Private Finance Initiative (PFI) Seminar Key Note Address by YB Tan Sri Nor Mohamed Yakcop

Private Finance Initiative (PFI) Seminar
Key Note Address

By:

YB Tan Sri Nor Mohamed Yakcop
Minister of Finance II
10 November 2006
Impiana Hotel, Kuala Lumpur



YBhg. Dato Shahrir Abdul Jalil,
Managing Partner of Shahrizat Rashid & Lee,

Mr. Alan Jenkins,
Chairman of Eversheds,

H.E. Mr. Boyd McCleary,
British High Commissioner to Malaysia

Distinguished Guests,

Ladies and Gentlemen,

Assalamualaikum w.b.t and Good Morning,

I would like to express my appreciation to the organisers for inviting me to speak at today's seminar on Private Finance Initiatives (PFI). This seminar is indeed timely and I would like to commend both Eversheds and Shahrizat Rashid & Lee for taking this initiative, a private initiative to advance the discussions on implementing PFI in Malaysia.

2. YAB Dato' Seri Abdullah bin Hj. Ahmad Badawi, Prime Minister of Malaysia, first mentioned Private Finance Initiatives (PFI) in his speech at the tabling of the Ninth Malaysia Plan, as a key modality to implement the country's national development agenda going forward. The 15 year National Mission articulated by the Prime Minister is a major challenge for the country, in striving to achieve the vision of developed nation status by 2020. We therefore require the full commitment and effort of both the public and private sectors to achieve Vision 2020. The introduction of the PFI concept by the Prime Minister is a key part of this effort as it involves establishing an optimal relationship in the partnership between the public and the private sector in driving national development.

3. Using PFI in pursuing national development must be seen in the context of the Government's broader policy priorities of energising the private sector as the engine of national economic growth and, at the same time, improving public delivery and services. Strong and sustained growth is required to maintain the trajectory towards Vision 2020. In order to achieve this, the success of the Ninth Malaysia Plan rests heavily on maintaining double digit growth rates for private investment. Towards promoting private sector consumption and investment, the Government has consistently maintained pro-growth economic policies.

4. The 2007 Budget clearly demonstrated the Government's focus on stimulating private sector participation. Firstly, the Budget was expansionary both in terms of expenditure and taxation. Secondly, comprehensive incentives were outlined for private sector participation in new growth sectors, particularly Biotechnology and Islamic Finance. Thirdly, the Government announced initiatives for joint investment between the Government and the private sector to catalyse new investments areas, such as in Southern Johor. Fourthly, the Prime Minister also articulated in the Budget the principles of disclosure, transparency, accountability and mutual trust as principles to enhance public delivery through private sector participation. Overall, the 2007 Budget very much reflects the Government's philosophy of increasingly facilitating a conducive environment for doing business, whether through providing infrastructure, enhancing public delivery or enhancing the tax system and where necessary to promote strategic sectors, providing the private sector with assistance, whether in the form of incentives or joint investment.

Ladies and Gentlemen,
5. The introduction of PFI provides the Government with options going beyond the existing modalities of implementation, which thus far has mainly focused on either privatisation or conventional Government funded projects. In fact, in the Malaysian context, we view PFI in the broadest of terms, as capturing a wide spectrum of options that lie between the two extremes of privatisations and Government projects. In its purest forms, privatisation involves the private sector financing the project entirely and taking all the risks, including revenue and viability risk. Government projects lie on the opposite end of the spectrum, whereby the projects are funded by the Government and the private sector is limited to typically just execution or construction risk. Even then, for Government funded projects, ultimately the Government is still exposed to the risk of having paid progress payments but with the contractor unable to complete the project. PFI, as a broad concept, recognizes the scope for a mutually beneficial arrangement in terms of the different permutations of structuring the relationship between the Government and private sector, particularly in terms of the allocation of risks and financing. The scope for formulating a win-win scenario arises because different projects involve different risks and rewards, and between the private sector and the public sector, certain risks and rewards are best borne by one party compared to the other.

6. In the Malaysian development context, among the key areas identified as suitable for the implementation of PFI include regional development such as for the Southern Johor Economic Region, education, public transportation, health and water infrastructure. As elaborated by the Prime Minister, in the Ninth Malaysia Plan, the PFI approach will be utilized broadly in two circumstances - first, to optimize implementation of Government projects and services; and second, to enhance the viability of private sector projects in strategic or promoted areas.

7. In the first circumstance, optimization in the implementation of Government projects includes both in terms of value for money and also in terms of the quality of public services. Take for example, the construction of a Government building. Undertaken as a conventional construction project, the Government is exposed, in the short run, to completion risk and, in the longer run, to the risk of escalating maintenance costs, especially where the contractor has no interest in ensuring the long term durability of the building. Alternatively the project could be undertaken using a Build, Lease and Transfer approach, whereby the private sector will lease the building to Government say for 20 years at a fixed lease including maintenance. In this structure, the Government does not start paying until the building is satisfactorily completed and ready for use. In the longer run, there is no risk of escalating maintenance costs. Indeed with this structure, the private sector is incentivised to ensure a higher quality of construction to avoid the future burden of high maintenance costs. This simple example demonstrates the scope for value for money by avoiding the risk of maintenance costs and better quality in terms of the building construction.

8. Maintenance is indeed a good example where private sector is well positioned to be more efficient and better able to manage the risk of controlling costs. This applies not only in terms of buildings but also in terms of equipment and transportation facilities such as trains and buses. A key factor in securing the potential benefits of the PFI approach is structuring the arrangement to ensure that the right risks are borne by the right party and that the incentives of the private sector are aligned appropriately. Key performance indicators or service level agreements can be put in place with the appropriate financial carrot and stick to derive the optimal relationship. It is in this context that advisors, both financial and legal, many of whom are present today can help create value, drawing from international experience, to advise the Government and private sector participants in terms of how best to achieve an efficient and equitable sharing of risks and rewards.

9. The Government has already commenced implementation of this type of PFI projects. The projects have been identified and work has started in terms of preparation of designs and award of contracts. Pembinaan BLT Sdn Bhd was formed last year and by the end of this year would have commenced implementation on more than RM 2 billion worth of projects relating to police quarters and buildings, using a Build Lease and Transfer approach. Under the Ninth Malaysia Plan, an amount of RM20 billion worth of projects, including schools and Government buildings, was also approved to be implemented using the Build Lease Transfer approach. In the international experience, the efficiency savings from private sector bearing the risks have often been partially offset by the higher cost of financing by the private sector. In the model implemented by Government under for example Pembinaan BLT, not all of the risks have been transferred to the private sector. However, the financing has been secured based on the lower Government cost of funding. Going forward, we expect to engage with the private sector on different permutations of risk and reward sharing towards continually improving our PFI structures.

Ladies and Gentlemen,
10. In the second circumstance identified by the Prime Minister, the Government will help enhance the viability of private sector or privatisation projects in strategic or promoted areas. The basic rationale here is that there are various potential private projects which could be on the borderline in terms of viability and may therefore not be implemented. However, amongst these projects, there would be some which are highly beneficial to the country, in the sense that it would result in significant benefits and spinoffs, which are public good in nature and not be fully captured by the private sector party. With a little assistance from the Government, these projects can be implemented with the private sector bearing all the risk and accruing the private returns, and at the same time the country benefits. Again, this would be a win-win arrangement between the Government and private sector.

11. The Prime Minister has already announced a facilitation fund of RM 5 billion to provide such support. Thus far, the Government has already announced that the 2nd Penang Bridge will proceed on this basis. The principle is well demonstrated here in the sense that whilst a privatized concession alone may not be sufficient to finance the project, the project will result in large spinoffs for the development of the Northern region and thus justifies Government support. To evaluate projects such as these, a central PFI unit has been formed, with its secretariat based in the Economic Planning Unit.

