Portfolio

Steve Hoenisch

E-Books

Disclaimer: Although Criticism.Com contains links to publications that I’ve written while employed by VMware or EMC, the views expressed in the pages published on Criticism.Com are strictly my own and are not the opinions or views of VMware or any company that I have worked for in the past, such as EMC. The publications published by VMware or EMC are on their respective web sites; these are just links to those publications.

Kubernetes on vSphere For Dummies. Book published by Wiley and VMware.

Accelerating Digital Transformation with Containers and Kubernetes: An Introduction to Cloud-Native Technology. This e-book introduces you to containers and Kubernetes, explains their business value, explores their use cases, and illuminates how they can accelerate your organization’s digital transformation. Published by VMware Press.

Cloud Native Stack Security eBooklet. Published by VMware.

Glossary of Cloud-Native Terms. This booklet presents definitions for terminology in the cloud-native space. The definitions are not intended to be axiomatic, dictionary-style definitions but rather plain-language descriptions of what a term means and an explanation of why the technology associated with it matters. Published by VMware.

White Papers

Disclaimer: Although Criticism.Com contains links to white papers that I’ve written while employed by VMware or EMC, the views expressed in the pages published on Criticism.Com are strictly my own and are not the opinions or views of VMware or any company that I have worked for in the past, such as EMC. The white papers published by VMware or EMC are on their respective web sites; these are just links to those papers.

Intrinsic Security for Telco Clouds at the Dawn of 5G: An Integrated Approach to Helping CSPs Meet Emerging Security Standards. This technical white paper summarizes the security risks and requirements that CSPs face as they transition to 5G networks and increasingly rely on virtualization, containers, and cloud computing. The paper illustrates how VMware technology protects telecom networks with an array of built-in security measures, many of which can be automated. Published by VMware.

Intrinsic Security for Telco Clouds: Protect Infrastructure with Built-in Measures. This short paper explains how the VMware Telco Cloud emphasizes intrinsic security—security that’s integrated with the software and infrastructure so it’s programmable, automated, adaptive, and context-aware. Published by VMware.

VMware Ready for Telco Cloud. A short overview of the solution.

Driving Digital Transformation with Containers and Kubernetes: How Kubernetes Manages Containerized Applications to Deliver Business Value. A white paper published by VMware.

Containers on Virtual Machines or Bare Metal?: Deploying and Securely Managing Containerized Applications at Scale. This white paper meets objections to running containers on VMs with technical explanations and evidence-based responses. It argues that combining containers and VMs establishes the perfect catalyst for reliably and robustly deploying and operating containerized applications at scale. Published by VMware.

Cloud Native Stack Security eBooklet. Published by VMware.

Demystifying Kubernetes. Published by VMware.

Managing Microservices Across Multiple Kubernetes Clusters. Published by VMware.

Managing Microservices at the Application Layer with Istio. Published by VMware.

Strategic Kubernetes Options To Deploy Any App on Any Cloud. Published by VMware.

Run Windows Containers on Upstream Kubernetes. Published by VMware.

Simplify Multi-Cloud Operations with VMware Enterprise PKS. Published by VMware.

Impose Security by Default: Reduce Security Risks and Block Attach Vectors with Enterprise-Ready Countermeasures. Published by VMware.

VMware Cloud PKS Technology Primer. Read this paper to understand the cloud technology that powers VMware Cloud PKS. Published by VMware.

Top Reasons to Deploy Containers on VMware vSphere with VMware Enterprise PKS. Published by VMware.

Accelerate Deployment by Moving Apps to VMware Enterprise PKS. Published by VMware.

Deploy and Manage Modern Apps with VMware Enterprise PKS. Published by VMware.

Cloud Native Security with VMware Enterprise PKS. Published by VMware.

Build and Manage Cloud-Native Apps with VMware Enterprise PKS. Published by VMware.

Deploy Modern Apps with Kubernetes as a Service. Published by VMware.

VMware Cloud PKS Solution Overview. Published by VMware.

Deliver Self-Service Infrastructure for Agile Development. Published by VMware.

Repackage Applications with Containers to Accelerate Application Development and Deployment. Published by VMware.

Securing Cloud Platforms with Project Lightwave. Published by VMware.

Accelerating Digital Tansformation through Cloud-Native Applications: An Overview of VMware Cloud-Native Solutions. Contributing editor and contributing writer for this white paper published by VMware.

