Major Releases from Cisco today!!

Cisco has announced some major products and updates this morning around their UCS product line.  These announcements are not only just hardware and software but they also show how Cisco is seeing the changing data center landscape and realizing where they need to compete.  As a note i will be updating this as i get more information, as well as deep diving on each topic shortly.  I suggest you follow me on twitter @ck_nic or subscribe to the blog to see when i’ve updated this or added deep dives.

Cisco has realized that the single monolithic data center is not always the norm today.  Companies are moving towards more Remote Site or Multi-Data center environments.  In my opinion this is something that has been happening for years, but only recently has accelerated.  With new technologies such as VXLAN, OTV and huge advances in the virtualization world, there is no need to build a single giant data center.  Personally i’m seeing companies building multiple smaller and more efficient data centers, or utilizing space in remote offices or shared space.  In addition the push for the “Internet of Things” is only going to accelerate that, as computing power will need to be closer to the edge.  In addition, Cisco also has recognized the “app-centric” data center and cloud model that most of the vendors are moving towards, especially around the SDN and automation areas.  Cisco has announced several new items that speak to this.

UCS Mini

First, Cisco has announced the UCS Mini.  This is a UCS blade chassis with the Fabric Interconnects in the back of the chassis instead of top of rack.  Cisco is positioning this as “Edge-Scale Computing”.  They see the UCS Mini being deployed in Remote offices or smaller datacenters where the expected growth is small and the power and cooling requirements need to be smaller then the current UCS line.  For WAY more information I suggest you read my earlier post relating to the UCS Mini here.  I have updated it with some new information gained in the last week or so.

UCS Director Updates

Secondly, Cisco has updated its UCS Director Software to be more useful to more people.  The UCS Director software will now allow an administrator to automate and monitor not only UCS equipment but be able to work with Nexus products as well.  UCS Director will also be able to push out ACI configurations to the new Nexus 9k product line, here.  UCS Director has also introduced what it calls “Application Containers”.  These will allow configuration to be done from the “Application Level”.  What this means is you will be able to create networking and compute resources for a given application.  Cisco is stating that this is a very good way to simplify private-cloud deployment.  Finally, UCS Director has provided Hadoop integration into the product.  There is now a very easy way to deploy and monitor Hadoop clusters on UCS hardware.  This is something i’d like to see more of, personally.

UCS M-Series Servers

Cisco is announcing a new line of servers today that are very different then just about any other server in the market today.  Cisco’s M-Series servers are modular servers that can pack 16 individual servers into a single 2U chassis.  This is accomplished by creating “Compute Cartridges” that consist of CPU & Memory only.  Each cartridge contains two seperate servers with a single Intel Xeon E3 processor and four DIMM slots.  All of the cartridges share 4 SSDs that serve iSCSI boot LUNs to each compute node, as well as all Power supplies, Fans & Outbound Network & SAN connections.  These servers support the new VIC 1300 mentioned below, that means these can be uplinked to a UCS Fabric Interconnect as well. Now, these servers are NOT designed to run your typical virtualization or bare-metal OSs.  These are designed more for a lightweight OS, such as linux.  Cisco sees these being deployed in large numbers for uses like, BigData or other “Scale-Out” applications, online gaming, and ecommerce.  Now there has been a lot of talk about compasions to both HPs Moonshot servers as well as to the offerings of Nutanix.  These are a bit different then both.  Nutanix is a “Hyper-Converged” platform where it uses its own filesystem, and does a lot of neat tricks to distribute things across the nodes, the compute nodes become part of the virtual environment more then normal servers.  The M-Series is “Disaggregated” it uses what Cisco calls its “System Link” technology to separate the components making them more modular.  HP’s Moonshot is somewhat similar to the M-Series in that it used “server cartridges” however they are mostly Atom based processors, and still have some other hardware in the cartridges.  Cisco’s is all full Intel Xeon x86 processors.

UCS C3000 Series Servers

Cisco is not only releasing a compute heavy server but also a storage heavy one.  Cisco has announced the C3160 Rack Storage Server.  It is a 4u server that is capable of holding up to 360TB of storage space.  It is a single server just like any other, it has two processor sockets and a LSI 12GB SAS  Contoller that is connected to the disks.  Cisco is targeting this server at BigData or Web Applications that need a very large, fast central storage repository.  Cisco has provided some examples where it uses both the new M-Series and the new 3160 together in various designs.  It has mentioned both BigData and gaming services where the compute is distributed across an array of M-Series with all of the backend storage being hosted on the C3160’s.