12. This approach of enhancing viability of private sector projects will also be utilized where Government assistance can play a role in catalysing and create a momentum of investment in new growth areas. As mentioned earlier, such measures were announced in the 2007 Budget.

13. One such measure was the formation of the Creative Industry Development Fund with an initial allocation of RM 100 million. The Fund will be used to jointly invest with private sector parties in developing export quality media content. Amongst private sector parties identified to participate include Media Prima and TM. We have seen the success of the Indian and Korean film industries. We believe Malaysia is not short of talent. Thus, the Government believes a focus towards producing high quality content, whether in the areas of film, animation, computer games or theatre has the potential to develop into a thriving industry. Whereas in the past the Government promoted new growth industries primarily through tax incentives, a PFI approach is now available as another modality to build up a strategic infant industry.

Ladies and Gentlemen,
14. In addition to new industries, the PFI approach will be utilized to develop new regions. In the 2007 Budget, in addition to the amounts to be spent on infrastructure, a specific allocation of RM 200 million was provided to establish a strategic investment fund for the Southern Johor Economic Region. The fund will be utilized to spur investments in new industry clusters, particularly for private sector education and healthcare. Towards catalyzing a more rapid development of these clusters, the fund will be used as an incentive to support and jointly invest with the early entrants.

15. In addition to providing support through joint investments with private sector parties, we expect there are many innovative means to help private sector parties to enhance viability in a mutually beneficial manner. To assist the initial entrants of private universities and hospitals into Southern Johore, the Government could enhance viability by committing to procure a level of services in the future, such as sending a certain number of Government sponsored students to these universities. The commitment however would be tied to performance criteria such as quality of education and employability of graduates. This can operate as an incentive for the university to improve itself towards securing more Government sponsored students.

Ladies and Gentlemen,
16. The success of the PFI rests on getting an optimal partnership between public and private sector in terms of sharing the risks and rewards, in addition to incentivising the alignment of interests. Well structured, a PFI approach will be mutually beneficial in providing the private sector a market return and providing the Government with value for money, higher quality of public services and broader economic spinoffs. I am confident that the PFI approach will increasingly play a larger role in promoting strategic private sector investments. The Government looks forward to engaging with the private sector in developing workable and efficient PFI models towards advancing the national development agenda.

17. It is through seminars such as these that both public and private sector participants are able to gain insights from international experience in order to develop applications for Malaysia. I would like to again thank the organizers and sponsors making today's seminar possible, and wish all of the participants today a fruitful discussion.

Thank you.


10 November 2006

Brocade’s network hardware price model: Pay-as-you-go

Shamus McGillicuddy, News Director.Published: 1 Sep 2011

Why should you buy your switches and routers when you can rent them month-to-month? Brocade is offering that option as of this week with its new Brocade Network Subscription, a pay-as-you-go network hardware price model.

IT cost reduction has always been an issue for enterprises, particularly with network hardware prices. Cisco Systems’ customers joke about a “Cisco tax” because the company charges premium prices for its equipment; meanwhile, vendors like HP Networking and Juniper Networks win over deals by offering lower list prices on their switches and routers.

Attempting to drive down costs, many organizations turn to leasing network infrastructure rather than buying it. But this only shifts costs from capital to operational, and lease agreements bind a customer for a minimum number of years, charging a penalty if the enterprise backs out of the deal early.

Brocade’s new network hardware price model, announced at VMworld this week, is a month-to-month “rental” of network infrastructure, which won't necessarily bring down costs, but will enable IT shops to try on new technology for size with the ability to return or exchange without penalty—and that could mean overall savings if companies are able to avoid overbuying or investing in technology that doesn't work for them.

The program, available immediately, covers all of Brocade’s IP/Ethernet products and includes Essential Support from Brocade Global Services. Brocade hasn’t published the actual subscription rates for the program, but it is offering free quotes on its website. The company will also continue to offer its original network hardware price scheme alongside Brocade Network Subscription.

Pay-as-you-go networks could make enterprises early adopters

Aaron Mahler, director of network services at Sweet Briar College in Virginia, is less than halfway into five-year leases from both Juniper and Meraki for the college’s network infrastructure. While Mahler usually leaves network hardware price analysis to his financial officers, the flexibility of a pay-as-you go model intrigues him because it introduces the potential to try new technology.

“If there are no penalties [for canceling a hardware subscription], that would make us much more nimble in terms of scaling with the network we have. If a big shift in technology happens, it would be nice to be able to make that change within the term of our lease. As long as our finance folks look at the numbers and say it makes sense from a total cost perspective, then I would definitely be interested in it.”

Being nimble is especially important at a time when so many new networking technologies are pending. So, for example, as all of the major networking vendors hammer out their data center roadmaps, network managers can use the pay-as-you-go approach to wait out a plan from their preferred vendor, said Andre Kindness, senior analyst with Forrester Research.

“If Juniper had this for their products, customers would feel comfortable with bringing [Juniper’s] EX8200 [into their data centers] and then switch to QFabric down the line. They wouldn’t be as scared to invest. It’s lower risk.”

Pay-as-you-go models also allow organizations to back out of technology that doesn't pan out, mitigating the risks in trying new architectures, according to Mike Spanbauer, principal analyst with Current Analysis. That's helpful considering vendors are currently knee-deep in choosing sides among competing pre-standard technologies like Transparent Interconnection of Lots of Links (TRILL) and Shortest Path Bridging (SPB).

Brocade has rolled out its new VCS data center network fabric, based loosely on TRILL, and its new line of VDX data center switches. With no capital investment and no penalty for backing out, users are much more likely to try the new technology.

“There’s no commitment to a single path necessarily because you can return [the hardware] if it doesn’t work out for you. Once it’s installed you definitely have migration challenges to get off that equipment, but you’d have that challenge with any solution. In this case you don’t have to worry about capital depreciation issues that limited you to only making changes every three years or so,” said Spanbauer.

Economic environment demands new network hardware price models

Beyond enabling technical innovation, pay-as-you-go models may help companies drive down costs.

Whether pay-as-you-go networks are cheaper than those bought with a traditional capital budget will probably depend on how long an enterprise keeps the rented network in place and how well it plans for growth. Most enterprises build a network with a lifecycle of five to seven years with excess capacity to account for growth over that time. A company that builds a pay-as-you-go network can install and pay for only the capacity that is needed, and add more ports when growth is required.

Some vendors have introduced pricing schemes for application delivery controllers and WAN optimization appliances that allow customers to pay a fee for a temporary burst in capacity when needed, said Kindness. Meraki, a provider of wireless LAN infrastructure, also introduced a pay-as-you-go model to its network hardware price scheme earlier this year.

“When pharmaceutical manufacturers buy chemical, they’ll bring in two truckloads of the chemical. But if they only use one truckload, they can send the other one back,” said Kindness. The same need is growing in IT infrastructure spending, he said.

(Source - http://searchnetworking.techtarget.com)

Cisco Live 2011: Catalyst 6500 upgrade the game changer?

Rivka Gewirtz Little, Senior Site Editor. Published: 13 Jul 2011

LAS VEGAS—Cisco served up comfort food for the networking masses on the first day of Cisco Live 2011, sidestepping edgy cloud announcements and focusing instead on a major Catalyst 6500 upgrade.

Cisco is in full battle mode in the switching market where it has lost some ground to competitors with less expensive equipment, including HP Networking. Some customers had expected Cisco to launch a smaller and less expensive addition to the Nexus line (the Nexus 7009 mentioned at Cisco Live 2010), but the Catalyst 6500 upgrade will enable 25,000 existing customers to upgrade their E-Series chasses without the cost of a rip and replace. The message is that they don't need to go with less expensive and less functional equipment from competitors.

