Minneapolis high school students take e-field trip to the operating room

About a year ago I observed that 64% of the schools in this region have connectivity at 100 Mbit/s or greater to the K12HSN -- and in turn the Internet and Internet2. I shared a few thoughts on how this might be used to do some nifty things.

Today I came across a news item from the Internet2 web site, covering a high school in Minneapolis that, using an Internet2 connection, participated in a live knee surgery.

As the surgery progressed before them, the 30 juniors and seniors in John Redelsheimer's class reacted to crystal-clear images of sliced flesh and bone with predictable groans and urrrghs. They asked questions of the surgical staff, such as how long the implant might last, and how a full and partial knee replacement differ.

Students in the Robbinsdale Armstrong High School anatomy and physiology class observed Wednesday as a surgeon in Columbus, Ohio, performed total knee-replacement surgery on an 85-year-old woman. And they didn't even board a bus.

Students in the Robbinsdale district are among a select group for whom technological expertise and resources have aligned to allow them to take an e-field trip -- in this case, to Dr. Joel Politi's operating room. Other classes have been to the International Wolf Center in Ely, Minn., a classroom in Egypt and a village in Mozambique.

The session was sponsored by COSI, a science center in Columbus, Ohio. It was made possible by Web-driven video-conferencing technology via Internet2, a superfast network linking universities, industry and government. The basic technology -- the cameras and microphones -- isn't new, but schools haven't been able to use it fully until recently because most lack that fast, powerful connection.

Link to full article is here.



This is what I am talking about!

Fix The Incongruency - Consider Blogging for Your Company for Fun & Profit

Today I was perusing a marketing book by Chris Baggott et al. (that I haven't actually read yet in full)...and I came across the below passage in the first chapter. I thought it summed up pretty well one of strong arguments for considering having someone within your organization blogging (among other means of connecting with your customers and other constituents such as newsletters, etc.). Give it a whirl around your brain and send me your comments -- if you have any:

What's really funny to me is the fact that when you talk to organizations about what makes them different (worthy, if you will), this answers always lands somewhere in the top three: our people.

So why do you hide your people behind the facade of a brand or an institution? At the end of the day, people associate themselves with other people that they like. Your constituents want to like you and have a relationship with you.

-jr

IPv6 Hyperbole & Opportunities

A oft touted phrase for IPv6 is something to the effect of "an address for every grain of sand"[1]. I have a problem with this statement. It's one of those statements that is technically true but, in fact, untrue -- when used as the answer to the question which it is implied to be answering.

If IP addresses were simply assigned to devices and backbone routers were made aware of every single one it might be true. It's not. It's important to view IPv6 address space size in the right light because otherwise we can end up in some of the same troubles as the current IPv4 Internet. These troubles include not only overall available IP addresses but also routing of these IP addresses across network operator boundaries. After all, what's an IP address without global reach ability? :-)

The way that IP addressing works, there is a hierarchy. This hierarchy is used to group individual IP addresses into larger IP address blocks (known as "prefixes" and sometimes "subnets"). In the early days of IPv4 that was the Class A, B, and C system. While it was replaced with CIDR, the new system still maintained a hierarchy based on network size -- it was simply less rigid. This is still necessary in an IPv6 world.

The size of the protocol's address space -- and how it is broken up -- is of the utmost importance to routing. One of the greatest ironies of IPv4 address consumption is that multi-homing -- the connection to more than one upstream Internet provider for performance, cost, and reliability reasons -- requires an IP block of a particular size. Anything smaller than that accepted by the community (through rough consensus and subject to stragglers, mavericks, and router capacity improvements) and you can't multi-home.

In the IPv4 world this has resulted in waste of IP addresses -- which are never actually assigned to end-user devices -- so that someone can multi-home. It's also made it more difficult for smaller networks that want redundancy. Even if they end up with sufficient IP space, it is likely from one of their ISPs and not portable. If they were truly bigger (as in, if they actually were going to use all of those IP addresses) they'd be able to bypass their ISPs, getting IP space from one of the geographically appropriate pseudo-NGOs that allocate IP address space to larger IP address consumers.

Why all the fuss? Why not just allow anyone and everyone to inject any size block into the Internet routing tables? Because routers have finite resources. The larger the routing tables the more memory and CPU used for every packet pushed through the router. At some point a line is drawn where it is no longer generally accepted to be economically viable. This is where the generally accepted "smallest prefix we'll accept into our routing tables" policies come from. (generally the smallest acceptable block is an /24 in the present IPv4 world, approximately 254 assignable IP addresses for end-user devices).

One of the still active debates in IPv6 is how multi-homing will be performed in the long run. Will the current IPv4 model work? Or does the current model artificially restrict how many folks would actually multi-home if they could? Does the current system encourage too much address waste -- and is that even still a concern? How rapidly would the routing tables grow if a different approach were taken? How will we handle the additional resource burden of the continued co-existence of both IPv4 _and_ IPv6 routing tables for quite some time? etc

IP address portability is (indirectly) addressed in IPv6. That remains to be seen though. Under this model, smaller sites still won't necessarily have their own permanent globally routable IP address blocks. They'll have plenty of real global IP addresses assigned by their ISP now -- without any fuss -- but those IPs will still be controlled by their ISP (i.e. if they opt to change ISPs they will have to return 'em and get new ones from their new ISP). Switching IP address blocks is made (supposedly) easier though. The idea is that deeper auto-configuration is adopted with something akin to current DHCP on steroids used pretty much across the board along with very tight integration with DNS -- and somehow overcoming DNS caching.