New M4 Servers & VIC released

Cisco has announced the newest line of its blade and rackmount servers, the B200 M4, C220 M4 & C240 M4.  These servers take the advantage of the latest Intel processors as well a DDR 4 RAM, with up to 1.5TB of RAM per server.  Cisco is not introducing any configuration constraints that some other vendors have been doing.  Cisco has said will support the new 18-core Intel processor, when released.  This means you could get 36 full cores, 72 if you count hyper-threading in each blade!!!  Cisco has also announced a new VIC 1300 to go along with the newer servers.  This VIC is native 40gb capable.  However until the new FIs and IOMs are released the card will run at 4x 10gb.  For the PCIe based version the VIC have QSFP ports on it which will support both breakout cables as well as a special adapter that will convert 40gb to 10gb.  Its nice that these VIC are released to “future proof” hardware for when we see more 40gb switches, however i am a bit bummed we didn’t see a 40gb FI.

Overall there has been a lot of things announced and lot of information to be digested.  I have seen some pictures of the new hardware and hope to get to play with it soon.  Expect some deep dives to be written about the hardware and my experience with it.

Wednesday here at VMworld

Today is the third full day of VMworld.  So far things have been a whirlwind and i’ll admit i’m beat.  Coffee is becoming my best friend again after not drinking much of it in a while.

There has been a bunch of announcements over the past few days, the EVO product line being announced, VMware releasing VMware Openstack, improvements to the EUC space, discussion about vSphere 6.0 Beta, various updates of other products to 5.8 like SRM for one.

Today is my marathon session day.  I’m looking forward to them all.  I have sessions that deep dive on EVO:RAIL, Performance best practices around VSAN, a full End to End demo of VMware Openstack and a deep dive in increasing performance for those apps that need a bit more care when virtualizing.

Tonight is the VMworld party as well, which is usually a pretty good time, although a bit crowded.  I’ll admit i don’t know who the band is that is playing but they usually have somebody pretty good.

Anyway, i’m off to some sessions, i will be creating small posts around each of them, assuming they are as good as their title suggests.

 

Enhancements in vSphere 6.0

I have been using the vSphere 6.0 Beta for a while now.  It has been a pretty cool experience and VMware has done a nice job with the product.  VMware has announced some of the features that are in the Beta.  I’m only going to go into detail where i can, or where others have blogged.  Technically the Beta has an NDA, so i can only really mention what has been made public. Below is some of the new or improved features.

Enhanced vMotions:

vMotions are a very important part of vSphere.  As of vSphere 6.0 you are able to vMotion VMs between two different vCenters.  This is pretty cool.  You can now move a VM anywhere inside your datacenter, if you have multiple vCenters.  Even cooler is they now support “Long Distance” vMotions.  This means you could actually vMotion VMs from one datacenter to another.  This should NOT be used as your sole Business Continuity or Disaster Recovery plans.  Now there are some caveats to this long distance vMotion.  You need a ~250mbps connection between the vCenters.  This does NOT have to be L2, you can route the vMotion.  The connection between the datacenters should also be ~100ms roundtrip time.  So your old satellite links aren’t going to cut it.  This is pretty cool and something i could see people using.  Remember that since its still a vMotion, the storage must be migrated cross-sites as well.  This operation could take quite a bit of time.  I wouldn’t want to be doing huge VMs or too many at once.

Multi-Processor Fault Tolerance:

Finally after so many years of FT existing, and only being limited to a single vCPU, VMware has come through.  As of 6.0 Fault Tolerance will not support up to four (4) vCPUs in a FT protected VM.  This opens FT up to 80%+ of all your VMs.  Now FT typically consumes a pretty good chunk of network bandwidth.  Remember your sending CPU instructions over the wire.  I’ve seen just a few FT VMs consume a 10gb link.  I think people will quickly realize that you can’t enable FT for all your VMs.  This is still really cool.  You could now protect your vCenter VM without having to use vCenter Heartbeat.  I would like to see how this plays out with other apps, such as SQL or Web Servers.

Improved Web Client:

VMware has listed to the community and their customers in regards to the Web Client.  They have improved not only its responsiveness but its layout a bit.  They have also added some nice little bells & whistles that are only available to the Web Client, in the Networking & Storage space specifically.  I’ll admit i have NOT been a fan of the Web Client since its introduction.  However, as of the 6.0 Beta i have actually liked it and have gotten used to its UI.