“Our goal and aim was to make sure we could protect those customers' investment,” said Scott Gainey, Cisco director of marketing.

The refresh is centered on the Catalyst 6500 Series Supervisor Engine 2T, a 2-terabit card that triples the throughput capability of the 6500 switch from 720 Gbps to 2Tbps and adds virtualization segmentation. Cisco execs compared the $38,000 Supervisor 2T to HP's A9508 switch, saying customers can triple the performance at one third of the cost with this upgrade.

HP called Cisco's comparison of the Supervisor 2T with HP's A9508 "meaningless." Mike Nielsen, director of solution marketing at HP, said that Cisco is comparing the price of a supervisor engine upgrade with the cost of a complete chassis switch system from HP. He also pointed out that HP launched a new competitor to the Catalyst 6500 platform at Interop, the A10500 series, which outperforms an upgraded 6500.

"HP delivers two times Cisco's performance with the HP 105000. Cisco 2T delivers 80 Gbps per slot; HP 10500 doubles that to 160 Gbps," Nielsen said.

The Catalyst 6500 upgrade also includes 10 Gigabit Ethernet line cards—the 6900 8-port 10G card with baked in TrustSec security and the 6800, which includes two 16-port 10G modules and a 48-port Gigabit Ethernet module. Cisco also announced service modules that enable a high performance next-generation firewall, an application control engine for acceleration and security, more comprehensive NetFlow capabilities and mobility management that enables north of 10,000 devices on one module. Cisco says the combined bandwidth from the cards and supervisor make the Catalyst 6500 40 GbE ready, but the company hasn't announced any 40 GbE ports yet.

Catalyst 6500 upgrade? What about the Nexus transition?

Many believed that the Nexus line was meant to replace the aging Catalyst 6500, but this week at Cisco Live, execs said the two addressed very separate markets with different needs.

“The Nexus was meant to bring 10 Gigabit Ethernet into the data center, but gigabit Ethernet is also enormous and there are segments [other than the data center] that have to be addressed. The 6500 fits the sweet spot of the campus that nobody in the market can keep up with,” said John McCool, senior vice president of data center and switching.

“We see the market bifurcating into a campus-based market that needs rich services and the data center network with convergence that takes a different functionality,” he added.

For those who want to keep existing 6500s in the core and aren't concerned about building a Nexus-based data center and managing two sets of equipment, the release seems only positive.

"The core of the network may not always get the limelight, but it makes or breaks the performance of the applications our faculty, students, and researchers depend upon daily,” said Ed Wilson, network test engineer at Pennsylvania State University, who was part of Cisco's press launch. “The introduction of the Catalyst 6500 Supervisor Engine 2T will extend our investment in Cisco systems.

On the other hand, customers who have invested big into Cisco's server products, the Unified Computing System (UCS), and built a Nexus-based network to support UCS want to see more than a Catalyst 6500 upgrade. Many of these users will eventually take build a core-to-edge 10 GbE network and had gotten the message from Cisco that 6500s would be eventually replaced by the Nexus.

“We're going with the Nexus because it has FCoE capabilities and we're looking at the long-term architecture. Also we need the virtualization abilities of the Nexus” said Rich Parker, security and communications manager at law firm Baker Botts LLP. “I've also heard this is the last supervisor upgrade for the 6500, so that's not an investment we would make.”

Adding speed and functionality to a much-loved switch is never a bad thing, said Gestalt IT founder Stephen Foskett. It's also not the most exciting thing Cisco could have announced when it comes to switching, he said

(Source - http://searchnetworking.techtarget.com)

EVER WATCHFUL: CyberSecurity Malaysia says policing the trustworthiness of security certificates must be proactive and continuous. - Reuters

KUALA LUMPUR: CyberSecurity Malaysia wants the Government to consider stronger audit policies for security certificates.

This comes in the wake of the revoking of trust by three major Internet browsers against local intermediate certificate authority (CA) DigiCert Sdn Bhd.

Google, Mozilla and Microsoft revoked trust in DigiCert following the issuance of 22 certificates with weak keys, lacking in usage extensions and revocation information.

Security certificates are used as a means of verifying the identity of a website that a user visits. On Nov 3, identity-based security software and services company Entrust, which counts DigiCert as one of its subordinate CAs, issued a statement on its website stating: "Their (DigiCert's) certificate issuing practices violated their agreement, their Certification Practice Statement, and accepted CA standards."

Entrust also globally revoked DigiCert's signing certificates on Nov 8, allowing time for their customers to acquire valid replacement certificates.

According to online reports, two of the weak certificates issued by DigiCert were allegedly used to disguise malware which was used in a targeted attack against another Asian certificate authority. The authority noticed the attack and raised the alarm.

In addition to only having 512-bit encryption, the DigiCert certificates did not contain Extended Key Usage (EKU) - used to tell browsers what type of rights a digital certificate should have and revocation information, which would have allowed for a certificate recall.

In a statement issued on its website, Mozilla expressed concern with the technical practices of DigiCert, which it said was the main reason behind its decision to revoke its trust.

An attacker could use one of these weak certificates to impersonate the legitimate owners. This could deceive users into trusting websites or verify software that appeared to originate from these owners but in actuality could contain malicious software, the company said.

The certificates in question were issued to a mix of Malaysian government websites and internal systems. Mozilla said it did not believe other sites were at risk.

Not the same

Lt Col (Ret) Prof Datuk Husin Jazri, CEO of CyberSecurity Malaysia, said: "From our understanding, the revocation of trust is due to not fully complying with the strict ­standards required in issuing SSL certificates.

"This is not something that the big browser players are willing to tolerate." An agency under the Ministry of Science, Technology and Innovation, CyberSecurity is also one of DigiCert's clients.

Husin said this incident is unlike the case of DigiNotar, a Dutch CA owned by VASCO Data Security International which experienced a security breach earlier this year, resulting in the fraudulent issuing of certificates, and was later declared bankrupt.

"However, big players like Mozilla, Microsoft and Google will not take chances no ­matter how small the issue is when it comes to trust or security issues because they are in an ­industry where trust is of utmost importance," he added.

DigiCert issued a statement on Nov 5 and denied any fraudulent activity on its part. "We view the allegations as very serious and we vehemently deny any fraudulent act on our part.

"Nevertheless, we are currently ­investigating what had prompted such ­allegations and we are treating this matter as our top priority," DigiCert CEO Mohd Rosdeen Hassan said in the statement.

In a follow-up statement, issued on Nov 7, the company acknowledged the issuance of the certificates with weak keys. In this, it stated: "The SSL 512-bit key certificates issued under Digisign Server ID have mismatched capabilities from the prescribed standards."

Quick work

DigiCert has since revoked the 22 certificates and advised the Internet browser companies to blacklist the certificates in addition to sending out advisories to impacted customers to replace their current Secure Socket Layer (SSL) certificates.

Rosdeen said the process of re-issuing new 2,048-bit security certificates began on Nov 7, with a special task force and a dedicated callcentre set up to answer queries from its customers. "We are going above the minimum prescribed standard (1,024-bit encryption) because we believe this is in the best interest of our clients," he said.

When asked why such weak certificates were issued in the first place, Rosdeen said the reason for the issuance of the 512-bit key certificates was prompted by requests on their clients' part.

"Certain clients felt that 512-bit was enough for their sites, with stronger encryption ­potentially having a detrimental effect on the performance of their applications," he said. DigiCert said about 600 sites are impacted by this revocation and the process of changing the certificates would take days because the main hurdle is contacting all the affected parties and guiding them through the process.

