Security and Behind-the-Firewall Search
March 4, 2008
In June 2007, I had a useful and informative meeting with several members of the Oracle Secure Enterprise Search team. SES10g was, at that time, the Oracle offering,. Our informal discussion turned to the topic of what mattered most to buyers of enterprise search systems.
My recollection of our conversation was that many buyers are unsure about the features on offer from most vendors. Oracle’s viewpoint — and I am paraphrasing — is that security is one of the most important considerations. In some cases, it is the most important single factor in a search system. Other features like finding similar documents are mostly marketing sizzle or lipstick on a barnyard animal. Demonstrations of collaborative functions and visualizations capture attention. But, at the end of the day, security remains the foundation principle.
Coincident with the AIIM (Association of Information & Image Management) conference in Boston, Massachusetts, this week, Oracle issued a news release which you can read here. The core of the release is that security is the watchword for an Oracle search and information solution.
Oracle’s approach to security is well-conceived. Like other vendors, the Oracle security system is “aware” of access control information. However, instead of using these flags, the Oracle approach uses a security subsystem that provides robust, role- appropriate access to content within the system’s repository within an enterprise-wide search solution.
In a nutshell, the Oracle approach uses a separate server and software sub system that performs security functions. In effect, Oracle becomes the security mechanism for the licensee. There’s no reluctance on my part to applaud Oracle’s engineering of its security server sub system, its wealth of administrative controls, or its extensibility.
My question is, “Does security trump other behind-the-firewall search system features?”
My view is that for certain clients, security takes precedence over cost, ease of use, and the zippy features such as assisted navigation capture customers’ attention.
Customers who value security include the intelligence and law enforcement markets, financial services, pharmaceuticals, and regulated sectors such as health and medicince. When Oracle battles for a license deal in these markets, it sells against other carrier-class vendors of search and retrieval.
When Oracle or another high end vendor makes a sale, the customer may discover that third-party solutions are needed to provide certain needed features; for example, point-and-click assisted navigation interfaces. Then, if a third-party solution is not appropriate for these customers, Oracle can provide the consulting, engineering, and code components to build what’s needed. Custom coding is less of a barrier for a large organization. Smaller organizations may find that the Oracle- or Oracle-type solution is not appropriate.
As the interest in search and retrieval filters downward from the largest organizations to the much larger mid-market and small-market sectors, an opportunity exists for a security-enhanced solution that is more nimble. I see Google’s evolution of its Search Appliance as a move in this directioin. But some vendors of behind-the-firewall search systems lag behind Oracle’s industrial-strength approach. Google has with each release of its Google Search Appliance enhanced its security features and functionality.
I also cannot recall an unremediated security problem with the search systems we track. Sure, there are lapses caused by poor upgrade procedures and flawed security work flow processes in particular organizations. But, by and large, most vendors’ solutions depend on the larger security infrastructure, administrative configuration controls, and existing security practices. Most vendors “snap in” to a licensee’s existing security system.
In my view, Oracle should be commended for keeping this issue front and center. But, as most security professionals will assert, a security system boils down to the behavior of individuals. No matter how stringent the security system is, that system can be compromised by one person’s actions.
Therefore, I don’t see much change in the positioning or marketing of behind-the-firewall search systems. Oracle is flying a security flag, and it will attract those customers who perceive security as job one for search. However, in the broader market, security is one aspect of a search and retrieval system.
Marketers of behind-the-firewall search systems will beat these drums:
- Assisted navigation to help alleviate resistance to the naked search box
- Reports that answer questions instead of laundry lists of results
- Search embedded in applications so the user doesn’t have to take step out of a work flow to get needed information.
I heard that Oracle Applications, a unit of Oracle, is supporting the Google Search Appliance in some client installations. If true, this suggests that security alone is not a cure for search ills. Large organizations do mysterious things in order to satisfy customers. That’s just business today.
Security, it almost goes without saying, is assumed or expected. Vendors who are making an effort to provide licensees with systems that reduce the administrative costs of search have a very compelling value proposition — reduced cost and complexity. Looking forward, simplicity, ease of use, and user satisfaction are going to be more compelling in the mid-market.