 

 

Good Morning Its Day 2 of VMWorld

Morning all.  It is a very nice Tuesday morning (even though i keep thinking it is Wednesday).  Today should yield some big news around the End User Computing space.  I’m really looking forward to seeing what will be announced.

If you haven’t hit any of the hands on labs, i recommend going as soon as you can.  The lines can be a bit long but they have some really neat ones so i’m told.  I will be hitting a bunch later.

I also recommend visiting the vendors in the Solutions Exchange.  Today is a good day to actually get some excellent information from them, instead of just grabbing a ton of Swag.  🙂   I’ve been really impressed with some new technology and innovations from Vendors that i normally would not have really given a second look at.

Tonight there is a bunch of parties and events.  I’d look here, VMworld Gatherings.

Now onto the General Session

VMware is betting big on EVO

If you didn’t watch the VMworld Keynote today, or read anything on twitter, or were just too busy, it is Monday, then you missed VMware’s big announcement.  They are moving into what they call the “hyper-converged” infrastructure.  They are helping develop pre-built compute nodes with vSphere already bundled in.  All of this is a single SKU as well. They are calling this new product line EVO.  There are two products currently announced in the EVO line.  The first actually exists already and that is EVO:RAIL.

EVO:RAIL is designed for your small to medium shops, that are looking to run up to 400 server VMs or 1,000 VDI desktops in this hyper-converged platform.  This is not a product that we will see running your Fortune 100’s datacenters.  The base compute nodes are NOT built by VMware, as some rumored!!  These appliances are built by various EVO partners, Dell, Fujitsu, Inspur, Net One Systems Co. and Supermicro.  These partners will all GA their appliances in the 2nd half of this year….so shortly.  EMC is also involved but will not be shipping until 2015.   These appliances are a 2U box with 4 separate compute nodes within the 2U footprint.  Each appliance is designed to run 100 server VMs or 250 VDI VMs. Right now you can scale up to 4 appliances per cluster

What makes these appliances pretty neat is that VMware vSphere will be automagicly setup on these nodes.  The entire RAIL product line and experience  is designed for the non-vcp crowd, the very green admin who knows very little about VMware administration.  Everything is done through a simplified GUI that walks you through everything.

When an appliance is first racked/stacked and powered on, an actual Webserver VM is powered up as well.  This web server, running Java FYI, will then be connected to in order to setup the environment.  The setup wizard asks very simplified information, hostname prefix for all the nodes, desired passwords, and basic networking information such as IP and VLAN numbers.  Now most of these fields are filled in automatically with a default set of information.  All the values can be changed, and the wizard is smart enough to look for critical errors, such as overlapping IP ranges for example.  The wizard will then run against all the seen nodes and begin to setup vCenter, HA, DRS, & VSAN for storage.  If there is an error the wizard will show the error and prompt for information in order to fix it.  It will not just die and leave you in an unfinished and unknown state. (I’m looking at you EMC, as i’ve had terrible luck with their wizards doing just that)

Once the environment is up, the same webpage you used to build the environment is used to manage it.  It presents a very simple dashboard that gives you lots of information about the health and status of the EVO:RAIL cluster.  There is a section that allows you to create new VMS, including uploading ISOs, specifying the VM “size” (right now its a pretty static, small, medium & large) as well as the “Security Options”.  This can be none, basic (what is created today), a secure setting and a total locked down option.  (My believe is that there must be some NSX bits involved, however i was told no… not sure i believe that)  The VM can then be administered from another part of this GUI.   You can power it on, view the console, and make minor configuration changes.  This is making VMware be able to be used by the user that has next to no knowledge about VMware.  I typically use the analogy of the janitor being able to do it.

The EVO:RAIL system will be updated and managed by a separate set of firmware and patches from the general repos and VUM.  I’ll repeat you do NOT use VUM to update these appliances.  This is excellent news since VUM and i are not friends.  These appliances will be treated as just that a single block, not a separate compute node, storage equipment and vsphere running on top.  This makes is stupid simple to work with.

Here is the other thing i really like.  You are not forced to use this simplified GUI.  Lets say i am a VMware admin, and i have a normal environment with blades, running vCAC, vCOPS and doing some really cool things.  My company decides EVO:RAIL is a great fit for a remote office that needs servers onsite, but doesn’t want a full blown setup.  I can still use the same tools i use today, vSphere Web Client, vCAC, vCOPS, etc to manage, deploy and monitor my new EVO:RAIL clusters.

