organizations. Even the types of data used by organizations continue to expand. The use of systems that contain structured, semi-structured and unstructured data types continue to grow and they contain more business-critical information than ever before. This creates problems beyond just storage, since this data must be indexed and easily retrievable at a moment’s notice for a wide variety of applications. Any system deployed within an organization for data retention, extraction and destruction must support all data types.

Complicating the issue further are ever more stringent statutory requirements for data retention and increasing requirements for capabilities that can extract data for the purpose of supporting legal discovery efforts. As a result, IT must learn how to leverage the commonalities in data retention requirements and data types while maintaining control of a growing quantity of data. Doing so is critical if an organization hopes to establish a framework for the efficient retention and retrieval of electronic data.

The company is also looking at broadening its domain beyond e-mail and IM to support file formats from verticals, such as healthcare and engineering. For instance, Indian hospitals that have subsidiaries overseas have to be HIPAA and/or SOX compliant in order to do business in countries abroad. A regulatory requirement for storing, with the capability to retrieve, patient records for twenty years can be addressed only through high-end technology. These technological advances are critical for hospitals to stay competitive.

Addressing the challenges discussed above Symantec is currently working on a project called XML Ingestion for Enterprise Vault. Rajan said, “The XML Ingestion for Enterprise Vault project is aimed at enabling Enterprise Vault to archive and index a variety of popular file formats like intelligent archiving and retrieval of voice files. This is an important area for compliance. Further indexing documents and metadata for arbitrary file formats will be enabled via this project.”

Automatic detection of misconfigurations

Misconfigurations are inevitable and expensive. A challenge IT departments face involves understanding and keeping track of the current IT system and application configurations. This includes monitoring any changes to these configurations and identifying who made the alterations. Many IT departments spend significant amounts of time and money trying to diagnose a problem after an upgrade or a change in system configuration, and in some cases, applications are offline during these exercises.

IT needs to identify all changes made to a configuration, which could be the potential source of a problem, and then come up with the last known good configuration so that changes can be quickly rolled back or updated. Faster problem resolution, such as reverting to working configurations, mitigates the risk of conducting large scale changes.

Symantec has products that help customers compare existing configurations with historical changes in order to quickly identify and resolve problems, reducing the risk of applications being unavailable for several hours or worse, days. These solutions monitor development and disaster recovery implementations, helping IT complete planned changes as quickly as possible and mitigating the impact of unplanned disruptions to configurations.

By tracking changes in real-time, Symantec’s products generate alerts and reports if a configuration fails to comply with a standard. Real-time notification of changes made to an application infrastructure can prevent application downtime as IT is immediately made aware of a configuration infraction when compared to the standard. In some cases, reporting capabilities can help IT identify particular configuration changes that increase susceptibility to system security breaches as well as identify internal employees who may be maliciously attempting to hack into applications.

The challenge then is to explicitly specify standards and keep policies up-to-date in a dynamic environment. Further, to be able to predetermine all policies is a Herculean task.

The company is working on Automated Inference of Data Center Anomalies (AIDA) project. The project is aimed at the advanced automatic detection of all misconfigurations without a specification of policies or standard configurations.

“The detection technology should also be able to do this without requiring extensive domain expertise. Within the project we would be analyzing available configuration data and automatically inferring existing rules or polices (the norm). Research on anomaly detection is a significant part of the project,” added Rajan.

About AIDA

Automated Inference of Data-center Anomalies (AIDA) works with existing configuration data Identifies anomalies in configuration data Complements existing rule engines Uses standard data-mining algorithms Agentless and off-host operation

Virtual Machine-Aware storage

Faced with exponential storage growth, increasing operational costs, data-center power and cooling limitations, and the need to provision and bring new applications online more rapidly to support critical business needs, many customers look to virtualization strategies to ease their management burden. As customers adopt virtualization strategies, however, they discover that it actually increases the complexities of storage management related to monitoring, reporting, and managing a virtual environment. With physical storage now separated by two or more degrees from the logical storage that an application consumes, traditional storage management approaches are no longer valid. The task of understanding resources that applications depend on which now traverses the virtualization layer can be a daunting one for the storage administrator.

Symantec helps customers reduce the complexity of managing their heterogeneous virtual and physical data centers, and realize cost savings from standardizing on a common, unifying layer of infrastructure software. As seen above, server virtualization can reduce hardware costs, but the ease of deploying Virtual Machines is leading to virtual sprawl and compounding complexity in the data center. The result is a greater need for centralized IT management tools with visibility that spans physical and virtual environments.

Rajan said, “We are continuously doing research on Virtual Machine-Aware Storage. The research is aimed at reducing storage requirements by several orders of magnitude in large Virtual Machine deployments. Potential future solutions in this space could help improve the efficiency of all aspects of storage management (patching, cloning, backup, etc.) in virtual datacenters.”

vinita.gupta@expressindia.com