Running Containers at Scale with Photon Platform: A Secure, Multitenant Architecture for Cloud-Native Applications. Published by VMware.

Deploying Cloud-Native Applications with Photon OS. Published by VMware.

EMC Isilon Scale-Out NAS for In-Place Hadoop Data Analytics. Storing data in EMC Isilon scale-out network-attached storage optimizes data management for Hadoop analytics. Separating data from HDFS clients and storing it in an Isilon cluster provides scalability, efficiency, and workflow flexibility. Published by EMC.

OneFS Multiprotocol Security Untangled. This white paper describes the role that identity management, authentication, and access control play in the EMC Isilon OneFS security system. Published by EMC.

Data Lakes for Data Science: Integrating Analytics Tools with Shared Infrastructure for Big Data. This paper examines the relationship between three primary domains of an enterprise big data program: data science, analytics frameworks, and IT infrastructure. A decision about tools or infrastructure in one domain can affect, and potentially limit, what can be done in the other domains. Published by EMC.

EMC Isilon Multitenancy for Hadoop Big Data Analytics. The EMC Isilon scale-out storage platform provides multitenancy through access zones that segregate tenants and their data sets. An access zone presents a portion of an Isilon cluster as a secure virtual storage region with a unique HDFS root directory for the zone’s tenant. With NFS, SMB, and HDFS access to each zone, an Isilon cluster delivers a scalable multitenant storage solution for analytics tools. Published by EMC Isilon.

Compliance and Security for Hadoop Scale-Out Data Lakes. As credit card companies, medical researchers, and financial institutions analyze data with Hadoop to detect fraud, improve health care, and create innovative products, the stored data poses a compliance problem: The Hadoop File System lacks the enterprise security features that compliance regulations require. As a result, big data analysts are imperiling the integrity, confidentiality, and availability of their Hadoop data. This white paper explains how the EMC Isilon OneFS operating system securely stores data for Hadoop analytics to help meet such compliance regulations as PCI DSS, FISMA, and HIPAA. Published by EMC.

EMC Isilon Performance at Scale for Electronic Design Automation. This paper describes how EMC Isilon network-attached storage delivers performance, scalability, and efficiency to optimize data storage for electronic design automation. Published by EMC.

EMC Isilon Multiprotocol Data Access with a Unified Security Model. This white paper explains how the unified security model of OneFS resolves mismatches between the permissions of Windows and Unix systems while preserving the security of files and satisfying the expectations of users. Published by EMC Isilon.

Identities, Access Tokens, and the OneFS User Mapping Service. The OneFS user mapping service combines a user’s identities from different directory services into a single access token and then modifies it according to the rules that you set. This paper explains how to map identities across directory services to uniformly control access to the OneFS file system. Published by EMC.

EMC Isilon Scale-out NAS: An Architecture For Resiliency, High Availability, And Data Protection. This paper demonstrates that the EMC Isilon file system can remain online while a cluster sustains multiple failures of underlying components. The EMC Isilon OneFS architecture, data protection scheme, and high-availability features deliver resiliency, reliability, and data availability. Published by EMC Isilon.

EMC Isilon Scale-Out NAS for Video Surveillance Systems. This white paper demonstrates how an EMC Isilon scale-out NAS cluster provides the scalability, efficiency, simplicity, and agility to fulfill the storage requirements of a large, centralized video surveillance system while reducing capital expenditures and operating expenses. Published by EMC.

EMC Isilon Storage Best Practices for EDA. This paper describes the best practices for setting up and managing an EMC Isilon cluster to store data for electronic design automation (EDA). Published by EMC.

EMC Isilon Best Practices for Hadoop Data Storage. For OneFS 7.0. This paper describes the best practices for setting up and managing the HDFS service on an Isilon cluster to optimize data storage for Hadoop analytics. Published by EMC Isilon.

OpenStack Swift Object Storage on EMC Isilon Scale-Out NAS: The EMC Isilon scale-out storage platform provides object storage by exposing the OpenStack Object Storage API as a set of Representational State Transfer (REST) web services over HTTP. The objects that you store through the Swift API can be accessed as directories and files through NFS, SMB, and HDFS. The result is a standard method of securely integrating data-intensive applications with the Isilon storage platform and then sharing the data with other applications, such as Hadoop and Apache Spark.