There are several important areas of contention in the behind-the-firewall search sector. At the high-end, the super platforms compete. This is the seven figure enterprise search market where IBM, Microsoft, Oracle, and SAP battle. These are customized solutions, and the search system often consists of multi sub systems and work flow integration.
The mid market is the emerging battleground. Most of these organizations are on the hunt for a way to find, manipulate, and exploit their digital assets. A mid market firm may have $100 million in revenue but no single-point search system or even a workable unit-level search system. Many vendors are targeting this market sector because the super platform vendors have products that are too expensive, too difficult to administer, or too encumbered with expensive add ons.
The low end market is the largest, and it is almost prohibitedly expensive to hit mom-and-pop businesses. Search vendors find themselves competing with free solutions or “baked in search” features. These are good enough solutions.
The battlegrounds, therefore, will be the high end and mid markets. Different value propositions are needed for these markets, and at this time, the marketing messages conflict. Maybe picking one feature — security — is the way to cut through the clutter. In my view, I think that cost, ease of use, and user satisfaction are likely to be the more compelling messages in today’s business climate.
Stephen Arnold, March 4, 2008
SharePoint: Another “Free” Behind-the-Firewall Search System?
March 3, 2008
It’s 6 am in cheery Louisville International Airport, but the word “international” can be misleading. The news this morning is that Microsoft will roll out a “new” SharePoint search service. You can read the breathless InfoWorld story here. The announcement will be made, I believe, at one, maybe two, separate Microsoft conferences this week.
The “free” word is a powerful marketing tool for commercial firms. When it comes to behind-the-firewall search, “free” is a synonym for demonstration product. The set up, configuration, debug process, optimization, and operation of a search or content processing system come with some hefty costs. The license fee is, of course, the cost that the gullible seize upon. When you root around in the financial statements of publicly-traded companies in the search and retrieval business, you find that many are trying to follow in Verity’s pre-sell out footsteps. Specifically, vendors want to pump up consulting fees, making them carry the freight for earnings and growth. My recollection is foggy after seven consecutive days of travel, but Verity was generating more than half its revenues from non-license revenue. The number 65 percent pops in and out of my memory, but I’m going to have to dig through my files to verify this. As license revenues flat line (a common problem for some search vendors), cash can be generated by selling services. These are higher margin than a license fee with yearly maintenance fee add ons. Services can be open ended, and have a certain upside revenue charm for certain software vendors.
“Free” Search Systems: A Marketing Tactic
The idea is that you can install a working version of the program, get a sense of its basic features, and kick the tires. When we tested the “free” IBM – Yahoo Ominifind search system a few months ago, it worked quite well, but it had a document limit. My recollection is that most of the “free” systems have some type of governor on the system. The reason is that the “free” system is a way to qualify sales leads. When a user needs to process more content or perform some magic such as integrating the system into a third-party application, the vendor jumps with joy. A real sales lead has landed in her lap without booth duty, blogging, or hammer dialing.
Microsoft has jumped into the “free” fray with a beefed up search function for SharePoint. The SharePoint system has been in the forefront of the “knowledge management” revolution. The idea is that a Web-like interface makes it possible for a user to find, edit, share, and connect with colleagues, their documents, or related content. The word “portal” is sometimes used to describe this multi-function interface.
My sources tell me that SharePoint has more than 100 million users worldwide. This is a significant jump from the 65 million users I had learned in the fourth quarter of 2007. Microsoft SharePoint is on a roll. When we install a robust content management system designed to work in a Microsoft-centric environment, SharePoint is a required “server”. In fact, to make these high-end CMS systems function, we typically install SQLServer, Windows Server, and IIS (Internet Information Services), among others. I may be wrong in how I perceive this server conga line, however.
Microsoft Search Systems
In my analyses of SharePoint search in the first three editions of the Enterprise Search Report, I summarized these separate search systems for SharePoint.
- SharePoint search with a “blue” interface
- SharePoint search with a “green” interface
- SQLServer search
- Microsoft tool bar search
- Start button / Explorer search
- Microsoft’s http://search.live.com
Without repeating that 40-page analysis and tromping over the rights I assigned to CMSWatch.com, I can go into much detail about what each of these different search systems do. But what I can tell you is that there is not “one” search system available when you implement a SharePoint search.