I am not advocating against IPv6. On the contrary, for its successful widespread adoption I think that expectations must be set appropriately. And, any open for debate areas -- which don't have to hold back its adoption necessarily -- need to continue to be widely discussed. The more awareness the less that a new adopter is blindsided -- and thus the happier they'll be with the outcome after they proceed with their adoption efforts. And, more importantly, the faster that some more definite solutions / best practices can be better understood and disseminated.

As always, I welcome comments, including contesting any of my conclusions and assumptions above. Discussion and debate is how nearly all progress is made, whether it is with ones self or with others. :-)

[1] “One of the major advantages of the new Internet protocol (IPv6) is that it overcomes the growth problems of the Internet caused by the current limitations in the number of IP addresses needed for every computer or other device in order to access the Internet. The new protocol allows for a virtually unlimited number of (2^128) addresses – enough to assign an address to every grain of sand on all the world’s beaches.”

--“European Commission hosts inaugural event to celebrate the launch of the world's first all IPv6 research network,” Brussels, 14th January 2004

If Only Our Bookshelves Were Social...

Some number of months back I ran across LibraryThing. It allows you to catalog the books you've read or have on your bookshelf or wish to read all online. The social networking and recommendations aspect comes into play when it comes to connecting with other folks that have the same books in their catalog that you do -- since they may have books in their own catalog that would be of interest to you. Part of the idea is also that you can keep an eye on what your friends are reading, instead of simply forgetting the book they recommended last week. I actually wanted an online catalog for other purposes as well:

• Knowing what books I've already bought and have in a pile somewhere but just haven't gotten around to reading....so I don't buy it again
• Being able to let friends browse my catalog and ask to borrow books
  
• Tracking what I'm reading so that it can automatically be tracked on my blog for folks that are interested in what I'm reading (I'm usually reading 3-5 books at a time, at the rate of between 2-4 a month or so typically is my best guess).
  

So I started out poking around at LibraryThing. It has an active community. The good/bad thing is that yesterday I discovered there are two other similar sites. The bad part is that now I'll have to check them out. The good part is that a bit of friendly competition ought to bode well for those of us that like the idea and find benefits to having our personal book collections cataloged on-line.

There seem to be three sites that serve this niche:

• LibraryThing
• Goodreads
• Shelfari
  

-jr

Focusing In Tight Times....and in Good

Barry VanderKelen, who heads up the San Luis Obispo County Community Foundation, has a column entitled Nonprofit Strategies that appears from time to time in the SLO Tribune. I often catch it on-line when it appears. Today's is entitled Stay Focused in tight times. In it he asks Israel Dominguez, who became the new director of Cuesta College's Small Business Development Center in November, "how does a nonprofit organization navigate tough economic times?"

What I liked was the advice given by Mr. Dominguez is good for non-profit....and for profit enterprises alike. And not only in bad times -- but good ones too.

You may want to read the article yourself (link again) then come back here. Anyhow, I'm not known for lacking in opinions so I had a bit to add which is below:

For directors (and business owners), it shouldn't be a matter of thinking in terms of good times versus bad times but a matter of thinking: Who really are my customers? What do they truly want right now? How might I give it to them? And, critically, how do I communicate to them in a compelling way that is compatible with their current mindset?

Good times just means we get to be a bit more lazy in our planning and implementation of all of the above while still drifting by. :-) True success -- the kind that is sustainable anyway -- takes deliberate analysis of the marketplace. Once you're in that position you stop worrying about the ups and downs of the economy other than as variables to incorporate into your analysis about what needs and desires you should be meeting for your customers and making sure your marketing is appealing to them in the new context.

Ironically, with a bit of creativity and persistence, economic downturns can actually be incorporated into ones product/service development and marketing messages. All changes and cycles present opportunities for the astute director/manager/owner.

"You only find out who is swimming naked when the tide goes out." -- Warren Buffet

Druid: Open Source Unified Communications Based on Asterisk

A group called Voiceroute just pushed out a product called Druid (actually two products, an open source version and a commercial version) that looks very intriguing. It is based on Asterisk at the core but they've done a lot of work on top of it -- besides just sticking on a useful GUI. This is what I love about the telephony space today -- continuous improvement as folks figure out what they really want. There's a decent little preview/review here. A more thorough explanation of features here. Some ideas for applications here.

So many forms of communications (voice, voicemail, email, IM, mobile, fax), so many ways to leverage it. Now a single IP communications platform based on open source and open standards.