EMC Isilon Best Practices for Hadoop Data Storage. This paper describes the best practices for setting up and managing the HDFS service on an EMC Isilon cluster to optimize data storage for Hadoop analytics. For OneFS 7.2 or later. Published by EMC.

Monitoring Unstructured Data: Uniting Multi-Protocol Storage and Cross-Platform Access Control for File Activity Monitoring and Context-Aware Security. This white paper maintains that a multi-protocol file server or NAS system with an integrated cross-platform access control system is a blueprint to efficiently and effectively monitor unstructured data.

Securing Unstructured Data: Protecting Sensitive Files by Uniting Identity, Security, and Storage. This white paper describes a number of problems that make it difficult to secure unstructured data and then highlights technologies to overcome them.

Auditing Unstructured Data: Identity-Aware Storage, File Activity Monitoring, and Compliance Reporting Across Platforms. This white paper argues that a multiprotocol file server with an integrated cross-platform access control system is the architectural basis for solving many problems in auditing unstructured data.

Fact Sheets and Data Sheets

Photon OS: A Linux Container-Optimized Operating System. Project Photon OS is an open source Linux container host optimized for cloud-native applications, cloud platforms, and VMware infrastructure. Photon OS provides a secure runtime environment for running containers.

Datasheet: VMware Pivotal Container Service. Contributing writer. Published by VMware.

FISMA Fact Sheet: This fact sheet outlines Likewise’s technical security controls for electronic assets stored on file servers and NAS systems. The fact sheet also discusses how Likewise performs continuous monitoring of stored assets.

HIPAA Fact Sheet: This fact sheet describes Likewise’s security controls for electronic protected health information stored on file servers and NAS systems. Specifically, the fact sheet details how Likewise addresses the Administrative Safeguards and the Technical Safeguards sections of the HIPAA Security Rule.

The fact sheet also discusses how Likewise’s architecture provides the foundation and the functionality to perform continuous monitoring of unstructured health data to address emerging information security guidelines from the National Institute of Standards and Technology.

Case Studies

Energy Company Achieves Red Hat Windows Integration: This case study describes how a company deployed Likewise Enterprise to integrate IBM AIX and Red Hat Linux machines with Microsoft Windows computers and Active Directory.

SEO Writing and Marcom

Storage Optimization: Tune Your Management Strategy for Unstructured Data: The explosion of unstructured data in the face of shrinking IT budgets demands efficient storage management. Virtualization, deduplication, tiering, charge-back models, and service-level agreements are all essential, but to truly excel you need to manage your unstructured data in the context of its life cycle and your business strategy.

Tune Your Management Strategy for Unstructured Data: The explosion of unstructured data in the face of shrinking IT budgets demands efficient storage management. Virtualization, deduplication, tiering, charge-back models, and service-level agreements are all essential, but to truly excel you need to manage your unstructured data in the context of its life cycle and your business strategy.

Exception Monitoring and Reporting: Unmanaged piles of unstructured data can be unnerving. When file servers overflow with documents that might contain sensitive, proprietary, or confidential content, you get that sinking feeling: There might be information in there that violates one or more compliance regulations. And if exposed, whether through an internal or external threat, it could damage the reputation of your company, undermine your competitive advantage, and lead to legal problems and fines. Identity-aware exception monitoring and reporting is an effective way to get visibility into anomalies around access to unstructured data.

File Activity Monitoring: As unstructured data rapidly accumulates on file servers and NAS systems, a new security requirement is becoming paramount: file activity monitoring. It stems from the pressing need to track and protect sensitive unstructured data.

Likewise Data Analytics and Governance: Unstructured data is growing faster than all other types of data and will increase by 800 percent during the next five years. Analysts are referring to it as the big-data explosion. But big data brings new challenges. Because 40 percent of it typically contains sensitive information, compliance regulations or internal policies mandate security. At the same time, workers depend on easy, rapid access to do their job. Security, then, must be balanced with availability. Easier said than done: Data silos, access barriers, different protocols, security gaps, and a lack of control stand firmly in the way, increasing risks and costs. Likewise Data Analytics and Governance unites identity, security, and storage to overcome the challenges of managing unstructured data.