Rosdeen said the company is revising its internal policy to incorporate stricter processes on issuance of certificates for all SSL customers and will undertake the employment of a Webtrust program so that in future it will not be dependant on foreign-root CAs.

CyberSecurity's Husin praised DigiCert for its quick action. "It is notable that DigiCert took immediate mitigation steps for all the affected sites," he said. "All of their customers are now signed directly with Entrust."

Bad time

The DigiCert case comes at a time of heightened alerts surrounding CAs, with a growing list of companies that have had to admit they suffered serious attacks on their certificate infrastructure this year.

Husin reported that CyberSecurity is seeing increasing incidents where valid certificates are stolen from computers or servers that store them and are being used to sign malware.

"From these events we see the need for CAs to beef up security and this could be achieved by having proactive and continuous security practices," he said.

Husin said CAs need to be responsive to security incidents reported by security teams or researchers, and exercise the revocation policy more promptly once those incidents are detected.

"The Government could consider ­implementing stronger audit policies for security certificates, and appoint an agency to enforce them," he said.

Or, he said, CAs in Malaysia could be categorised as a Critical Sector under the Critical National Information Infrastructure (CNII), thus requiring these companies to comply with the more stringent CNII security standards.

PEMBANGUNAN PERSONALIA PELAJAR DINAMIK BERDASARKAN MODEL CHICKERING

Oleh: Bahman Bin Jamaluddin, Pengetua Kolej, Kolej jasmine, UiTM Kampus Puncak Perdana

Shah Alam, SELANGOR DE.

Model Chickering telah diasaskan oleh Arthur W. Chickering, seorang lulusan dari Harvard University yang juga merupakan seorang penyelidik dalam pendidikan dan hal ehwal pelajar universiti dan kolej dan telah banyak menghasilkan teori-teori berkenaan pembangunan pelajar. Teori pertamanya telah diterbitkan pada tahun 1969 semasa betugas dengan Goddard College bertajuk “Project on Student Development in Small Colleges” . Pada tahun 1993 beliau telah memperbaharui teorinya dengan kerjasama Linda Reisser. Chickering kini masih bertugas di George Mason University dan Goddard College.

Model Chickering (1993) terdiri daripada 7 vektor iaitu:

1. Membangunkan kompetensi

2. Mengurus emosi

3. Bergerak melalui autonomi ke arah interdependence

4. Membangun hubungan interpersonal matang

5. Mengukuhkan identiti

6. Membangunkan tujuan dan fungsi

7. Membangunkan integriti

Model ini sangat menggalakkan pembelajaran yang berterusan melalui ilmu, pengalaman dan persekitaran dalam membangunkan personaliti pelajar.

(a) Membangunkan kompetensi

Chickering berpendapat bahwa ada tiga jenis kompetensi di alam menara gading iaitu kompetensi intelektual, kompetensi kemahiran fizikal dan manual dan kompetensi interpersonal.Vektor ini mencadangkan agar kompetensi para pelajar dibangunkan melalui program-program berdasarkan kepada kualiti 3 perkara tersebut. Kualiti di dalam personaliti para pelajar dapat memacu mereka untuk terus berdaya saing dan memikul tugas dan peranan sebagai elitis yang bergelar mahasiswa atau mahasiswi. Ia merangkumi perkara-perkara yang berikut:

(i) Aspek kompetensi dari segi tahap intelektual yang melibatkan penggunaan akal untuk membina kemahiran berfikir secara analitikal, keupayaan mensintesis dan komprehensif serta membangunkan pandangan yang bernas di dalam menghadapi pengalaman kehidupan khususnya di dalam kampus dan juga ketika berhadapan masyarakat dalaman dan sekitar

(ii) Aspek fizikal dan manual yang melibatkan kejayaan di bidang sukan atau kesenian dalam masa yang sama mengukuhkan disiplin diri, kekuatan, kecergasan, daya saing dan termasuk penghasilan idea-idea baru dan inovasi.

(iii) Aspek karektor interpersonal yg melibatkan kemahiran mendengar, memahami, berkomunikasi dan berfungsi di dalam pelbagai perhubungan. Ia juga melibatkan keupayaan yang lebih kompleks iaitu menyesuaikan diri dan bertindakbalas terhadap orang lain sebaiknya, menyesuaikan agenda peribadi dengan matlamat kumpulan dan memilih pelbagai strategi untuk menyuburkan perhubungan dan fungsi kumpulan.

(b) Mengurus emosi

Pengurusan emosi pelajar sangat penting terutamanya bagi para pelajar baru supaya gangguan seperti rasa khuatir, takut, tidak yakin, kemurungan, rasa bersalah, malu dan segala perasaan negatif dapat dibendung dari awal-awal lagi menjejakkan kaki ke menara gading.

Trauma yang dialami generasi hari ini yang terganggu talian hayatnya dek terlalu bergantung kepada ibu-bapa sebelum memasuki universiti akan menyebabkan hilangnya daya saing mereka sebagai seorang pelajar jika aspek emosi dikesampingkan.

Segala gangguan ini tidak boleh diperkecilkan dan dianggap norma kehidupan kampus begitu sahaja kerana ia adalah signal atau petunjuk kepada masalah yang lebih besar yang ditanggung pelajar. Maka itu, mereka harus dipandu untuk mengenalpasti dan mengguna saluran untuk merencat dan seterusnya menghilangkan masalah atau halangan sebelum ia membarah atau meletup.

Pengurusan emosi di peringkat kampus melibatkan perkara-perkara berikut:

(i) Pendedahan kepada persekitaran tempat belajar beserta kemudahan yang ada

(ii) Memupuk minat terhadap bidang pengajian yang diceburi

(iii) Menyediakan talian hayat alternatif iaitu hubungan rapat dengan senior dan pensyarah

(iv) Meningkatkan kemudahan kebajikan bagi pelajar yang memerlukan (pelajar dari kalangan Orang Istimewa atau Kurang Upaya, miskin, yatim-piatu dan lain-lain)

(v) Melatih para pelajar mengenali jenis-jenis emosi serta kaedah-kaedah menanganinya.

(c) Bergerak melalui autonomi ke arah interdependence

Kunci kepada kerangka pembangunan pelajar ialah belajar untuk berfungsi secara relatifnya lebih berkendiri, bertanggungjawab mengejar matlamat yang telah dipilih dan ditetapkan, di samping mengurangkan ikatan terhadap pendapat orang lain. Namun, kaedah yang dinamik memerlukan kebebasan emosi dan instrumental, pelajar juga harus mampu mengenal pasti dan menerima “interdependence”.

Kebebasan emosi bermaksud kemerdekaan dari keperluan yang menekan dan berterusan terhadap kepastian, kemanjaan dan kebenaran. Vektor ini boleh melatih dan memandu pelajar untuk mengurangkan pilihan autonominya terhadap kebergantungan kepada ibu-bapa sebaliknya membuka ruang bantuan melalui pensyarah, staf universiti seperti kaunselor, pegawai agama, mungkin juga dari hanya seorang tukang kebun atau pengawal keselamatan, dari pelajar senior atau rakan-rakan sekuliah secara sukarela. Misalnya apa yang boleh dibuat jika pelajar menghadapi kekangan kewangan untuk memenuhi keperluan kerja kursus. Sudah pasti pelajar harus cepat menghidu peluang bantuan kebajikan yang disediakan pihak unibersiti seperti tabung kebajikan dan kecemasan atau zakat.

Manakala kebebasan instrumental di sini mempunyai dua komponen iaitu keupayaan untuk menganjurkan aktviti dan menyelesaikan masalah sendiri dan komponen kedua, keupayaan untuk bergerak, iaitu sentiasa boleh bergerak ke sana kemari untuk mendapatkan maklumat atau bantuan samada dengan atau tanpa disuruh, samada dari institusi dalaman mahupun dari agensi luaran. Kedua-dua komponen inilah yang boleh menjadikan idea kepada realiti.