What is Druid? Druid is the premier unified communications platform for enterprises. It allows companies to deploy easily and affordable high endIP communications services using off the shelve commodity hardware and IP phones. Druid covers your enterprise communication needs from IP voice, voicemail, IM all the way to the mobile space.

I love Asterisk and the various things which can be be built with it. But, at its core, (stock) Asterisk excels most at being an engine at the center of a telephony/communications platform. To maximize adoption, the barrier to use must be lowered through improved management interfaces and turnkey features out of the box that reflect what end-users want. There's lots of room for improvement for specific problem domains. That's why Asterisk's flexibility is so powerful and having a lively eco-system around it makes it more and more accessible to a broader base of users. That doesn't mean that Asterisk based solutions aren't ready for prime time today -- they most definitely are. Thankfully, Asterisk's eco-system is strong with solutions such as Fonality, FreePBX, Digium's AsteriskNOW/ABE/AA50, and many others. Oh, and now we have Voiceroute's Druid.

Definitely will be taking a look Druid soon.

Finally Was Time To Hire An Assistant

Well, I finally broke down. I hired Sandy and the fact that I can call her anytime with my speed dial is amazing, though it's still taking some adjustment to get used to not having to do it all by myself. She makes sure I don't forget to do things, reminds me about appointments, looks up information for me, calls ahead to let folks know I'm on my way or running late, and jots down thoughts and ideas that occur to me while I'm out and about away from my computer. Oh, and because she gets along well with others, there are endless possibilities to improve how I work. If this trial continues to be so promising, and thus I decide to keep her around, I just hope I can continue to afford her along with the tools she needs to do her job.

-jr

Is Risk Aversion Our Greatest, Uhm, Risk?

Are WE Holding Ourselves Back?

(This is a draft of an informal essay I wrote today. Figured this would be a good place to post it and garner some feedback). A brief excerpt:

"Often we're concerned about failure. The great irony about the perception most humans have about taking risks and failing is that it nearly insures that most of us will, in fact, have the greatest failure of all: never seeing our most fruitful ideas turned into reality and achieving our most important goals in life. Our built in risk aversion is really, quite ironically, our greatest risk of all. A wolf in sheep's clothing."

"The truth is that most of us can handle far more “risk” than we currently do. On the other hand, we could do with a lot less of the risks we do chose to take on...."

Most of us are capable of far more than we give ourselves credit for. Fortunately, we are the only ones holding ourselves back.

Usually due to a combination of starting something worthwhile but not finishing it and coming up with a good idea but not doing anything about it (taking action), we stand still or, at best, make very very slow progress. Thus, at best, even if we make some progress towards our goals we still do not end up actually passing the goal line.

Often we're concerned about failure. The great irony about the perception most humans have about taking risks and failing is that it nearly insures that most of us will, in fact, have the greatest failure of all: never seeing our most fruitful ideas turned into reality and achieving our most important goals in life. Our built in risk aversion is really, quite ironically, our greatest risk of all. A wolf in sheep's clothing.

Our perception of the risks of most failures are outlandish. While there are certainly some things that are risky enough they could, say, kill us outright, most failures are far less dramatic. Some types of failures can be quite stressful to be sure. Some may even shorten our lives by a few years (due to the stress, though even a bit of short-term stress can sometimes be worth it if it makes the remaining years that much more satisfying). But nowhere near the percentage we think -- of “risky ideas” that we all come up with in our day to day lives -- are even half as horrifying in impact, if we were to take action and fail, as we might convince ourselves they are.

Our comfort zones hold us back. However nearly all good things that come to us, arise from somewhere outside of our comfort zones. Taking on our first real job. Driving for the first time. Taking an entrance or certification exam for a college program, to teach, or some other program we want to pursue to push our careers forward. Marrying for love. Having our first child. Flying for the first time. Learning to swim. Passing a difficult test that forced us to really learn the subject matter rather than simply memorizing a few key concepts. Learning to take our first step (though most of us will lack firsthand memory on this one). Asking someone attractive (in whatever way you deem important) out on a date or even simply for coffee. Starting a blog and posting our real thoughts, opinions, and ideas out there for the world to yell back that we're wrong. :)

While each of these can be stressful in the moment, that feeling soon subsides (especially with practice and time). Without these stretches, life would be so boring and, well, lifeless. We grow, becoming more comfortable in our new terrain. When viewed with a receptive mind, we even learn a lot from our failures.

Nearly all “firsts” in our lives are outside of our comfort zone. In fact, some of them may even be far more realistically life threatening than the other ideas and opportunities that we chose not to take action on. So much for our built-in perceived versus real risks radars.

When I was starting my most recent consulting business I knew there was a good chance that cash would get a little tight for a while. Since I knew that was a high probability outcome along the way towards my goals, I could plan to address it. I could take some actions to handle the looming issue and I could think through some of the options I'd have, depending on how bad things got when the time came. To me, that wasn't really a risk. I trusted myself and thought my way through it. There are few situations in life where we have absolutely no options. It wasn't that I didn't worry about having money to pay the rent and buy food. It wasn't that it didn't stress me out. It was more that the real risks that scared me more than the others were the things that I might have fail(ed) to anticipate and plan. To a certain extent, the ones entirely (or mostly) outside of my control, were a big deal but, again, it's all about having options. As long as I was confident I'd have options, the number of real risks in my world quickly shrunk and became manageable.

