Oracle plans aggressive fight with EU over Sun takeover

Oracle is planning an aggressive fight with European regulators if its attempt to take over Sun is slapped with a statement of objections in the coming week, said people close to the company Wednesday. The European Commission declined to comment on the reports, but confirmed that if such a step was to be taken it would have to be taken soon, in order to allow enough time for procedures leading up to the Jan. 19 deadline for a ruling. "The ball game would change dramatically if the Commission issues a statement of objections," said one person familiar with Oracle's thinking who insisted on anonymity. Unsourced news reports that a statement of objections is imminent surfaced earlier Wednesday. He added: "Oracle has been holding back until now, and contrary to what the Commission says it has addressed the substance of the Commission's concerns about the deal in huge abundance." When the Commission opened an in-depth probe of the Oracle-Sun deal at the beginning of September, it said it was concerned about the deal's impact on the market for software that runs corporate databases.

Oracle is unwilling to sell off MySQL because it is "a strategic imperative of the deal," the person said. Sun owns MySQL, an open-source challenger to the big three makers of proprietary database technology: IBM, Microsoft and the market leader, Oracle. Oracle needs MySQL in order to compete with Microsoft in markets such as the one for small and medium-size corporate clients, he said. "This deal is the most transformational deal in the history of the IT industry. The frustration with European competition regulators is palpable, she said. It will enhance competition, not erode it, by creating a more viable counterweight to Microsoft," another person close to the merging companies said, also on condition that she wasn't named.

The European Commission was notified of the deal at the beginning of August - a time when many Commission officials are away on holiday. It can send a review off in the wrong direction. The chances of getting a quick thumbs-up in Brussels were not strengthened by the timing, as less-experienced officials were left to handle the notification, she said. "It's not ideal to have your deal handled by the B-team at the start. It looks like that's what has happened with Oracle/Sun," this person said. In reference to the most controversial merger ruling by the Commission in recent years, he said the transatlantic political storm that would be unleashed if the Commission blocked Oracle/Sun "would be like GE/Honeywell on steroids." General Electric's planned takeover of aeronautics firm Honeywell was cleared in the U.S., just as the Oracle/Sun deal was.

If the Commission does issue formal objections to the deal it will mean war, said the person familiar with Oracle's thinking. But it was blocked in 2001 by the European Commission. Although the political landscape has shifted dramatically with the arrival of Barack Obama in the White House, the person close to Oracle said the political fallout from a European prohibition of the Oracle/Sun deal would be even more intense. "While GE was arguing with the Commission, not one job at Honeywell was lost. During the buildup to that ruling, senior U.S. politicians including President George W. Bush intervened to try to save the deal. Sun has lost thousands and faces going out of business if this deal fails," the person said, pointing out that GE/Honeywell happened when the U.S. economy was strong, unlike now, when unemployment has reached almost 10 percent in the U.S.. "Senior politicians including Speaker of the House Nancy Pelosi are ready to intervene on Oracle's and Sun's behalf but have been asked to hold fire for now," he said. Pelosi has close political and personal ties with Sun's hometown of San Francisco. "If the Commission issues an SO (statement of objections) in the coming week it will be gloves-off time - no more holding back," the person close to Oracle said.

Unpatched SMB bug crashes Windows 7, researcher says

A day after Microsoft plugged more than a dozen holes in its software, a security researcher unveiled a new unpatched bug in Windows 7 and Server 2008 R2 that, when exploited, locks up the system, requiring a total shutdown to regain control. Laurent Gaffie posted details of the vulnerabilities, along with proof-of-concept exploit code, to the Full Disclosure security mailing list today, as well as to his personal blog. Microsoft acknowledged that it's investigating the flaw.

The attack code, said Gaffie, crashes the kernel in Windows 7 and its server sibling, Windows Server 2008 R2, triggering an infinite loop. "No BSOD [Blue Screen of Death], you gotta pull the plug," Gaffie said in notes inserted into the exploit code . Gaffie claimed that the exploit, powered by a vulnerability in the new operating systems' implementation of SMB (Server Message Block), could be successfully launched from within a network from an already compromised computer, or used to attack Windows 7 machines via Internet Explorer (IE) by transmitting a rogue SMB packet to the PC. Unlike more serious flaws, the Windows 7 SMB bug cannot be used by attackers to hijack a PC, Gaffie confirmed. "No code execution, but a remote kernel crash," he said in an e-mail today. None of the 15 affected the final version of Windows 7, which was released to retail Oct. 22, or affected Windows Server 2008 R2. Gaffie also said that Microsoft's security team has acknowledged the vulnerability, which he first reported to them last weekend, but was told by the company that it wasn't planning to fix the flaw with a security update, instead perhaps correcting it in the first service packs for Windows 7 and Server 2008 R2. A Microsoft spokesman confirmed that the company is looking into Gaffie's claims. "Microsoft is investigating new public claims of a possible denial-of-service vulnerability in Windows Server Message Block," said the spokesman in an e-mail reply to questions. "Once we re done investigating, we will take appropriate action & [which] may include providing a security update through the monthly release process, an out-of-cycle update or additional guidance to help customers protect themselves." Gaffie's disclosure came just a day after Microsoft issued November's security updates , which patched 15 vulnerabilities in Windows, Windows Server and Office.