Membangunkan autonomi juga perlu kesedaran bahwa seseorang tidak boleh hidup dalam persekitaran vakum. Harus menerima hakikat kita tidak boleh hidup sendiri, kita memerlukan orang lain, sehingga mati pun orang lain itulah yang akan menguruskan kita. Sebaliknya sifat autonomi yang sihat akan menggalakkan kepada hubungan “interdependence”. Oleh itu pelajar diasuh untuk menilai semula penglibatan ibu bapa dalam menentukan hala tuju dan keputusan yang dibuat sebaliknya hubungan dua hala dengan orang di persekitaran universiti ditingkatkan. Hubungan ini kemudiannya dikembangkan lagi dengan masyarakat atau komuniti setempat sehinggalah ke peringkat dunia.

Pelajar kemudiannya harus juga diasuh untuk mematuhi arahan dan pilihan yang dibuat oleh atau bersama orang lain. Pelajar, contohnya, juga mesti boleh melupakan kebebasan untuk memilih berambut panjang atau berpakaian seksi tetapi akur dan patuh kepada peraturan sahsiah yang ditetapkan universiti agar model graduan yang diharapkan mampu dilahir. Pelajar malah dilatih untuk bersedia menerima secara terbuka jika pendapat mereka ditolak dan kehilangan rakan atau sekutu dalam mempertahankan pendapat mereka.

Acuan ini boleh dicapai jika:

(i) Pelajar dilatih dan boleh menganjurkan aktiviti di pelbagai peringkat masyarakat setempat dan sekitar

(ii) Pelajar dilatih dan boleh menyelesaikan masalah sendiri dengan penyediaan rujukan-rujukan mencukupi seperti akses kepada pelbagai bahagian dan unit di dalam universiti dan sebagainya

(iii) Pelajar dilatih berfikir dan boleh merancang dan melaksanakan perancangan yang dibuat.

(d) Membangun hubungan interpersonal matang

Membangunkan hubungan yang matang melibatkan:

(1) toleransi dan apresiasi terhadap perbezaan

(2) kapasiti intimasi atau keukhwahan.

Toleransi boleh dilihat melaui konteks antara budaya dan juga interpersonal yang terpancar melalui keupayaan bertindak balas terhadap keperluan orang lain secara tertib melangkaui keperluan sendiri atau stereotaip. Menghormati perbezaan di kalangan komuniti pelajar boleh dipanjangkan kepada perbezaan bangsa, agama, negara dan sebagainya. Kesedaran, pengalaman, keterbukaan dan tanda tanya sebenarnya bisa membantu pelajar memperhalusi penampilan, mengurangkan bias dan sifat kepuakkan sebaliknya meningkatkan empati, memperkayakan diversiti dan menghasilkan perhubungan yang jujur lagi sentiasa sihat.

Kapasiti ukhwah melibatkan kualiti hubungan di kalangan rakan dan orang yang hampir dengan pelajar. Tetapi ia mesti lari dari kebergantungan terlampau atau dominasi terlampau sebaliknya ke arah keseimbangan di antara keduanya. Pembangunan ukhwah bermaksud lebih berkongsi dari lebih meminta, memaafkan kekurangan dan menghargai kemudahan, memberi lebih pilihan di dalam menyuburkan perhubungan, membina perhubungan yang berdaya tahan dan mempu menghadapi krisis, jarak dan perpisahan.

Melalui vektor ini, para pelajar dilatih untuk mewujudkan jaringan komunikasi, rakan atau sekutu dari kalangan pelbagai lapisan masyarakat yang berlainan bagi memupuk sikap kematangan mereka dalam menghadapi realiti kehidupan mendatang. Ia memerlukan 2 perkara iaitu sikap toleransi dan menghargai perbezaan dan kapasiti untuk intim terhadap jaringan sekutu yang telah diwujudkan itu.

Ia boleh dicapai melalui:

(i) Pendedahan kepada pelbagai budaya, bangsa, agama dan latarbelakang dan

(ii)Memperkukuhkan ikatan dengan orang sekeliling

(e) Pengukuhan identiti

Pembentukan identiti bergantung antara satu sama lain di antara satu vektor dengan vektor lain yang telah dibincangkan di atas: kompetensi, kematangan emosi, autonomi dan perhubungan positif. Ia seperti melengkapkan aturan batu bata semasa membina sebuah dinding. Jika satu bahagian susunan ada lompang sudah pasti dinding yang dibina juga rapuh. Pembinaan identiti merupakan satu proses penemuan pelbagai pengalaman, intensiti dan kekerapan sama ada ia membahagiakan, membina atau merosakkan.

Betapa ramai para pelajar yang sedang mengikuti pengajian masih keliru dengan jantinanya, mencintai pasangan sejenis, mengalami krisis keagamaan, terperangkap dalam fahaman politik melampau dan sebagainya. Ada pula yang berpakaian seperti pendatang asing, yang siswi pula seperti perempuan jalanan manakala siswa terlibat dengan rempit motosikal yang menunjukkan mereka secara serius sedang mengalami krisis identiti. Betapa ramai pula para pelajar yang gagal membezakan nilai mulia bilik kuliah dengan taraf sebuah bilik air di mana hanya menggunakan selipar yang sama untuk ke dua bilik yang berbeza tersebut.

Oleh itu pelajar perlu dibimbing untuk membawa identiti sebagai mahasiswa dan mahasiswi, yang mana identiti ini mudah dikenal pasti masyarakat, mengundang rasa hormat dan meninggikan nilai sesebuah universiti sesuai dengan kedudukannya. Setelah identiti ini dikenalpasti, ia perlu diperkukuhkan supaya para pelajar tidak mudah mengikut telunjuk anasir yang merosakkan seperi gerakan seks bebas, pluralisma agama, fahaman komunisma dan lain-lain.

Mengukuhkan identiti pula boleh dilaksanakan yang melibatkan:

(i)Keselesaan pelajar terhadap anggota badan dan penampilan

(ii)Keselesaan pelajar terhadap perbezaan gender dan orientasi seks

(iii) Pewujudan ikatan kekitaan dari segi konteks sosial, sejarah dan budaya

(iv)Pengiktirafan kepada tanggungjawab dan cara-hidup

(v) Tindak balas pelajar terhadap maklumbalas orang lain serta penilaian terhadap mereka

(vi) Mempercayai kemampuan diri dan mempertahankan maruah

(vii) Tingkah laku yang stabil dan boleh berintergrasi

Pengukuhan identiti juga perlu mencermin dan mempertahankan kekeluargaan, akar umbi budaya, kesucian keagamaan, perkembangan sejarah bangsa dan negara masyarakat setempat.

(f)Membangunkan tujuan

Ramai pelajar universiti masih keliru ke mana mereka hendak tuju dan mengapa mereka berada di situ walaupun jiwa mereka sedang membara dan tenaga sedang melimpah-ruah. Mereka cuma dapat mengaitkan diri mereka dengan profesyen yang mereka impikan misalnya seorang pelajar perubatan hanya boleh mengaitkan dirinya dengan kerjaya sebagai seorang doktor tetapi bukan dengan kualiti yang perlu ada untuk menjadi seorang doktor malah jarang mengaitkan diri mereka dengan tokoh-tokoh doktor terbilang.

Berapa ramai pelajar perubatan ingin jadi seperti Tun Dr. Mahathir? Rata-rata pelajar hanya menyangka bahwa sijil yang mereka perolehi akan melayakkan mereka mendapatkan kerja yang bagus sedangkan secara realitinya majikan hari ini melihat banyak aspek yang lain seperti kemahiran insaniah di dalam memilih bakal pekerja mereka.