VMware did also make mention of EVO:RACK.  It is still in tech preview, so think alpha stage.  This will be the fully blown out, mega datacenter version of EVO.  This will involve top of rack switches, full storage platforms, Rack-Mount servers, more vSphere components such as NSX, vCloud, etc.  This could be very very interesting and i’d love to see more about it, however they aren’t talking much about it in any sessions or over at the booths.

I will keep some of my opinions on the product line until i can get to touch it and play with it more.  Right now it seems like something i wouldn’t get much exposure to, as World Wide tends to go after the larger companies, who typically want or need to do a more traditional “build your own” solution.  It is still an interesting leap, and something that could become very powerful, especially once Rack is available.

First General Session

The first VMworld Keynote is now over.  There has been a lot of really interesting information presented this morning.  VMware has announced information around their business approaches, recommendations to the community at large as well as some cool product announcements.

They started off the session with some neat looking dancers that was quite different.  The CMO then began to discuss the Golden Gate Bridge and how it was revolutionary when it was conceptualized and built.  She then talked about how building bridges between products and areas of technology are important, as are pushing the traditional boundaries.  Change is always happening and it’s not a scary thing.  They continued this theme throughout the entire presentation.

As an engineer who works for a company that is always changing internally, as well as somebody who works at customers sites typically deploying platforms and solutions that will cause a lot of change for the customer, i couldn’t agree more that change is a good thing.  Yes it can be scary, but in this industry the minute you stop moving, your out of date.

VMware’s big announcement is EVO.  It is their hyper-converged platform, bringing compute, storage and virtualization into one unifiying platform.  This is the previously rumored MARVIN product.  They are using various compute hardware that runs VSAN for storage and NSX for networking.  The first release is EVO:Rail, this is targeted at Medium businesses.  There are a variety of hardware vendors that have partnered up with EVO:RAIL, interestingly enough both HP and Cisco are NOT one of the partners.

They have also released vCloud Suite 5.8 along with vCloud Air.  vCloud Air is the newest version of vCHS.  It has a lot of increased functionality over vCHS and is something that is pretty intriguing.  It is currently in Beta and actually available right now using minute billing.

They also then had a few customer talks which were pretty neat.    Anyway there is more to come around these topics.  For now i’ll post a few links to more information.

VMware EVO:RAIL

vCloud Air

 

Good Morning VMworld Attendees

Good Morning,

Today is the real start to all of the action at VMworld.  Last night there was the “Welcome Reception” down in the solutions exchange.  I was actually really impressed with the amount of attendees that were there last night.  In fact talking to a few of the vendors they were also as surprised by the numbers.   In addition, last night there were a variety of parties, including #VMunderground.  I heard it was a blast, unfortunately due to my back i had to bail early.

This morning i am sitting in the Hang Space, meeting quite a few cool people, waiting for the General Session to start.  I am expecting and hoping for some really cool information to be delivered.  I am expecting a very interesting and exciting keynote.

There looks to be some really neat Hands-On Labs.  I recommended heading there in the middle of breakouts, lunch, etc.  Thats when it is typically WAY less busy.  I do like how they are breaking out the lines into general “technologies” so that you can possibly get to the Lab you want quicker then waiting in one giant combined line.

I do recommend attending as many breakout sessions as possible.  There are some really good looking ones out there.  There is a LOT of NSX stuff, which i have a bunch registered for.  There is also some neat ones around EVO, which looks to be very very interesting.

Anyway, everybody enjoy today, make sure you see as much as you can.  Enjoy the technology, the people and the celebrations later.

Finally!! UCS Monitoring software announced!!

I am really excited for this product.  One of my biggest complaints i have about UCS, and customers agree, is that there is no excellent monitoring and reporting tool.  I haven’t seen it yet so i’m not going to go into detail about it, however here is the announcement link that has some pretty cool information on it.

 Cisco UCS Performance Manager

 

Micro-Segmentation on NSX!!

I recently attended a really cool presentation by Scott Lowe about the ability to do Micro-segmentation with NSX.  This is, in my opinion, the biggest use case for NSX and something that impresses me a lot.

Before we deep dive on what is NSX & Micro-Segmentation, first where do most of us stand today with our networks in regards to security.  Most environments use a Perimeter type security model.  Unfortunately, it tends to not be very resilient and can have a lot of issues.  First off if your able to breach this “shell” and get access to the interior servers you typically have a pretty open environment.  There is typically little security protecting East/West traffic between servers, coupled with the ever increasing network traffic between these servers its fairly easy to hide any rouge traffic while attacking other servers.  Once you have access and control you can then launch your attack when its best.  A perfect example of this is the recent big box stores, Target for example.  The attackers got in and waited some time before actually stealing data.

