Originally Published: Tuesday, 25 September 2001 Author: The Linux.com Staff
Published to: enhance_articles_sysadmin/Sysadmin Page: 1/1 - [Std View]

Linux.com Interview: Azi Cohen and Izar Tarandach of Aduva

Linux.com is an international community just as Linux and open source technologies are an international movement. Here at Linux.com we continue our series of Linux around the world with a visit to another hot Linux startup, Aduva founded in Israel. As you will see Aduva is one of many up and coming Linux companies poised to do well in the enterprise markets.

At the recent Linux World expo in San Francisco Linux.com took the opportunity to sit down with Azi Cohen, CEO and Izar Tarandach (Director of Technology) of Aduva and ask them some questions about being a hot, young start up in the still exploding Linux in the enterprise space. Aduva provides network-based software technology that automates management of both single and multi-system Linux installations. The products, Aduva Manager for a single system, and Aduva Director for multi-system networks, address the growing need for critical system management tasks such as configuration management, upgrades, patches and new hardware driver and software installations. The Aduva solution is Linux Distribution agnostic.

Linux.com: How old is Aduva?

Azi Cohen: It was started in October 1999. In fact all the founders came from a certain unit of the Israeli army bringing skills in computation, logarithmics and simulation, things like that. All the knowledge, especially the Unix and Linux knowledge, was brought into Aduva when they started the company. It is not a civilian application of the same applications they used in the military however.

Linux.com: Where do you have offices?

Azi Cohen: Our headquarters are here in Palo Alto (California) the development group is in Israel and all the data itself is over here, the knowledge base, in order to provide a high level of service to our customers.

The intellectual property of Aduva is in the way we do what we call certification. We define ourselves as a complexity management solution for the enterprise. For instance, there are many dependencies in Linux between pieces of software and what we do is locate them all and build a knowledge base of all the dependencies between different types of components.

Izar Tarandach: Components could be hardware, software, kernels, everything. Up to now we have certified up to 35 thousand components.

Linux.com: That's got to be the largest database of its kind in the world?

Azi Cohen: Yes, and growing. We have a laboratory in Israel which is definitley unique to Aduva. In this lab we can automatically create about 90 thousand different Linux configurations. The whole lab is automatically managed, and the whole process from getting a new piece of hardware or software in to getting it shipped out with all the rules and dependencies for the other 35 thousand components we have is fully automated, and that was very important for us.

Linux.com: How long does that take?

Azi Cohen: It depends on the complexity of the component but basically it's either one hour or perhaps two. If it is something very complex, like a new kernel or whatever, then it could take a bit more than that.

The complete process on a steady basis takes us five days. But we can accelerate that for security patches and customers requests and such, to as little as 12 hours. For instance, security patches we will usually release the day after or within 12 hours. And, y'know, if somebody comes in with a very important piece of software or hardware and wants us to certify it, depending on how critical it is we can accelerate it up to three hours or even more.

This is one major part of Aduva's intellectual property: the ability to create a certified component and ship them to our database. By the way, it is already a fourth generation of automation, so we have improved that quite a bit. The automation group is a separate group from the R&D group, they concentrate on the quality and the throughput of the certification process.

Linux.com: OK, so what does the R&D group do?

Azi Cohen: The R&D group are building the infrastructure for deployment of the complete solution. This deployment is actually an agent based application. You install the agent on your machine and the agent can read your assets, what's installed in terms of hardware and software, and whenever you want to implement, update, upgrade or whatever, you use the GUI to provide a command: "let's install the next version of Apache or the next update to ICQ" then the agent will read your assets, will figure out what rules it needs and then communicate with the Aduva databases, get all possible dependencies, and will show you the results.

Linux.com: What kind of results?

Azi Cohen: It will say something like "in order to install this patch you need to have this library and you need a different TCP/IP stack from another version" or something. Then, if you request it, all the components will be pushed and installed automatically. So, the R&D group are building the infrastructure for that.

We actually have two applications: we have an application for engineers which is in pull model this is for somebody who manages maybe a single machine or two or three machines. But then we have another application called Director which is aimed at the system administrator who can monitor and manage the agent from remote locations.

Linux.com: Can you tell us a bit about your product line up?

Azi Cohen: Built on those applications we have three major solutions: we have a solution for the enterprise, we have a solution for remote support providers-- MSPs and ASPs-- and we also have a solution for hardware and software providers.

Linux.com: Does your target market include individual workstation users?

Azi Cohen: Well yes. We do have the manager which can be used by the individual user and even the home user, and downloaded for free. Linux.com: What about behind the firewall implementations for enterprises? Won't some companies be concerned with security in your architecture?

Azi Cohen: Yes, we can provide those customers with a proxy server or a CD of the rules, but more than that, this is an area where Aduva is sharply differentiated from our competitors. Our architecture preserves the privacy of the customers. What happens is actually very interesting.

Let's assume that the customer is not deploying the rules internally, he's using the Aduva servers for the rules, what happens is that if you want to install Netscape, for instance, the agent will communicate through the firewall and ask the database "give me all the rules concerning Netscape". The rules themselves are sent over the network and through the firewall, and inside the firewall we apply an algorithm that interprets those numbers and figures out what is relevant enough and applies to the specific situation the agent is being asked to deal with, in this case installing Netscape.