What’s New?
The “free” system is Search Server 2008 Express. Express was rolled out last year and includes metatag functions so results can be sorted. You can also click on a colleague’s name and see documents written by that person. Keep in mind that SharePoint is not breaking new ground here. SharePoint is adding features that have been available from Certified Gold Partners like Coveo and Mondosoft, among others, for a couple of years. What’s new is that anyone will be able to download Express and give it a whirl. My understanding was that only certain customers would be able to experiment with the Express system. I don’t have a download link, which I think will be available in the near future. You can also download a version of Silverlight to hook visualization into search results. Again, this is a feature that has been available from such vendors as Inxight Software (now part of Business Objects and owned by SAP) for more than a decade.
Observations
I am intrigued with this “free” version of Express. When I look at it in terms of Autonomy, I see a counter to Autonomy’s UltraSeek solution. UltraSeek, developed when Steve Kirsch was at InfoSeek, is a useful system acquired when Autonomy gobbled up Verity in December 2006. Autonomy, according to my sources, has had some success upselling UltraSeek users to more robust search and retrieval solutions.
When I compare the different “flavors” of SharePoint search with offerings from Microsoft Certified Gold Partners, I am somewhat uncertain about the Microsoft approach. For example, Interse, a company with a modest profile in Harrod’s Creek, Kentucky, offers software that manipulates the metadata available in SharePoint repositories. Also, Fast Search & Transfer coded an adapter for SharePoint. With this code widget, a SharePoint customer could use the functionality supported by the Fast ESP (enterprise search platform). In addition, there are a number of companies offering enhancements to SharePoint.
The reason there are so many search, indexing, and content processing options for SharePoint boils down to two reasons in my opinion. First, Microsoft encouraged its partners to create these products. Second, the SharePoint search is not as easy to use for system administrators as it could be. (Forget “good” because most search and retrieval systems leave as many as two-thirds of their users griping.)
I will be interested to see how Microsoft handles the Certified Gold Partners who might feel a bit of competitive pressure. I’m also interested to see how the SharePoint platform will be mapped to the FAST enterprise search platform. (There are some areas of overlap and a few interesting technical issues to resolve.)
To wrap up, I urge you to download and install the Express search function. You are canny enough to know that you should check out these systems vendors as well:
- Coveo (Canada)
- Exalead (France)
- ISYS Search Software
- Mondosoft (now part of SurfRay in Denmark)
You can get a copy of Enterprise Search Report (now in its 4th edition) or place an order for my Beyond Search study, which will be available in April 2008).
SharePoint is a useful system, and it isn’t going to be displaced by a competitive system anytime soon. Keep in mind that it’s complex. You know behind-the-firewall search is complex. So “free” doesn’t mean with out cost. You will have to throw time, programmers, and effort at anyone’s “free” search system. That goes for anyone who offers a “free lunch” to you.
Stephen Arnold, March 3, 2008
Pandia Post’s Fast Search “Snowball”
March 2, 2008
This sunny but chilly Sunday in central Illinois contained a “snowball” of tightly squashed comments and ideas about the Microsoft – Fast Search deal. Pandi Post does a good job of summarizing important news and information about the search engine scene. The story that conked me in the face this morning is “Many Fast Search & Transfer Developers Hate Microsoft.” You can read the full story January 12, 2008, here.
Read more
Google Sites, Publishing, and Search
March 1, 2008
In the Seattle airport, I fielded a telephone call on February 28, 2008, about Google Sites, the reincarnation of Joe Kraus’s JotSpot, which Google acquired in 2006.
The caller, whom I won’t name, wanted my view on Google Sites as a “SharePoint killer”. As you know, Microsoft SharePoint is a content management system, search and retrieval engine, and “hub” for other Microsoft servers. SharePoint is a digital Popeil Pccket Fisherman or Leatherman tool.
Google Sites is definitely not SharePoint, nor is it a SharePoint killer. SharePoint has upwards of 65 million users, and it is — whether the users like it or not — going to be with us for long time. SharePoint is complex, requires care and feeding by Microsoft Certified Professionals, and requires a number of other Microsoft server products before it hums.