Nortel users should hope for best, prepare for worst

Users should chart the progress of Avaya's purchase of Nortel's enterprise assets carefully, so that they are spared any unpleasant product integration or rationalization surprises. Avaya last week also won court approval for the purchase. Product overlap, consolidation and subsequent support are the biggest issues facing Nortel enterprise customers on the heels of Avaya's $900 million purchase of that business.  Avaya last week emerged as the winning bidder for Nortel's enterprise business, beating out Siemens Enterprise Communications for the asset. The rise and fall of Nortel Now comes the uneasy task of sifting through the product portfolio and eliminating redundancies - an ordeal that could leave Nortel - and even Avaya users - with a shortened lifespan on their investments. "Like an onion, there are lots of layers," says Nortel customer Bruce Meyer, director of network services at ProMedica Health Systems in Toledo, Ohio. "Let's see where they go from here." "There may be some surprises there," says Bob Hafner, an analyst with Gartner. "These are going to be two large companies coming together.

These things never go without issues, problems or concerns." Significant overlap is expected in the IP telephony/unified communications portfolios of both companies - such as IP PBXs, handsets and call management software. It's not the easiest thing to do. Avaya is the leading revenue market-share vendor in enterprise telephony, according to Dell'Oro Group, while Nortel is No. 4. Little to no overlap will be found in routers, switches and other infrastructure products, where Nortel has a significant market share and installed base. We need a reliable infrastructure." "The biggest issue for users is, 'Show me the [product] road map,'" says Henry Dewing of Forrester Research. "They want to see hardcore product plans and how they are going to actually consolidate product lines." Avaya has pledged near term support for the Nortel enterprise products, including those serviced by Verizon, a Nortel reseller. Indeed, Meyer believes Nortel routers and switches will be less susceptible to discontinuation than the VoIP products, because Avaya has virtually no data products. "With Avaya, there's not a lot of strength in enterprise data," Meyer says. "[Avaya] will want to know that the infrastructure is good. Verizon filed motions last week seeking assurances that Avaya would continue to support the Verizon accounts, which the carrier says include many federal law enforcement agencies.   "I'd be surprised if that issue doesn't work itself out," says IDC analyst Abner Germanow of the Verizon/Avaya scuttle. "I'd have a hard time believing they'd leave the U.S. government out to dry." Longtime users such as Meyer and Promedica would also like support assurances.

To that end, Avaya kicked in $15 million for employee retention, on top of the $900 million purchase price for Nortel Enterprise Solutions. In addition to product direction, Meyer hopes the relationship his company has had with Nortel sales, service and support representatives remains intact. Nortel enterprise chief Joel Hackney said last week that Avaya could retain as much as 75% of Nortel's enterprise staff, though he would not say how many the unit employed. We're talking about lots of long-term relationships. Published reports, however, stated that Avaya may only retain 60% or less of the Nortel enterprise workforce, a situation that troubles Meyer. "My concern is reduced staff," he says. "What are those reductions going to mean? Brand loyalty comes from post-sales support.

IDC's Germanow is advising Nortel customers to accelerate any assessment or planning activities in light of the Avaya takeover. "They should figure out where their own needs lie and how to most effectively migrate," he says. "They should hold companies to their multi-vendor visions - that open means open." Meyer, for now, is holding fast and not contemplating any alternative vendor options in light of Avaya's takeover of Nortel's enterprise business. "This is still a wait-and-see scenario," he says. "How much of this will be a replay of Bay/Nortel?" he asks, referring to Nortel's 1998 acquisition of Bay Networks, which largely crippled the No. 2 player to Cisco in routers and switches. "This is going to be really interesting to watch." If those relationships change because of staffing changes, that would be a big deal." Gartner's Hafner agrees. "Customers need to pay attention to what's going on in the [merged] organization" to detect any potential distractions or turf battles or downsizings that may adversely affect them, he says.

Obama calls on Americans to help with cybersecurity

U.S. President Barack Obama has urged Americans to help guard against cyberattacks in a first-of-its-kind video published on the White House Web site. "Our digital networks are critical to our national security, our military superiority and public safety. He called the threat of cyberattacks one of the most serious economic and national security challenges faced by the U.S., and urged businesses and individuals to take greater care online. But that dependence also makes us vulnerable to cyberattack from those who would do us harm," Obama said in the video. Obama said he will "soon" appoint a cybersecurity coordinator to lead a new government office responsible for making sure that defending the country's networks becomes a national security priority.