Maka adalah menjadi fungsi kolej untuk membina skil-skil yang diperlukan, mendedahkan sebanyak mungkin pengalaman dan kemahiran, penguasaan dan pertambahan ilmu, mencari dan mempunyai falsafah tentang kehidupan dan akhirnya memupuk pelajar menjadi pelajar seumur hidup. Bukankan ilmu Allah itu sangat luas dan nilai ilmu pengetahuan pula sangat tinggi di sisiNya.Sebagaimana yang telah dititipkan oleh I mam Al Ghazali di dalam Kitab Ihya’ ‘Ulumuddin tentang keutamaan mereka yang menimba ilmu melalui Hadis Rasulullah s.a.w yang bermaksud,

“Barangsiapa menempuh satu jalan untuk mencari limu pengetahuan, maka Allah akan menempuhkan suatu jalan untuknya ke syurga”, - ( Hadis riwayat oleh Muslim)

Membangunkan tujuan dan fungsi memerlukan kepada keupayaan mencapai maksud, menilai minat dan pilihan yang ada, menggariskan tujuan, merangka perancangan, dan memacu usaha dan mematahkan halangan. Pelajar dlatih untuk mengadakan pelan perancangan dan serta keutamaan yang mengintergrasikan tiga elemen utama iaitu:

(1) pelan vokasional dan aspirasi seseorang pelajar

(2) minat dan matlamat personal pelajar tersebut

(3) komitmen interpersonal seperti kepada masyarakat, negara dan keluarga

(f) Membangunkan integriti

Membangun integriti sangat berhubung-kait dengan pengukuhan identiti dan memperjelas dan membangunkan tujuan. Nilai utama dan kepercayaan, menyediakan asas bagi menafsirkan segala pengalaman, memandu perlakuan, dan mengekalkan rasa hormat pada diri pelajar. Membangunkan intergriti melibatkan 3 turutan fasa yang bertindan iaitu:

(1) Menginsankan nilai di mana mengalihkan aplikasi otomatik bagi kepercayaan yang rapuh dan menggunakan pemikiran berprinsip di dalam menyeimbangkan kepentingan diri-sendiri dengan keperluan manusia lain, bangsa, agama ataunpun Negara

(2) Pemilikan nilai di mana mengukuhkan secara sedar nilai dan kepercayaan tetapi dalam masa yang sama menghormati pendapat orang lain

(3) Membangunkan kesamaan iaitu memadankan nilai personal dengan tanggungjawab kelakuan sosial

Penulis masih teringat akan coretan seorang pelajar UiTM yang mempertikaikan peraturan rambut pendik siswa dengan kaitan pencapaian akademik di laman Facebook Naib Canselor UiTM yang menimbulkan perdebatan menarik. Ramai pelajar yang menyokong pendapat pelajar tersebut namun lebih ramai yang kontra. Hujah-hujah dan gaya pendapat dikeluarkan mencerminkan intergriti pelajar yang terlibat di dalam polemik. Yang menyokong kelihatan terbawa-bawa dengan kebebasan hak asasi sedangkan yang menentang pendapat pelajar tersebut menggenggam erat matlamat dan tujuan penubuhan UiTM yang antara lain untuk menghasilkan cerdik-pandai dan profesional di kalangan bumiputera. Malah hasil amatan rambang juga boleh dilihat daripada penampilan gaya dan bahasa badan pelajar tahun akhir. Ada yang kelihatan seperti mereka yang sudah bekerja dan boleh memikul tanggungjawab besar manakala selebihnya masih seperti anak ingusan!

Menginsankan nilai beerti mengalihkan kepercayaan sendiri atau literal kepada pandangan yang lebih berkaitan dan nyata, di mana perhubungan terjalin antara peraturan dan matlamat yang sepatutnya. Walaupun peraturan perlu, namun peraturan boleh di ubah mengikut kesesuaian masa dan situasi yang kadang kala terpaksa mengubah prinsip asal sesuatu peraturan penting misalnya dalam konteks negara kita telah ada cadangan agar pemindaan dilakukan ke atas Akta Universiti dan Kolej (AUKU). Perubahan ke atas prinsip boleh diumpamakan sebagai “pembebasan” ke atas “super-ego” atau “enlightenment of conscience”.

Pelajar biasanya terjun ke alam universiti membawa bersama kekeliruan dan igauan tentang apa yang betul apa yang salah, apa yang tulen apa yang palsu, apa yang baik apa yang jahat dan apa yang penting apa yang tidak. Bagi pelajar baru, kebanyakan pegangan mereka adalah apa yang diamalkan oleh ibu-bapa, guru sekolah, imam masjid, media seperti majalah dan jangan lupa pengaruh ASTRO. Ketidak patuhan dan pengubahan kepercayaan ini akan menyebabkan timbulnya rasa bersalah, kekesalan dan kekeliruan walaupun kadang-kadang kepercayaan itu agak karut seperti penggunaan tangkal, minum air Yaasin untuk lulus periksa, gangguan makhluk halus yang menyebabkan histeria sedangkan pelajar tersebut terlalu tertekan kerana tidak bersedia atau tidak dapat menyesuaikan diri dengan kehidupan kampus. Ada pelajar baru yang meminta pensyarah mengadakan tusyen untuk skor A seperti mereka skor SPM dahulu!

Melalui penginsanan nilai, diharapkan bebanan terhadap kepercayaan ini dapat dilonggarkan. Isu, masalah dan penyelesaian diteliti dan dikenal pasti. Sebagai contoh ramai pelajar dari Fakulti Seni Persembahan mengalami histeria sedangkan pelajar dari fakulti lain tidak pula, ustaz dan imam malah bomoh pun jadi buntu sedangkan apabila disiasat di dapati pelajar kurang rehat dan makan kerana latihan yang mereka jalani untuk pementasan teater terlalu memerlukan komitmen fizikal

Pemilikan nilai perlu bersandarkan kepada bidang yang mereka ceburi, misalnya jika ingin jadi wartawan mereka tidak boleh jadi pemalu dan penakut, kalau ingin menjadi peguam tidak boleh pula pendiam, kalau mahu jadi pengurus sukan mestilah boleh bersukan walaupun tak berapa bagus! Jika bercita hendak bekerja dengan konglomerat mestilah berjiwa besar, berketrampilan dan ingin jadi usahawan, sifat oportunis dan berani mengambil risiko perlu ada. Pemilikan nilai akan membangunkan kesamaan nilai di mana kejayaan kelakuannya nanti akan bergantung kepada kelompok dan khalayak yang mereka anggotai. Bak kata pepatah masuk kandang kambing mengembik dan masuk kandang harimau kena mengaum, kalau tak mengaum kenalah kita mengucap!

Fasa terakhir untuk para pelajar yang hampir menamatkan pengajian ini sepatutnya telah dapat mengurangkan perdebatan di kalangan pelajar dan pentadbir universiti kerana kesefahaman telah dicapai, akibat dan pilihan telah pun jelas, malah tanggungjawab juga telah ditentukan. Setelah pelajar dilatih agar mempunyai integriti terhadap kepercayaan , nilai dan tujuan hidup, sepatutnyalah juga mereka sudah boleh menghormati diri sendiri dan orang lain.

Begitulah huraian berkenaan tujuh vector pembangunan personalia yang terdapat di dalam Model Chickering (1993). Setiapnya mempunyai komponen tambahan dan pengubahsuaian mengikut perkembangan semasa.