How can we best combat this today? The best option is to utilize a Least Privilege or 0-Trust security model.  This puts firewalls between everything, all servers both North/South and East/West.  I have actually seen a customer do this, not only did they spend a TON of money on both physical and virtual firewalls but it was an administrative nightmare.  They had a lot of touch points and one of the biggest problems was actually identifying rules and what they did, and why they were there.  There were rules still in place for servers and applications that had been decommissioned earlier.  It also was a nightmare to try and open up ports between applications and equipment.  They had to touch multiple firewalls all while trying to monitor the traffic to catch those ports that vendors don’t always list in their docs about “needed firewall ports”.

NSX and its Micro-Segmentation is an awesome answer to this problem!  NSX at its heart is Network Virtualization. NSX allows us to decouple the Network from the hardware and allow centralized management of this decoupled network.  With NSX we separate out the various network “planes”.  First, there is the Management plane, this is typically vCenter with the Network & Security Plugin installed.  This is where we define all the various rules and policies.  Next, the Control Plane. This is NSX Manager & NSX Controllers. This is the decision maker and controls the rules states as well as their definitions and keeps track of everything.  Finally we have the Distributed Data planes, these are all the modules loaded into all of the ESXi hypervisiors, and enables the Distributed Routers, Distributed Firewalls and switches.  This is where all the actual packet switching happens.  All of the configurations can be manually done or can use various REST APIs to do some automation, typically with vCAC.

Ok, now that we know what the basic NSX is, why is micro-segmentation so awesome?? NSXs Micro-segmentation allows us to implement a true 0-Trust Model security policy, easily and without the complication and huge costs and administration overhead that it typically takes.  We can now put an intelligent firewall and routing between every single VM!!  The part that is really cool is that we are doing this at the hypervisor level.  This allows the traffic to not have to “hairpin” to go through a firewall or router.  The traffic is typically analyzed at the originating vnic level.  (It can be done on the receive side, but isn’t recommended)  The rules are also dynamic and follow the VM wherever it goes in the environment.  The rules are removed if the VMs are off or deleted.  They are re-created when the VM is powered on, and CAN be automatically created when a VM is provisioned.

NSX Micro-Segmentation allows us to have the datacenter security sit in a “sweet spot”.  It is close enough to the VMs and workloads that it can provide intelligence of workloads and granular control.  However, unlike many agent based tools that can provide this level of intelligence and granular control, the security features are in the hypervisor and not in the VM.  This allows a compromised VM to still have all its security features intact.  In fact as we’ll see later on, NSX can potentially recognize the compromise and perform specific actions against the VM.

NSX allows for a very flexible network design.  At a very high level it is comprised of three main types of “tenants” or types of networks. We can Isolate networks from each other.   We can also Segment networks, which means we can allow certain types of traffic between various points.  Finally NSX allows us to bring in more “Advanced Services” via 3rd Party applications that plugin to NSX.  Lets dive into each more.

Isolation networks allows us to create just that, completely isolated networks.  These networks have absolutely no knowledge of each other.  They also have no knowledge of the underlying physical connections.  They could both be running over a big flat network and still not see each other.  They can have the exact same IP space as well.  This is excellent for keeping Dev, Test and Production networks separate, yet all running within the same vSphere Environment!! This is also used for multi-tenant environments, where the workloads shouldn’t ever see each other.

Segmented networks are most common types of networks, these are the traditional 3-teir App scenario. Without NSX, typically you’d have a Perimeter firewall, a DMZ then the inside firewall or firewalls that lead to various networks.  The rules are always in place on the firewalls no matter what the workload states are.  The rules also have to be manually inputted into each firewall, and moved in some cases if workloads move, depending on network design. With NSX we have some flexibility and choices.  We can create logical networks per group, app, BU, etc and then apply the rules to each VM.  We can also be a bit silly and just dump everything onto one giant logical switch and apply the rules to the VMs that way.  Either way is the same result, the rules are applied at the VMs, the logical networks can be designed however makes the most sense for the environment.