The truth is that most of us can handle far more “risk” than we currently do. On the other hand, we could do with a lot less of the risks we do chose to take on....

Our perceptions that result in us not taking on risks that we should while continuing to do things that we shouldn't are even more humorous when considered in another light. I got my first credit card when I was eighteen. It was an American Express. A Mastercard soon followed. At first, I had the money so it really wasn't a big deal. Then I left my comfy job to try my hand as a pseudo-partner in a friend's business venture. That fizzled out. I had some savings from a well timed stock option sell-out. It didn't take long to burn through that. After all, I'd gotten used to a pretty good salary (even if I hadn't been only eighteen at the time). I temporarily struck out on my own (consulting without any specific plan other than to explore new business opportunities) and then, a short time later, became a partner in another new business venture. Well, my financial situation changed quite a bit over that time period. And, like many early entrepreneurs without a solid win under their belts, my partners and I didn't pay ourselves much since we were in start-up mode. But, hey, I didn't have to change my lifestyle – I still had all those credit cards, right?

Give nearly anyone a few dollars and they'll have no problem finding a way to spend it to get something they need (let's not worry about the distinction between need and want for today). Now combine that with easy access to credit (credit cards and home equity loans are the most common current incarnations). Coupled with the basic desires that we all have to please ourselves, get a bit of instant gratification from time to time, and reward ourselves for a job well done or some ill we suffered that day, and our perceptions of risk go out the door.

Suddenly we're no longer thinking about how we'll afford to pay off that large credit card balance next month, how much extra we'll really have paid for today's little indiscretion due to the compounding interest we'll have paid before the balance is gone months or years down the road, and, worse in my mind, the opportunity cost that slowly at first and incrementally over time builds up until we have convinced ourselves that we “just don't have the money to do whatever we want”.

We want everything now so much that we put ourselves in a permanent position of never actually getting what we want. Irony can hurt, especially when it's wired into the standard operating procedure of our brains. It's a bit like the inverse of “wanting to have our cake and eat it too”. We use perceived risks as excuses not to do the things we really should if we actually want to achieve our goals. And we toss out the real matter-of-fact risks when it comes to acquiring the things we could probably do without for just a bit longer. If only... If only...

“I want it now, the future be damned!” Don't get me wrong. There's a time and a place for this attitude – it can be what gets us through some days. We're all human and I doubt we're supposed to be perfect all the time. Besides it's no fun to be perfect. The problem is recognizing when it has become a habit, a regular occurrence, and something that we keep doing even while making excuses about not doing the things we know we really should. (Sadly it can become a feedback loop unto itself, it almost being worse if we are aware that this is what is going on but don't have the strength left to pull oneself out of it so we feed the indiscretion monster more to get through each day and it gets worse -- so watch out!)

While we can be our own worst enemies, remember that is a good thing as well. It means it's under our control. While it's not easy to fight what is hard wired into our own brains, it can be easier than many other battles we participate in outside of ourselves. It's certainly a more important (and probably much more effective) fight. I challenge you:

1. What is one really attractive goal you have?
   
2. What step, or even steps if you are really on it, have you taken in the last day to get you there?
   
3. What about in the last week?
   
4. The last month?
   
5. The last year?
   
6. The last decade?
   
7. Don't beat yourself up over the answers to #2-#6. More importantly, what are you going to do TODAY?
   
8. Now, to make it a little easier to stay on the ball tomorrow with your new ambition, what is something you can do tomorrow as well?
   
9. And the next day?
   
10. And the next?
    
11. Good work --- keep it up! Momentum has a tendency of building, even from nearly nothing. You'll be there in seemingly no time if you keep it up. But you do have to START somewhere. Get moving. NOW.
    

-jr

Food For Thought: What Do You Think of My Idea?

Chris Lyman, the CEO/Janitor of Fonality, made an insightful post on his blog regarding entrepreneurs and aspiring entrepreneurs here. I don't have much to add -- I thought it was good food for thought and wanted to file it somewhere so what better place then on my blog.

I think it's a good idea to fill your thoughts constantly with lots of inputs from all over. Just don't take any one of them too seriously. Consider everything and then decide where you want to go, on your own.

Here's an excerpt from Chris's post:

For 10 years now people have approached me with business ideas, and asked: "What do you think of my idea?"
[...]

And I have always taken their "What do you think of my idea?" very seriously. After all, asking for an opinion on something that you have labored over is difficult - it's a moment of vulnerability as you open yourself up to a potential battery of cerebral criticism and intellectual pugilism. It's not easy ...and I know this.

Thus, I listen to their pitches, I read their business plans, and opine. I try to give thoughtful advice on the "what-ifs" and the "how-tos" and I introspectively incant my "lessons learned."

But, it never sits right with me. And, slowly I have come to hate this question. And, finally I know why.