Storage Access Control: As heterogeneous networks increasingly spawn data silos – file servers segmented by storage protocol – the files of Unix users are typically stored on separate servers from the files of Windows users, making it hard to secure unstructured data with a centralized access control system. By providing a cross-platform file server with an integrated access control system, Likewise Storage Services secures access to unstructured data regardless of whether a user is accessing it from a Unix or a Windows computer.

Reporting Features for IT Auditing and Compliance: By integrating storage, identity, and security, Likewise gives you a panoramic vista from which you can look out across your files servers and see your unstructured data. Patterns of storing data and subsequently accessing it become visible. Security vulnerabilities are exposed so you can fix them. Complinace reports are linked to the identity management system to show who accessed which files.

Multiprotocol Data Access with CIFS and NFS: Likewise Storage Services delivers secure, multiprotocol data access with a CIFS/SMB and NFS file server accessible by Microsoft Windows clients and Unix clients simultaneously.

Data Storage Compliance for HIPAA, PCI, SOX, and FISMA: Likewise Data Analytics and Governance delivers compliance solutions for unstructured data stored on file servers and NAS systems.

FISMA Compliance for File Servers and Storage Systems: FISMA mandates that you protect information and information systems to provide confidentiality, integrity, and availability. To do so, you must implement security controls. Technical security controls for unstructured data stored on file servers and NAS systems take the form of authentication, access control, auditing, monitoring, and reporting.

Managing Storage Systems and Unstructured Health Information for Regulatory Compliance: The Health Insurance Portability and Accountability Act and the Health Information Technology for Economic and Clinical Health Act establish rules and regulations for the health care industry. Likewise delivers software solutions that help the health care industry comply with HIPAA, HITECH, and other regulations. The software secures, monitors, and audits protected heath information stored on file servers and NAS systems to guarantee the data’s confidentiality, integrity, and availability.

Managing File Servers and NAS Systems for PCI DSS Compliance: The Payment Card Industry Data Security Standard is a set of requirements for businesses that process payment card information. Likewise helps you fulfill these requirements by securing, monitoring, and auditing customer account information stored on file servers and NAS systems.

Solutions for Monitoring the Utilization and Performance of File Servers and NAS Systems: Likewise Data Analytics and Governance delivers storage management solutions that monitor the utilization, performance, data, and users of file servers and network attached storage. The Likewise console displays the information on a dashboard and in reports.

Gain Visibility into Unstructured Data on File Servers and Network Attached Storage: Likewise Data Analytics and Governance monitors the utilization of file servers and network attached storage in near real-time to gain visibility into unstructured data and to optimize storage resources.

Analyze Metadata to Optimize File Servers and NAS Systems: As unstructured data grows in volume, velocity, and variety, gaining visibility into the usage of storage resources gives you the insight to balance storage costs with performance. Likewise Data Analytics and Governance monitors the metadata on network attached storage systems to show patterns of data access and utilization – information you can use to improve the performance of storage systems.

Manage Unstructured Data on Virtual File Servers and NAS Systems: Although virtualization saves money, it can result in VM sprawl: Virtual machines multiplying into file servers faster than you can figure out what’s on them and who is using them. As unstructured data expands and virtual file servers proliferate, visibility into the data-usage patterns that take place on virtual filers improves capacity planning, utilization, compliance, and security.

Monitoring Unstructured Data on File Servers: This page describes how Likewise monitors the metadata of unstructured data to solve such storage problems as information lifecycle management and tiering.

Join Sun Solaris Systems to Active Directory: Likewise Enterprise integrates computers running the Solaris operating system with Microsoft Active Directory, yielding a range of benefits for users, system administrators, and managers. Solaris users get single sign-on. System administrators rest easy with the knowledge that users are securely authenticated with the Kerberos protocol. Managers see their operational costs drop as Solaris computers are centrally managed with Active Directory. Security managers find help in their quest for regulatory compliance.

Managing Unstructured Data for Sarbanes-Oxley: The requirements for SOX compliance represent something of a shifting goal. Instead of specific IT compliance requirements, Sarbanes-Oxley relies on general principles. Problem is, they are subject to interpretation by auditors. Different auditors might ask different questions; expectations might change from year to year; controls deemed adequate one year might be insufficient the next.

So the key question becomes: How can you put in place internal controls that address different auditors, shifting objectives, and various risks? A powerful approach is to implement internal controls that establish a strong foundation for Sarbanes-Oxley compliance.