In August, the former head of cybersecurity for the administration resigned and told the Washington Post that she was tired of waiting for the new appointee. He first announced the new office in May and has been criticized for not appointing a leader for it sooner. In his video address, which the White House called the first of its kind by a U.S. president, Obama said the private sector, which owns and operates most of the networks, has a responsibility to secure them. He urged people to follow three basic security principles: -Keep security and software systems up-to-date and beware of suspicious e-mail, -Always know who you are dealing with online, -And never give out your personal or financial information until you verify the recipient is legitimate. He called for public-private partnerships to ensure security and privacy. "Ultimately it comes down to each of us as individuals," he said. The National Cyber Security Alliance praised the president's call to action.

The White House had earlier designated October as cybersecurity awareness month.

Enterasys revamps high-end Ethernet switch line

Enterasys this week is introducing a major upgrade to its Ethernet switch line in an effort to better serve converged networks, including those that are heavily virtualized.  The S-Series boasts an almost fourfold increase in switching capacity and a 10x increase in throughput over the predecessor N-Series, plus greater 10G port density. All that, plus efficient Power-over-Ethernet provisioning, should enable customers to better network VoIP, wireless LAN and assorted data center products, including those from Siemens Enterprise Communications Group, the outfit Enterasys merged with last year. In addition, the switches come with improved policy-based security features, a traditional Enterasys differentiator. The rollout also could catalyze Enterasys' share of the $19 billion Ethernet switching market, which has been essentially flat (Dell-Oro Group says the vendor's share was 1.3% in the third quarter of 2007 and 1.1% as recently as the second quarter of 2009). Analysts say it's about time Enterasys refreshed the top line.

For virtualized environments, the S-Series can be configured and policy-defined to identify virtual hosts supported by VMware, XenServer and HyperV hypervisors and assign ports, access controls and class of service parameters for each, Enterasys says. The N-Series is several years old, and though enhanced several times over that period, it still wasn't fully convergence capable. "They ran out of room on the backplane of the N," says Steve Schuchart of Current Analysis. "Different sheet metal is required – if you need S-Series capability, you need a new switch." The S-Series switching line is comprised of 1U, 3-slot, 4 -slot, and 8-slot chassis, depending on the application: a network edge access switch, distribution layer switch, a multi-terabit core router, or as a data center virtualization system. These policies can then follow the virtual server as it moves around the data center, the company says. Total switching capacity for the S-Series initially is 1.28Tbps and throughput measures 950Mpps, Enterasys says. For cloud computing, Enterasys says the S-Series can identify on-demand applications, automatically prioritize them based on user ID, and authorize and control network access.

The S-Series backplane, though, is designed to support greater than 6Tbps of capacity, the company says. The system is capable of 160Gbps per slot supporting up to 128 10G ports, 100 more than the N-Series. The N-Series topped out at 1.68Tbps and 94.5Mpps. This capacity also prepares the switch for 40/100Gbps Ethernet, expected next year. They include: • Automated provisioning of virtual and physical server connectivity; • A distributed switching and system management architecture; • Self-healing functionality, in which switching and routing applications are distributed across multiple modules in the event of a module failure; • Multiple discovery methods, such as Cisco Discovery Protocol and LLDP-MED, to identify and provision services to IP phones and wireless access points from major vendors; • And automatic upgrade, reload or rollback of firmware on each module. "One of the real potentials of the switch is that you're going to be able to put rules on there that go all the way down to Layer 7," says the telecom manager of a major American university, and a large Enterasys customer who asked not to be named. "That switch has a lot more capability when it comes to policy and rules." But a disadvantage, he says, is what Schuchart alluded to in "different sheet metal" - the S-Series modules will not work in the N-Series chassis.

The S-Series also includes many standard features that competitors might charge extra for. The S-Series also does not support virtual switching, or chassis "bonding," in which a user can combine switches into one to pool bandwidth to increase performance. The S-series is expected to compete squarely with the Catalyst 6500 and 4500s from Cisco – Enterasys claims the S-Series switches cost 20% less and are more than four times as power efficient as those products. It's akin to Cisco's Virtual Switching System 1440 capability for its Catalyst 6500 switches. The university customer says that chassis bonding feature may be added to the S-Series in a year or two.

But the code base for the switches remains the same, says the user, who adds that he expects to replace roughly half of his 127 N-Series switches with the S-Series over the next three years. "We're real excited about the product," he says. "We'd buy more if we could." Enterasys S-Series products are priced from $15,995. Enterasys is the network infrastructure division of Siemens Enterprise Communications Group.