Managing in the disruptive case requires that the management software be capable of managing through three basic transitional phases: understanding the disruption, controlling the transition and finally acting in a way that returns the system to the normal state. This Proactive Security System must rely on the underlying infrastructure to take action and remediate the disruption; therein lies the critical connection between security, systems and storage.

Understanding Phase

The system must understand and articulate the origin and nature of the disruption. Security sensors provide the knowledge and understanding necessary to warn enterprises of impending disruptive states.

Control Phase

Once the management state is recognized as "disrupted," action must be taken in a controlled fashion with the goal of returning the system to its normal state. The control phase provides the rules of execution and the instructional intelligence that the infrastructure must follow during the act phase.

Act Phase


During the act phase the infrastructure must respond to the disruption in a way that restores it to a normal or “safe” state. Act phase activities include many of the same tasks that are undertaken during the normal state but with an increased focus on the speed and reliability in which they occur. As an example, security patches must be deployed quickly without disruption whereas the normal process of upgrading operating systems and applications are typically done as a normal course of change management. While security patches are being planned and deployed the enterprise is vulnerable to damage.

Systems and data recovery is another example of similar processes being executed in the normal and disrupted state. Traditional backup systems back up data during normal operations but they very seldom focus on processes that will allow a recovery within the window required by most disruptive events. Since many normal and disruptive state management tasks are similar, it is logical to conclude that if we architect for the disruptive state we will also realize improvements in the responsiveness of the normal state management tasks.

It is important to recognize the enterprise-wide scope of managing in the normal and disrupted state. During the transition phase the management software must be capable of connecting to and managing the entire computing environment. This environment includes servers, network devices, desktops, laptops and handheld devices in both wired and wireless environments.

Consider three key pain points often highlighted during CIO discussions.

Provisioning