The “Advanced Services” functions of NSX brings a lot of really neat functionality and intelligence to traffic flows that weren’t really possible before at the scale and easy of administration that NSX brings. With NSX can setup the firewalls to do intelligent and dynamic routing.  We can send traffic through a Malware scanner and then based on the output of the scans, we can do different things with the traffic.  You can also send traffic to a deep packet scanner.  You can also just pass the traffic straight to its destination.  With these advanced services we can build If/Then type rules for the traffic.  For example, if traffic is sent to TrendMicro and a virus is found, NSX can quarantine it and not allow the VM to pass any traffic until its resolved.  Also, if during a scan, a big vulnerability due to old software is found, NSX can then monitor all that VMs traffic via IPS until fixed.  If a different scan is run and it finds sensitive data, we can encrypt the traffic and restrict it while its investigated.  I think this is a very very neat feature, and something that should make both network and security guys very happy! There are a bunch of vendors that are providing various plugins for this, such as, Rapid 7, McAfee, PaloAlto, Symantec & TrendMicro.

One thing that Scott mentioned that makes a ton of sense and is really cool is around Security Groups.  Security Groups allow the administrator to group VMs together logically using a variety of static and dynamic variables, such as Datacenter, Virtual Machine, vNIC, OS Type, User ID, Security Tag (applied by IPS, Malware scanner), etc.  Then various policies you create, Firewall rules, send to IPS, etc, are then applied to given security groups and tags within the group.  In reality this is the only way to really do NSX at any real scale.  It would be very time consuming to create rules for each and every VM.  By using the security groups VMs can become part of the groups and get certain policies applied to it automatically.

NSX and the Micro-Segmentation feature are all very simply managed within the vSphere Web Client. If your still using the old .NET client, you need to stop or you’ll be very very sad in the near future.  These are all under the Network & Security plugin.  This is where you can create your Security Groups along with their elements or attributes.  You also create all your various policies here.  You can also view all the events, and logs here.  There is also an area where you can View all of the traffic flows from VM to VM, and even create rules against the seen flows.  It does make it a bit easier to create the rulesets from real flows rather then trying to set them up ahead of time, if you’d like.

One thing that Scott also mentioned were a few use cases for this micro segmentation.  There was one use case that i actually will be exploring more in depth in the near future because it interested me a lot.  He mentioned that an admin can use NSX and Micro-Segmentation with VMware View.  In a very typical VMware View design there tends to be various pools for different user types, such as internal workers and external or offshore users who shouldn’t be able to access certain things, or setup of different pools for dev teams who only should be accessing their development machines.  This usually means different VLANs, with firewall and routing rules to accomplish this segmenting.  However, NSX can apply firewall & routing rules based upon a logged in User ID.  This means you could actually have a single pool for all our users on a single flat network and because NSX can apply the locked down firewall and routing rules to the VM when a “restricted user” logs in, we accomplish the same goal as the more complicated setup.  Now thats awesome!

Now Scott had a lot of really interesting slides and visualizations in his presentation that unfortunately i can’t use.  I would look for more information at VMworld.  In addition there is a good White-Paper here.

 

 

Not sure i want the Internet of Everything

I not so sure i want the Internet of Everything!!

While the idea of having more things in our life be available to the internet is cool.  It allows things to be interconnected and brings an intelligence and ability to automate things in a way that was only seen in “visions of the future”.  Even just 10 years ago the idea of being able to automate things, even at home, was something that was available to only the very rich and involved such elaborate and complicated setups that you needed very expensive equipment and people to get it working.  Now Lowes sells a DIY kit to do home automation.  Heck, there are refrigerators that have internet access!!

Now the “home market” isn’t really the biggest push for the Internet of Everything.  The big money is in your large companies and utilities.  One of the biggest pushes is your utility providers to create a “Smart Grid”.  Being able to provide better intelligence and automation to the power grid, water supplies, even traffic control devices is something that is desired.  I’ve done projects for some large utilities that are doing exactly that.  Putting smart meters in that have internet connectivity baked in.  Traffic lights that can communicate with each other about traffic patterns and adjust automatically already exist in many areas.

However, lets be totally honest here, there is a reason that “password” is typically in the top 5 of passwords in the world.  People either don’t fully understand or are lazy about security.  My biggest fear is that various manufactures, esp ones trying to cut costs are going to want to jump on the bandwagon of “automation” and “connected devices” and forget about securing them.  Now i’m not of the tin-foil hat variety, but lets be honest there have been a lot of high-profile security breaches lately.  Now for every Target and Adobe there are 10,000’s of smaller breaches.  These range from simple causing havoc, to major theft of PII (Personally Identifiable Information) and money.  Now imagine the wrong people getting into the “Smart-Grids”, and causing really really big problems.

As much as a tech geek i am, i think i’ll wait a while before i start to get too nuts with my own entrance into the Internet of Everything.