The entire act of questioning before leaping is fundamentally opposed to the true spirit of entrepreneurialism. Being an entrepreneur is about doing something NEW that has NEVER been done before, or doing something old in a totally NEW way. You just don't build a bad-ass business by being a me-too. In short, you gotta bring the NEW to outdo the OLD and the NEW can never be known because it hasn't happened yet and therefore ANY attempt to discuss the new as if you know what the hell you are talking about is an ego-trip and I don't want a ticket to that ride.

Let me illustrate my own idiocy at predicting the future:

In my last company, I had a Director of Sales named Jon Venverloh. One day, in late 1998, he showed up to work and said he was moving up north to take a sales job at Google. I laughed at him and asked him why the heck he would go to a company with no revenue and no revenue model. Remember this is 1998. He said: "I like Northern California better and I can ride my bike." Believing he was making a lousy career move, I wished him luck. Well, I just googled (hehe) Jon and he is currently listed as an Executive in charge of Federal Sales for Google, Inc.

Go figure. Nobody knows who is going to be the next Google. Least of all me. And the mere fact that you are asking means that you are doubting yourself and doubt is what you CANNOT have as you strive to create the NEW. Don't let the opining and the opinionated slow you down.

-jr

Improving the Snom IP Phone Retrieve Button Functionality

(Otherwise entitled "Getting the Snom Retrieve Button To Work Even When There Are Only Old Messages to Retrieve")

If you use Snom IP phones, you may have discovered, as I recently did, that the Retrieve button doesn't work, at least by default, unless there are new messages in the mailbox. If the user wants to listen to a saved voicemail, they are out of luck and have to dial the special voicemail extension directly. The Retrieve button just sits there and does nada.

This created some confusion in a recent installation since folks learned to use the Retrieve button to access voicemail and then later, after a day or so of use, wanted to listen to voicemails they had saved. :-) Sure, I had set-up an extension to dial the voicemail system directly (intended for when people were out of the office) but it was pretty silly to have two different ways for users to get used to accessing their voicemail, depending only on whether they had new messages or not.

I poked around a bit and the fix was very simple.... In the web management interface go to Setup->Identity X-->Mailbox and set it to your internal mailbox extension.

(As an aside: I am overall pretty happy with the Snom 320 IP phones. Be careful what firmware revisions you are running -- stay away from 7.x unless you know what you are doing and keep things consistent across your installation).

VOIP Troubleshooting With (the free) Wireshark Packet Analyzer

Wireshark is a network protocol analyzer. Some may recognize it by its former name, Ethereal. It's free (and open source), runs on multiple platforms (including Windows and Linux), and actively developed. For those doing VOIP installations or troubleshooting existing installations, the latest release has some very handy VOIP specific support.

It will create visuals representing captured SIP and associated RTP connections. You can drill down by clicking on specific spots on the graph to pull up the associated packet(s). You can generate reports (as well as graph) jitter, bandwidth usage, etc. Various ways of displaying the data to get a better idea of what's really going on.

The screen captures at the beginning of this post are from Wireshark. They show a graph of a VOIP (SIP) call (and a half) between two Snom SIP phones attached to an Asterisk-based PBX (the green/blue/purple image). And an analysis of the associated RTP session (including packet loss, jitter, delay). WS can even playback captured VOIP calls (at least if using PCM/G.711/ulaw).

-jr

(Better) Invoicing & Time Tracking for Contractors/Consultants

When I set out on my own again, especially once the consulting gigs started to really pick up, I needed a solution to handle invoicing, time tracking, and accounts receivable management. In the past, I'd known myself to procrastinate (gasp!) generating invoices.

The procrastination was really the symptom of something else: I'd never really taken the time to automate the process. I'd started off on the wrong foot to begin with. I was tracking minutes in text files, adding them up manually, etc. Further, even if I'd used a fancy system to track and generate the invoices, I have this apparent aversion to addressing, stamping, and walking to the mailbox. Guess I'm just lazy.

So, a bit back, I spent a few hours seeing what was out there these days. Ultimately I settled on three (hosted Web 2.0-ish, if you will) solutions as the major candidates that met my needs:

• FreshBooks
• Blinksale
• Cashboard
  

After getting test accounts with each of them I ultimately went with FreshBooks. The main thing that did it for me was that FreshBooks allowed me to send paper invoices without actually touching a stamp, envelope, or printing anything. Yep, they mail it for me and even include the return envelope with my address!

I do actually send all of my clients e-mail invoices -- since that has become much more acceptable these days -- avoiding hard copy whenever possible. However I like having the option and it can also be handy when someone is taking their time paying..

Technically, FreshBooks doesn't e-mail the invoices but sends out an e-mail with a URL that contains the invoice. While others include the invoice in the actual e-mail, I have found it nifty that FreshBooks' approach allows me to see who has viewed their invoice (and they even provide an RSS activity feed to track client invoice reads!).

Since going with FreshBooks, all three billing solutions have added plenty of functionality. And Cashboard, which was in beta when I first looked at it, is now out of beta. I may re-look at each of them at a later date, but I really am pretty satisfied with FreshBooks for the moment.