The person who called me wanted me to agree with the assertion that Google Sites is the stake through SharePoint’s bug-riddle heart. SharePoint and I have engaged in a number of alley fights, and I think SharePoint left me panting and bruised.
What is Google Sites? If you have read other essays on this “no news” Web log, you know that I try to look at issues critically and unencumbered by the “received wisdom” of the crowds of Internet pundits.
I included a chapter in my September 2007 study Google Version 2.0 that summarized a few of Google’s content-centric inventions. The JotSpot acquisition provided Google with software and engineers “up to speed” on a system and method for users to create structured information. The structured reference means that content keyed into the JotSpot interface is tagged. Tagged information can be indexed and the metadata allow the information to be sliced and diced. (Sliced and diced means manipulated programmatically.)
So, JotSpot is a component in a broader information initiative at Google. The JotSpot interfaces are fairly genertic, and you can review them here. There’s an employee profile, a student club, and a team project. Availability is limited to users who sign up for Google Apps. You can read about these here.
What I want to do is direct your attention to this diagram that I developed in 2005 for my Google Business Strategy seminars that I gave between 2004 – 2006.
Notice that this diagram doesn’t make any reference to the enterprise. The solid blue arrows indicate that Google has project underway with these entities. Underway, as I use the word, means with or without the cooperation of the identified organizations. For example, Google is indexing US government content for its US government information search service. You can access this service here. The other light yellow boxes name Google services, including Google’s scanning and indexing services, among others.
The dotted line connecting Google to authors is the Google Sites’ function that I think is more important than SharePoint features, the well-known and often controversial deals for information, and the Google Base “upload” function.
I think Google Sites makes it possible — let me emphasize that this is my opinion — and I have zero interaction with Google. Google ignores my requests for comments and information. So internalize this information before reading the next paragraph.
Google Sites makes it possible for Google to go directly to authors, have them enter their information into the Google Sites’s interface, and make that original, primary information available to Google users. With the flip of a bit, Google morphs into a publisher. Google Sites has the potential — if Google wishes to move in this direction — to disintermediate traditional information middle “men” (I’m not being sexist; I’m just using jargon, gentle readers.)
Now let me tell you what I told the person who called me at 10 pm on Thursday, February 28, 2008, as I waited for a red eye to wing me back to the bunker in Harrod’s Creek. I said (and I’m paraphrasing):
“Google Sites may impinge on SharePoint over time. Google Sites may make Google Apps more appealing to enterprise customers. But I think the real significance of Google Sites is that Google is edging ever closer to getting authors to create information for Google. Google can index that content. Slice it. Dice it. Sell it. Authors have been getting a short end of the royalty and money sticks since Gutenberg. If Google meshes selling information via Google Checkout with Google advertising, Google can offer authors a reasonable percentage of the revenue from their work. In a flash, some authors would give Google a whirl. If the authors get reasonable money from their Google deal, it is the beginning of a nuclear winter for traditional publishers. I’m an author. I actually like my publishers Harry Collier, Tony Byrne, Tom Hogan, and Frank Gilbane. But if Google offered me a direct deal with them, I would take it in a heartbeat. This author wants money.”
My caller did not want to hear this. She works for a large, well known publisher. My take on Google Sites pushed her cherished SharePoint argument aside. My suggestion that Google Sites could generate money faster and with greater long-term impact than mud wrestling with Microsoft was one she had not considered.
I know from my work with traditional publishers that the majority of those business magnates don’t think Google could lure an author under contract without a great deal of work. I don’t agreement. The traditional publishing industry is panting between rounds. Many of its digital swings are going wide of the mark.
Google Sites might be a painful blow, worsened as the publishing industry watches the authors swarm to the Google. Google has search and eyeballs. Google has ads and money. Google has original content and people who want math and health information in real time, not after a 12 month peer review process. Times are changing, and most traditional publishing operations are moving deck chairs on a fragile ocean liner of a business model. SharePoint might be collateral damage. The real target are the aging vessels in the shipping lanes of traditional publishing.
Agree? Disagree? Let me know.
Stephen Arnold, March 1, 2008