This means we don't push the assets in the server or workstation over the network, the configuration, we just ask for generic rules and we sort those out within the agent. So, with this solution even if the customer is deploying the database of rules internally the only place where he is exposed at all is in the flow of updated rules, all of which are very general. There is no exposure of the internal configurations.

This is what we call our enterprise solution, and this is the only solution like that.

Linux.com: What about the capacity of the architecture?

Azi Cohen: We've done capacity planning with about five thousand servers asking for updates at the same time, and we found no waiting of any kind.

Linux.com: What is your prime market?

Azi Cohen: Our prime market today is building partnerships with people like HP, and many other vendors and support providers, with hardware vendors, with framework providers. These kinds of partnerships are the prime market for us today. We're concentrating now on building a technology bridge between our solutions and their solutions, and working with those partners to incorporate our technology into their solutions.

Izar Tarandach: From our research, if you're talking about a remote support provider (like a hardware company needing to provide support for their boxes) our solutions cut 40 to 50% from the cost of providing that service to their customers.

Linux.com: Ok, wow. So let's for a second imagine we're talking to the individual admin., what kind of immediate benefits will they experience? The agent doesn't have an interface I know, but what about here at the Director level?

Azi Cohen: OK, well for one thing we pride ourselves on being multi-distribution so you can have a Red Hat box and a SuSe box, whatever, so if the admin wants to have the very same application set on all those different boxes then at the Director, through an easy to use GUI, he can do that and it will be quick, easy and possible.

The bottom line for the admin is that we cut a lot of operational time. Around 30 to 40% of the operational time spent in a day by a sysadmin is being cut by using the Aduva solution. What we provide to the sysadmin is the ability to work with a logical view. They can create logical views of the different servers they have, and later on deploy that view to physical machines from a single remote location. Double click and that's it. Drag and Drop.

We also provide a lot of other functionality like "what ifs", y'know, so if you want to know what the implications of the next change are going to be you can run a simulation using the same rules in the Aduva database. This is particularly useful for a very large site. Beyond that even we provide some scheduling tools, so you can schedule an update to happen automatically at midnight. You can create the operational policies - so, for example, if you don't want to have games installed for a certain group of people in the organization...

Linux.com: Like the sales department, maybe?

Azi Cohen: Yes, correct. We can make that change with very simple work. A more serious example might be when you want to get all the security patches for Apache. So the policy management is very important. But beyond that we have other capabilities so the sysadmin can know if the box is not reporting for some period of time, and maybe identify a problem there. We also have a health check so the smart agent can activate itself, lets say once a day for a pre-defined duration, and check as many parameters as you like, just to make sure that everything is maintained at the same level without any new dependencies coming out of people downloading or whatever.

So ultimately we are a complimentary product to different frameworks, we don't do performance monitoring or anything like that, but we do help in taking the systems from one steady configuration to the other, and we do that in the quickest way, and in the safest way. Linux.com: What about customers who write their own software?

Azi Cohen: That's where we close the loop. Close the loop means if a customer has their own application or has a piece of software they found somewhere in the world, I don't know from where, he can close the loop by sending it to us to certify through our laboratory and later on deploy through our system.

We can even give customers this capability for local applications that they don't want to ship out for certification. Lets say that somebody writes a logistics system, he can provide rues saying this application needs a or b and that's it. From that moment on it will be treated like any other component.

Izar Tarandach: We also have a hardware capability that is very well developed. For instance if you install a new network card our agent is going to find it and detect it and say "hey, I need to recompile your kernel"

Linux.com: Sounds very impressive.

Izar Tarandach: One thing that is very important to us is the Linux community. Both our development teams are a part of the Linux community, they come from the Linux community in Israel.

Linux.com: So in what way do you work with the community today?

Izar Tarandach: We sponsored some work on libraries and today that is all open for the home user.

And actually the personal use product is free for the community, you can download that and use it for free. That's where we are looking for feedback.

Linux.com: What kind of feedback are you looking for?

Azi Cohen: Well, first of all we just like to hear people say "hey this works", because it is always good to know that we are helping somebody. Secondly, we'd like to know what the community wants, what they see for the future, what they see coming in.

We are a quality product, we provide a quality solution, and the quality of the rules is the most important thing. Community people who can on the one hand enjoy using the product for free and on the other hand, typically the Linux user uses very different configurations and therefore by using us they actually re-test and re-qualify our solution very effectively.

Izar Tarandach: There is an open door in Aduva. Anybody can send requests, they can report any problems. We follow up on all feedback.

Another aspect for the newbie is we provide a layer of simplicity so we make it manageable for the new user.

Linux.com: It sounds like really great and useful technology.

Azi Cohen: We feel that we have a very strong position and a very compelling of offering and plenty of support, and all we need to do is find enough time and resources to do all that is required.

Linux.com: We agree. Thanks so much for talking with us here at Linux.com and best of luck in your enterprise.

Azi Cohen: Thank you.

Check out Aduva's community programs: http://www.aduva.com/