Memperkasa Pelajar Luar Kampus - Ucaputama Y.Bhg. Dato Prof.Mohd. Noh Dalimin

Prof. Dato Dr. Mohd. Noh Dalimin, Naib Canselor, Universiti Tun Hussain Onn(UTHO)semasa menyampaikan ucaputama dalam seminar Pengurusan Asrama Peringkat Kebangsaan 2011 di Royale Bintang sebentar tadi menegaskan bahawa semua universiti di Malaysia sewajarnya memberikan perhatian sewajarnya terhadap kebajikan mahasiswa NR atau pelajar tanpa asrama di universiti masing-masing.

Pendekatan yang kreatif dan inovatif perlu dilaksanakan oleh pihak Hal Ehwal Pelajar untuk menarik minat mahasiswa tanpa asrama menyertai program yang memberi manfaat kepada masyarakat setempat dimana mahasiswa tinggal supaya mewujudkan suasana harmoni di antara masyarakat dan mahasiswa.

(bersambung)

17 Ways To Speed Up Your Network -- For Free

Learn how to speed up throughput without breaking the bank, by optimizing the network and eliminating unnecessary performance hogs.

By Phil Britt

Got a sluggish network, but don't want to break the bank speeding it up? We've got free and relatively inexpensive help for you. While some of the steps we recommend might include minor hardware upgrades, they are far less expensive than large consulting contracts or "forklift-type" IT upgrades.

To get our tips, we've polled three networking specialists for their advice. They've come up with 17 tips -- here's what they have to say.

Tom Leahy, product marketing manager for IP services at Pittsburg, Pa.-based TelCove, an integrated communications provider that offers Internet, voice, and data solutions, recommends these steps to boost network performance:

1. Assess traffic loads on the network, including the destination and source of all traffic. By moving around some network resources, a company many be able to improve network performance. For example, in a campus environment, if a particular server is being used by people in a common location (i.e., a particular building), the obvious thing to do is to make sure that server is actually located in that building. Otherwise that traffic will bog down other communications that must go between buildings.

2. Optimize IP addressing. This helps minimize the load on routers. The shorter the lookup table a router needs to determine where to send packets, the better.

John Heasley, one of the co-founders of Shrubbery Networks, a Portland, Ore.-based computer and network consulting services company, offers these recommendations:

3. Adjust hosts and network devices to use larger maximum segment size (MSS) at the initial connection or even the maximum transmission unit (MTU) of ~1460 for Ethernet. The old default of 576 is antiquated and most links should support this by now. Just make sure they do not set the DF (Don't Fragment) bit on every frame (Microsoft likes to do this).

In fact, you use IP MTU discovery to increase the MSS over time, but it doesn't help short-lived connections (i.e., for the Web).

4. Turn off IPX. Heasley calls IPX "one of the worst protocols ever." IPX is very chatty, Heasley explains, and, therefore, is very susceptible to any kind of latency. This also reduces overall operating expense because network administrators only have to verify a smaller subset of code for network device software upgrades.

Turning off IPX can also improve overall throughput for networks devices that only support process switching for these (or all) protocols, since these protocols tend to be heavier and less efficient (in terms of overall code efficiency). Netbui can safely be turned off as well.

5. Increase default socket (or streams) send and receive buffer space to at least 64k on all servers and clients.

6. Optimize the router interface access control lists (ACLs). These often become inefficient over time as people add things to existing ACLs and don't delete them when those things are removed from the network.

7. Check Ethernet links for the greatest possible link speed and duplex (mismatches occur) and errors.

8. Increase the overall bandwidth between devices with link bundling (IEEE standard 802.3ad).

9. Use multicast when you can and when it's warranted.

10. Use web browsers that support pipelining. Firefox supports pipelining, but Heasley says that although Internet Explorer supports pipelining, he is not sure that it supports it properly.

11. Make sure routing is efficient. Use a routing protocol rather than static routes to avoid inefficiencies.

12. Avoid loops in switching topologies. Spanning tree protocol (STP) is not good at choosing the best path.

Tim Hebert, chief operating office of Atrion Networking, Warwick, RI, a systems integrator and network services provider doing Cisco infrastructure since 1987, adds the following advice:

13. Look at multicasting settings, which may not be turned on. Multicasting uses a multicast address to send the same data stream to multiple recipients while using the least bandwidth. Without multicasting, multiple unicast-addressed copies of the data stream would have to be sent to individual recipients. Multicast services can control the distribution of multicasts by determining which switch ports need to participate in multicasts.

14. Consider using a private virtual LAN to give certain applications higher priorities.

Ed Keiper, manager of network services for Lantium, Inc., an Audubon, Pa.-based company that provides network services, consulting, and outsourcing, suggests that network performance may be improved by doing the following:

15. Replace hubs with faster-working switches. The cost of switches has dropped significantly, so the improved performance may be well worth the investment. Lantium estimates that the cost of switches are about a third of the cost of hubs -- an estimated $5.53 per port for switches versus an estimated $15.63 per port for hubs.

16. Ensure that the network's fastest systems run the most demanding applications. Sometimes new, faster PCs are added to the network, but some of the most resource-intensive applications remain on older machines. Total network performance suffers as a result.

17. Make sure that any cable runs are short enough for maximum performance. While a system may theoretically be able to handle a cable run of 300 feet, distances of 100 feet will provide much better performance.

This Article Reprinted Courtesy of http://informationweek.com

Facebook shares some secrets on making MySQL scale

Whеn уου’re storing еνеrу transaction fοr 800 million users аnԁ handling more thаn 60 million queries per second, уουr database environment hаԁ better bе a upset special. Many readers mіɡht see thеѕе numbers аnԁ rесkοn NoSQL, bυt Facebook held a Tech Talk οn Monday night explaining hοw іt built a MySQL environment competent οf handling everything thе companionship needs іn terms οf scale, performance аnԁ availability.

Over thе summer, I reported οn Michael Stonebraker’s stance thаt Facebook іѕ trapped іn a MySQL “fate οf poorer quality thаn death”bесаυѕе οf іtѕ dependence οn аn outdated database paired wіth a complicated sharding аnԁ caching аррrοасh (read thе comments аnԁ thіѕ follow-up post fοr a bevy οf opinions οn thе validity οf Stonebraker’s stance οn SQL). Facebook declined аn official comment аt thе time, bυt last night’s night talk proved tο mе thаt Stonebraker (аnԁ I) mіɡht hаνе bееn incorrect.

Keeping up wіth performance

Kicking οff thе event, Facebook’s Domas Mituzas shared ѕοmе stats thаt illustrate thе importance οf іtѕ MySQL user database:

• MySQL handles pretty much еνеrу user interaction: Ɩіkеѕ, shares, status updates, alerts, requirements, etc.
• Facebook hаѕ 800 million users; 500 million οf thеm visit thе site day аftеr day.
• 350 million mobile users аrе constantly pushing аnԁ pulling status updates
• 7 million applications аnԁ web sites аrе integrated іntο thе Facebook platform
• User data sets аrе mаԁе even Ɩаrɡеr bу taking іntο tab both scope аnԁ time

Anԁ, аѕ Mituzas pointed out, everything οn Facebook іѕ social, ѕο еνеrу proceedings hаѕ a ripple effect thаt spreads beyond thаt specific user. “It’s nοt јυѕt аbουt mе accessing ѕοmе object,” hе ѕаіԁ. “It’s аƖѕο аbουt analyzing аnԁ ranking through thаt include аƖƖ mу friends’ activities.” Thе result (although Mituzas noted thеѕе numbers аrе somewhat outdated) іѕ 60 million queries per second, аnԁ nearly 4 million row changes per second.

Facebook shards, οr splits іtѕ database іntο numerous distinct sections, bесаυѕе οf thе sheer volume οf thе data іt stores (a number іt doesn’t share), bυt іt caches extensively іn order tο write аƖƖ thеѕе transactions іn a rυѕh. In fact, mοѕt queries (more thаn 90 percent) never hit thе database аt аƖƖ bυt οnƖу upset thе cache layer. Facebook relies heavily οn thе open-source memcached MySQL caching tool, аѕ well аѕ іt custom-built Flashcache module fοr caching data οn solid-state drives.