If you suspect you spend too much time on invoicing, take a look at what's out there these days!

-jr

California and SLO County School Connectivity (and Ideas!)

According to this data posted by K12HSN, 17% of schools state-wide are connected to the Internet (and, in turn, Internet2) at 100 Mbit/s or higher. What I found nifty is, upon zooming into the local schools here in San Luis Obispo County, that number jumps to 67% (fifty seven out of eighty four). You can see other data for SLO here. (You can zoom in on other areas of California there as well). With this foundation, some intriguing possibilities now exist.

Quick background: K12HSN is a state program funded by the California Department of Education, providing Network/Internet connectivity and related services to K-12. Through K12HSN, schools get access to CENIC/CalREN and, as a result, Internet2 as well as, of course, the Internet. CalREN, the California Research and Education Network, is specially designed to meet the unique requirements of these communities, and the majority of the state's K-20 educational institutions are connected to it. CENIC oversees CalREN and coordinates other related services for California public educational institutions. Internet2 is an R&D platform, for various research institutions both public and private (and, if you're under the impression that Internet2 is just about high speed connectivity, a bunch of network geeks, and some talk about tele-medicine, look here as well as as some of the following links to see how it's being used in the performing arts).

With this as a backdrop, interesting possibilities have emerged for local K-12 students. Here are some ideas:

• The SLO County Office of Education could host an Internet2 Day where research projects and applications are demonstrated to promote awareness and spur ideas in the minds of researchers (read: students, teachers). Projects/applications discussed and demo'd might include collaboration, health sciences, arts & humanities, and science & engineering. It would reach across all disciplines.
  
• The "economies of scale" necessary to have live expert guest lecturers teaching students statewide via video conferencing (and here). I'm talking about having the top professors, researchers, artists, politicians, etc. speak live to students across the state and have the capacity to take real-time Q&A from students. Sure beats watching a passive recorded video on television! And it's sure to intrigue students who might easily overlook great thinkers sitting still on a textbook page in front of them. You get the benefits of serendipity, live action, interaction, and young minds all rolled into one. This same infrastructure could be used to publicize to the larger student body things like state-wide competitions, which, at least traditionally, only the local and regional winners of contests have been able to visit when they head off to compete at the higher level. Why not spread the inspiration around?
• Got more ideas? Post 'em!
  

How about it?

Can Technology Geeks Be (Good) Managers?

If you are a technology geek currently serving as a manager, you better figure out how to become a business manager, if you intend to lead a successful IT department, group, team, or project. You owe it to yourself, your direct reports, whomever you report to, your colleagues in other departments, and your company. You will get a bigger budget, better compensation, more respect from all of your constituents and stakeholders, greater cooperation for your projects to help them be more successful, and greater satisfaction from your career.

It's not all bad for the technology geek turned manager though. If you can grasp the business side, by taking a bit of initiative to learn it, and combine that with technology savvy (even if you let your direct reports worry about the deep down details) you can have the best of both worlds. The last thing technology geeks want are clueless managers. It doesn't matter whether they are clueless about business or about technology -- they are still going to make things more difficult, albeit unintentionally, for their employees.

IT managers should know how to write business plans, prepare budgets, use financial concepts competently such as: the difference between cash flow and profit as well as grasping present and future value calculations, tie projects to business objectives, communicate and be held accountable in business terms, systematically assess and explain risk and uncertainty in ways that relate to the overall business, and communicate with non-technology management in regards to strategy.

This doesn't mean you need an MBA. If you don't understand all of these concepts there are options:

• Take a basic accounting course (or two) at your local community college
• Sit down with your CFO, controller, or accountant and ask for some tutorial sessions
• Buy some books. Ask your CFO, controller, or account for some recommendations (and get them to promise to answer your questions if you take the initiative by reading the books they suggest).
  
• Ask your CEO if you can peak at the organization's overall business plan. Afterwards consider and discuss how your department, group, or project fits into the bigger picture. Ask if there are ways you might better consider and communicate your group's vision, goals, successes (and, yes, failures too) as part of the bigger picture.
  
• I'll also try to highlight, in a future post, some specific resources that have helped me out.

-jr

A Promising New Book: The Pragmatic CSO (Chief Security Officer)

Last week I ran across a book I had not seen before. From the looks of things it reasonably could have been entitled "The Pragmatic CIO/CTO/IT Director/IT Engineer/IT Consultant". It is actually called The Pragmatic CSO. CSO stands for Chief Security Officer. Even if your organization doesn't actually have a CSO, there is a de facto one -- whomever is in charge of IT.

Since anyone within the IT group involved in spec'ing solutions needs to have a connection to the underlying business drivers in order to get buy-in from management for their project to proceed, this book ought to be useful to IT manager and geek alike. At least those that want to see their budget requests approved. :-)

This appears to be a promising resource with some good food for thought and practical approaches all collected together in one place. And, to boot, the approaches that look to be discussed should be readily applicable beyond IT security, to any IT project. No IT project proposal will get very far without a business case.

