In my last post, we started down the path of reviewing parts of the discussion I had with FullArmor's CTO Danny Kim. Throughout that post Danny was talking about FullArmor's background and how their Azure based solutions: AppPortal and PolicyPortal came into existence. In this post, we continue to dive further into the really great background story that Danny was telling and learn about how FullArmor's solutions are actually be put to use to solve some very real problems in an emerging market.
In the first post, we stopped the discussion just after Danny had mentioned about working with the government of Ethiopia. Naturally, my curiosity was peaked. Here we have FullArmor, an American based technology company that was in the process of finalizing the code base for two new products which are built on Microsoft's "bleeding" edge cloud based services platform Azure. And, on the completely opposite side of the spectrum is the government of Ethiopia, which is an emerging market. Talk about going from point A to point Z. I asked Danny to explain.
"Well, our typical customers are the large IT organizations of the world such as: Wal-Mart, Boeing, Bank of America, CIA, and FBI. What happened was... and again timing and luck... and there is a saying that luck favors the prepared and guess we were prepared. It so happens that a systems integrator... Actually, going back 2 or 3 years ago, there was this Ethiopian gentleman that had this passion to help his country upgrade their education systems so that they could fight poverty, illiteracy, and so on. He got together with a local systems integrator in Seattle which was called SQL Soft. Together they pushed forward a project that got funded to provide a laptop to every teacher so that they could stay connect, receive curriculum, so that they could get tracked.
Unfortunately, the problem was, how do you... there is 250,000 teachers or more in Ethiopian. The government's question was, "How are we going to manage these guys?" After all, it's an emerging market with rolling blackouts and spotty Internet service. In fact, I have a picture that I show when doing presentations that is of their datacenter. Literally, I have a more powerful set of machines at my home then they do at their government offices. So they were like, "it's going to take 5 to 10 years to build out a datacenter". And, even then there are still a number of infrastructure issues that needed to be solved."
Technology is a great equalizer when it comes to education. However, doesn't always seem that technology related social projects are consistently challenged by the lack of infrastructure. It's almost the chicken before the egg issue. How to do deploy technology to those that really needed it when they lack the very means to use it. In other words, the sad fact that we continue to engineer technology that has a very hard time operating in the "real world". So for me to hear that a very cutting edge solution is being brought into one of the worst possible operating environments, and succeeding (as we learn later), that brings a smile to my face.
"Well we already have a relationship with SQL Soft from past training and Group Policy work. So, the SQL Soft guys approached us and said, "We know you guys do stuff around end-point management." Well they didn't know about the stuff were doing on Azure at the time. So their next question was, "Do you guys do anything around this to solve these types of problems?" My first reaction was, "Actually we do! We just ported this application to the new Azure environment and it is very scalable." They said, "That is great, can you put a pilot together and help us present the solution the Ethiopian government".
So, after we did the port, literally a month later, is when I scheduled a flight to go out there. We did a small pilot to show that the solution worked, we could manage machines remotely, our cloud service was running in the cloud and accessed through a browser with a Sliverlight UI. Then we demonstrated to the cabinet members and the next day they signed on."
Wow... Talk about timing! After all, at that point in time, FullArmor's applications were one of the only Azure based solutions in the market and one of its first deployments is in Ethiopia! Obviously, my next question was how FullArmor was able to work around the "real" bandwidth issues that exist in that country. After all, Ethiopia is the 15th most populous country in the world (~85 million people). However, their infrastructure rating is still very low when compared to other nations. For example, in 2007 they only had an average of ~300K Internet users which is one of the lowest per-capita magnitude in the world.
So, when you throw in the fact that PolicyPortal is an end-point management tool. Plus, AppPortal is used to distribute App-V applications. And, the Ethiopian government wanted to also use the solution to distribute information to the teachers. It would seem that the lack of bandwidth would cause the whole solution to be a failure. Luckily Danny explained why this was not the case.
"That was our biggest challenge and how we solved it has been generating a lot interest as well. Actually, anti-virus is another part of our solution. Most of the machines in Ethiopia have an average of 4 to 5 viruses on them. However, a lot of those machines also have anti-virus software installed. The problem is, because the bandwidth is poor and latency is so high. Once you install the anti-virus software that is the only time the signature file is up-to-date. We found that almost every anti-virus product signature file updates were breaking because of the shoddy bandwidth. So, we have a couple of anti-virus vendors that we have integrated with where we replace the signature file delivery mechanism with our agent. Our agent technology was designed to work in and accommodate these harsh environments.
For example in Ethiopia, I saw latency times of up to 6 seconds. Most products break because they timeout. So our agent accommodates for that. We understand that this may take awhile so we keep the sockets open and we make sure that the agent is online and active to handle high latencies found in these environments. Additionally, we also optimize packet size. For example, if the connection is high latency - high bandwidth or low bandwidth -low latency we determine the best packet size for that connection.
Its kinda like the differences that might be found with some VOIP vendors and the quality the voice over different connections. This is what our agent does, and we were able to show that it actually works. We can download megabytes or even hundreds of megabytes... like the signature files... the initial download is 400MB for some of the anti-virus vendors. We can also send the App-V packages which can be anywhere from 20MB to 200MB. It would just take longer, but our agent stays in there and gets it downloaded."
Now... what is interesting about all of this is that the agent we are talking about is based on FullArmor's previous software efforts. Not something that they developed just to deal with the challenges of Ethiopia. I mention this to Danny, and stated how all the cards really fell into place for them. He chuckled and again stated that "Luck favors the prepared..."
So in the end, that is the story about how a cloud based solution came to be deployed in an emerging market to help solve a social issue.
If you like this, check out some other posts from Tyson:
Or if you want, you can also check out some of Tyson's latest publications:
Lastly, visit the Microsoft Subnet for more news, blogs, and opinions from around the Internet. Or, sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert)
With more than ten years of experience in IT, Tyson Kopczynski has become a specialist in Active Directory, Information Assurance, Windows automation, PKI, and IT security practices. Tyson is also the founding author of the Windows PowerShell Unleashed series and has been a contributing author for such books as Microsoft Internet Security and Acceleration (ISA) Server 2006 Unleashed and Microsoft Windows Server 2008 Unleashed. He has also written many detailed technical papers and guides covering various technologies. As a consultant at Convergent Computing, Tyson works with and provides feedback for next generation Microsoft technologies since their inception and has also played a key role in expanding the automation and security practices at CCO. Tyson also holds such certifications as the Certified Information Systems Security Professional (CISSP), the SANS Security Essentials Certification (GSEC) and SANS Certified Incident Handler (GCIH), and the MCTS (Application Platform, Active Directory, and Network Infrastructure).
Certifications:
Publications:
Other Stuff:
The Leader in Network Knowledge
Post new comment