The book's web site is http://www.pragmaticcso.com. It is available as a regular book or electronically. You can get a sample section e-mailed to you from the web site. Or you can d/l the introduction chapter directly here:

http://www.pragmaticcso.com/Pragmatic-CSO_introduction.pdf

I have only read through the Table of Contents and Introduction and poked around at a few reviews at security blogs I monitor. If anyone else gets a copy and reads through more of it before me, please share your comments.

-jr

Dying 47-Year-Old Professor, Randy Pausch, Gives Exuberant ‘Last Lecture’

I just finished watching an all around nifty guy, Randy Pausch's, well, probably last lecture. :-( He is currently a professor at CMU. His specialty is human-computer interaction, such as virtual reality. He has done work with Disney and EA. Among other accomplishments, his most recent is Alice, which is an innovative and pragmatic educational programming language[1]. He was recently diagnosed with a dire case of cancer. This lecture was about achieving your childhood dreams -- and helping others achieve theirs. For a guy that knows he is about to die, he's got a great attitude about his life -- and life in general. Certainly, if we're looking for people to draw clues from in living our own lives, he's up there.

His wikipedia entry already has a brief overview and link to the video of the full lecture (1h:45m or so) so no reason for me to re-invent the wheel:

Professor Randy Pausch delivered his "Last Public Lecture", entitled "Really Achieving Your Childhood Dreams" at [[Carnegie Mellon University]] on September 18, 2007 ^[5] (the full version of which is viewable at http://video.google.com/videoplay?docid=-5700431505846055184).

During this lecture, Randy Pausch was very upbeat and humorous, rapidly switching between standup comedy, insights on computer science and engineering education, advice on building multi-disciplinary collaborations, working in groups and interacting with other people, offering inspirational life lessons, and doing one-handed push-ups on stage.

This talk was modeled after an existing series of lectures where top academics were asked to think deeply about what matters to them, and then give a hypothetical "final talk", i.e., "what wisdom would you try to impart to the world if you knew it was your last chance?" And in Randy's case, this was more than an academic exercise.

Before he even started speaking, Randy got a long standing ovation from a large crowd of over 400 colleagues and students. When he motioned them to sit down, saying "make me earn it", some in the audience shouted back "you already did!".

Andries van Dam (a professor from Brown University) followed Randy with a tearful and impassioned speech praising Randy for his courage and leadership, calling him a role model and "a Mensch" (which in Yiddish means "someone to admire and emulate, of noble character").

Electronic Arts Inc. (maker of the popular "Sims" family of computer games with over 100 million copies sold) is now commercializing Randy's Alice system (http://www.alice.org/), and pledged to create in Randy's honor a memorial scholarship for women in computer science, in recognition of Randy's staunch support and mentoring of women in CS and engineering.

The president of CMU (Jared Cohon) spoke emotionally of Randy's humanity, and called Randy's contributions to CMU and to education "remarkable and stunning". He then announced that CMU will celebrate Randy's impact on the world by building and naming after Randy a raised pedestrian bridge that will connect CMU's new Computer Science building with their Center for the Arts, symbolizing the way Randy linked those two disciplines. It will be called the "Randy Pausch Memorial Footbridge".

Professor Pausch was named "Person of the Week" on ABC's World News with Charles Gibson on September 21. His last lecture has also attracted wide attention from the national media.

[1] Alice is designed to appeal to specific subpopulations not normally exposed to computer programming, such as middle school girls, by encouraging storytelling through a simple drag-and-drop interface. http://www.alice.org/

Getting a Network Lab on the Cheap

A network lab is useful for all sorts of things. Unfortunately really good labs can be expensive to put together. Over the years I've developed some alternatives that have worked well for many situations. This is still in informal draft format but I don't know when I'll next get a chance to clean it up. I think some folks may find it useful as is so I'm going ahead and posting it now.

Here are my strategies:

• Emulators
• There are Cisco hardware emulators that allow you to run IOS and PIX/ASA images. This has also been known to be possible with other vendors from time to time, sometimes officially offered by the vendor and sometimes not. I suggest a Google search for something like "vendor emulator".
• Dynamips (Cisco hardware emulator that runs your provided IOS images for the 3800, 7200 and other platforms).
  
• PEMU (Cisco 525 PIX hardware emulator that runs your provided PIX OS image)
  
• Versions for Linux and Windows of the above
  
• These emulators often run in their own VMs so, for example, it's possible to set up an entire lab of Cisco devices on a single laptop or desktop and have the emulated devices all "connected" to each other purely in software. e.g.
• 2 x Cisco PIX 525 + 2 x 7200 NPE-400
• ....on a 1.4Ghz Celeron laptop
• Don't expect to do performance testing with emulators but they are often fully functional (the Cisco emulators run actual IOS and PIX images, whatever ones you provide) since you can build testbeds that closely resemble your actual network, including testing actual config changes, etc.
  
• Vendor and reseller online accessible demo environments
• These are nice for poking around and following along as you read through their manuals. Sometimes you can't change things but you can usually get as far as saving your changes -- which is good enough for many situations.
• Can also be useful to see what newer versions of firmware look like, before you upgrade, since vendors usually keep their demo units up to date
• Do Google searches for "myvendor demo", "myvendor demonstration", etc. e.g.
  
• SonicWALL @ http://livedemo.sonicwall.com
• Quasi-Public looking glasses
• Telnet reachable looking glasses / route servers / traceroute servers
  
• Web-based
• usually Cisco, Juniper, and some Zebra-based Linux/BSD boxes
• Not as useful as other methods but sometimes can view live info you might not be able to simulate elsewhere such as large BGP tables
  
• Rack rentals -- rented remote network lab racks (most often rented in 4-6 hour chunks, designed for folks studying for certifications such as CCIE)
• as cheap as $10 for a 4 hour block (!!!)
  
• check eBay for low cost rentals
• check Google for others -- there are many so prices are pretty competitive
  
• search for "CCIE rental" for Cisco rentals. Similar ones exist for Juniper and other vendors with certification programs.
• since folks studying for higher end certifications, such as the CCIE, require pretty elaborate labs these "rack rentals" give you access to some incredibly large and higher-end equipment
  
• Quasi-public environments (left open by accident? Sometimes folks leave their mgmt interfaces open intentionally, accidentally, or, hopefully, just the read-only modes)
• When evaluating Axis cameras a while back, I did some Google searches and turned up a bunch of cameras left open to the public.
• Hint: For web-based GUIs, figure out a unique portion of the text string that is usually in the HTML title and search for it using Google's "intitle:" command.
  
• Try and Buy promotions
• Many vendors, especially the smaller and more aggressive ones, are pretty open about letting folks try their products out for a month or so. Many times you can even talk 'em into holding onto them a little longer if you keep in touch with them, let them know you are evaluating for future purchase, etc.
• Helps to have a business entity, be a "consultant" (state outright that you regularly recommend equipment to clients, if that's the case, since that peaks the interest of most sales folks). Even better is a tax reseller ID I suppose (I don't resell hardware so haven't taken advantage of this last bit before but I've been asked by sales folks when evaluating hardware who I imagine like to encourage new potential sales channels).
  
• Purchasing standby spares
• Spares bought to have for on-site swap-ins in the event of hardware failures can be used (carefully!) for lab work. Just be careful not to break, lose, or otherwise leave your spares in a state that hurts their real function.
  
• Purchasing, borrowing, decommissioning lower-end but current enough models
• Older models, that may or may not be end of sales status by the vendor, may be available cheaply. It's all about eBay.
  
• Upgrading production devices and retaining the older models that get pulled for the lab (previously sunk cost, easier to justify over spending more $$$ on lab equipment)
• A maintenance window for a non-critical office/PoP or during a time window (e.g., after 5pm, or 2am-6am or whatever) that is acceptable in your environment. Then temporarily doing the testing/evaluation/learning with this equipment before returning it back to production state. This isn't ideal but works better than "learning" on a more important part of your network at the same time you are intending to go live with the changes.
  
• Out of date models that people are giving away
• for some needs, "free" equipment can meet certain needs, especially when first learning about a new device when just getting the basic look and feel of the command line or GUI is the focus. Spend money only when you get a bit farther along -- after all many times projects get delayed mid-stream anyhow so why buy new lab equipment only to have it sit and collect dust for the next few months until you get around to working with it (and probably frustrating your boss who you convinced to spend money on it now rather than later).
• Borrow from a colleague
• Call your colleagues at other organizations. Often they've got some extra hardware sitting around that they are willing to lend.
• If you break anything make sure you tell them upfront and replace it (been there done that, with an awful hardware problem in a modular router that, best as we could tell, took out one of the test chassis in addition to the problematic one due to some weird short on a removable module we pulled from the busted chassis to test in the known good chassis).
• Borrowing under vendor hardware replacement and support contracts
• If you have a current hardware replacement or support contract with your vendor, you can explain your particular situation and sometimes have them do you the favor of lending you equipment temporarily.
  
• In a near-emergency, if you have an advanced hardware replacement contract, you can consider having a "failure" then sending the advanced sent hardware back when you're done with it. Don't abuse too much Might be acceptable under some circumstances. Make your own judgment.
  
• Hosted x86 Virtual Machines
• usually VMWare or Xen based (not that it matters much to the end-user)
• can boot up various OSes on-demand, cheaply
• some hosting companies will let you rent on short-term basis (e.g. Amazon EC2 Xen-based VMs charge by the hour and don't charge you while your VM is "shutdown/turned off")
• Good for adding hosts to your test lab (nobody ever said a useful lab had to be physical)
• Combined with network device emulators, discussed previously, makes it possible to do some crazy stuff
  
• Want to simulate a 50 router nationwide network of Cisco 7200 class routers? Get a usage-based VM hosting account and install Dynamips.... It'll cost you something like $20 to get access to 50 VMs for four running hours via Amazon EC2
• If you've got some real equipment you want combined with your virtualized equipment, remotely hosted x86 VMs, etc than build a VPN overlay to connect things up the way you want. The VPN can be an invisible transport layer for your lab network if you want or it can be part of the lab network itself.