Keeping up wіth scale

Speaking οf drives, аnԁ hardware generally, Facebook’s Mаrk Konetchy took thе thе boards аftеr Mituzas tο share ѕοmе data points οn thе growth οf Facebook’s MySQL infrastructure. Although hе mаԁе sure tο point out thаt thе “buzzkills аt legal” won’t Ɩеt hіm share actual numbers, hе wаѕ аbƖе tο point tο 3x server growth асrοѕѕ аƖƖ data centers over thе past two years, 7x growth іn raw user data, аnԁ 20x growth іn аƖƖ user data (whісh includes replicated data). Thе median data-set size per physical host hаѕ increased nearly 5x ѕіnсе Jan. 2010, аnԁ maximum data-set size per host hаѕ increased 10x.

Konetchy credits thе ability tο store ѕο much more data per host οn software-performance improvements mаԁе bу Facebook’s MySQL team, аѕ well аѕ οn better server technology. Facebook’s MySQL user database іѕ composed οf approximately 60 percent hard disk drives, 20 percent SSDs аnԁ 10 percent hybrid HDD-plus-SSD servers running Flashcache.

Bυt, Facebook wаntѕ tο bυу fewer servers whіƖе still improving MySQL performance. Looking forward, Konetchy ѕаіԁ ѕοmе primary objectives аrе tο automate thе splitting οf large data sets onto underutilized hardware, tο improve MySQL compression аnԁ tο ɡο more data tο thе Hadoop-based HBase data store whеn appropriate. NoSQL databases such аѕ HBase (whісh powers Facebook Messages) weren’t really around whеn Facebook built іtѕ MySQL environment, ѕο here ƖіkеƖу аrе unstructured οr semistructured data currently іn MySQL thаt аrе better suited fοr HBase.

Wіth аƖƖ thіѕ growth, whу MySQL?

Thе logical qυеѕtіοn whеn one sees rampant growth аnԁ performance requirements Ɩіkе thіѕ іѕ “Whу stick wіth MySQL?”. Aѕ Stonebraker pointed out over thе summer, both NoSQL аnԁ NewSQL аrе arguably better suited tο large-scale web applications thаn іѕ MySQL. Perhaps, bυt Facebook begs tο differ.

Facebook’s Mаrk Callaghan, whο spent eight years аѕ a “principal member οf thе technical staff” аt Oracle , сƖаrіfіеԁ thаt using open-source software lets Facebook rυn wіth “orders οf magnitude” more machines thаn people, whісh means lots οf money saved οn software licenses аnԁ lots οf time рƖасе іntο working οn nеw features (many οf whісh, including thе rаthеr-сοοƖ Online Schema Change, аrе discussed іn thе talk).

Additionally, hе ѕаіԁ, thе patch аnԁ update cycles аt companies Ɩіkе Oracle аrе far slower thаn whаt Facebook саn ɡеt bу working οn issues internally аnԁ wіth аn open-source community. Thе same holds rіɡht fοr general support issues, whісh Facebook саn resolve itself іn hours instead οf waiting days fοr commercial support.

On thе performance front, Callaghan noted, Facebook mіɡht find ѕοmе appealing things іf large vendors allowed іt tο benchmark thеіr products. Bυt thеу won’t, аnԁ thеу won’t Ɩеt Facebook publish thе results, ѕο MySQL іt іѕ. Plus, hе ѕаіԁ, уου really саn tune MySQL tο perform very qυісk per node іf уου know whаt уου’re doing — аnԁ Facebook hаѕ thе best MySQL team around. Thаt аƖѕο helps keep costs down bесаυѕе іt requires fewer servers.

Callaghan wаѕ more open tο using NoSQL databases, bυt ѕаіԁ thеу’re still nοt reasonably ready fοr primetime, especially fοr mission-critical workloads such аѕ Facebook’s user database. Thе implementations јυѕt aren’t аѕ mature, hе ѕаіԁ, аnԁ here аrе nο іn print cases οf NoSQL databases operating аt thе scale οf Facebook’s MySQL database. Anԁ, Callaghan noted, thе HBase engineering team аt Facebook іѕ reasonably a bit Ɩаrɡеr thаn thе MySQL engineering team, suggesting thаt tuning HBase tο meet Facebook’s needs іѕ more resource-intensive process thаn іѕ tuning MySQL аt thіѕ point.

Thе total debate аbουt Facebook аnԁ MySQL wаѕ never really аbουt whether іt ѕhουƖԁ bе using іt, bυt rаthеr аbουt hοw much work іt hаѕ рƖасе іntο MySQL tο mаkе іt work аt Facebook scale. Thе аnѕwеr, clearly, іѕ a lot, bυt Facebook seems tο hаνе іt down tο аn art аt thіѕ point, аnԁ everyone appears pretty content wіth whаt thеу hаνе іn рƖасе аnԁ hοw thеу рƖοt tο improve іt. It doesn’t seem Ɩіkе a fate οf poorer quality thаn death, аnԁ іf іt hаԁ tο ѕtаrt frοm scratch, I don’t ɡеt thе impression Facebook wουƖԁ ԁο tοο much another way, even wіth thе nеw database offerings unfilled today.

Network software bugs: Are Cisco and others doing enough?

by Greg Ferro, Fast Packet Blogger

It seems that the IT Industry is willing to accept that software bugs are unavoidable and that licensing agreements, along with patches, absolve vendors from any responsibility. That may be why there is so little hubbub around what I sense to be an increase in network software problems – and specifically Cisco IOS bugs.

It's not that bugs in general are a new issue. Microsoft releases between 20 to 60 patches per month for critical bugs. But with Cisco IOS software, I have noticed a significant decline in product reliability over the last two or three years, which is suspiciously the same timeframe as the company's financial problems. Maybe I am paranoid, but I have to wonder if Cisco is cutting corners on testing and validation programs in its Indian development centers

I’ve learned that IOS software development is segmented into verticals: BGP, IP Multicast, OSPF, MPLS, etc. All of these are developed in independent teams with their own budgets and management. But there seems to be a gap in end-to-end testing. For example, I wonder if there is testing of BGP and IP Multicast integration or MPLS andOSPF integration.

Why are bugs so troubling in networking?

In an ITIL-compliant world, bugs are an identified risk and projects allocate hundreds or thousands of man hours to testing and validation in an attempt to locate product flaws. The cost of customer-driven network validation and testing has risen dramatically in the last five years. The trend is proven in the wide range of new testing products and solutions.

On one hand, this is not a bad thing as we can now build better networks. But for every bug found, the network is undermined. There is already a significant perception in IT management circles that the network is unreliable and risky. That’s why getting change windows for regular upgrades is almost impossible

When will vendors do more?

Some people say that vendor technical support is here to fix these problems, but that's not why I pay for this service. I pay tech support for hardware failures, software upgrades and configuration support, not to receive a half-finished product.

Which leads to the question: Are vendors delivering faulty products? If customers are going to perform their own testing, locate bugs and then advise the vendors through tech support programs (paid for by the customer), then what motivates the vendor to keep software quality high?

It is true that the complexity of modern products means that some bugs or product flaws will occur. But if vendors scale back their testing programs to save money, who suffers? And who will know?

(Source - http://searchnetworking.techtarget.com/)

Network technology trends 2012: Out-of-band management and DevOps

With the new year nearly upon us, SearchNetworking.com met with Lori MacVittie, F5 Networks’ technology evangelist and senior technical marketing manager, to talk about major networking technology trends for 2012. She said network engineers will increasingly turn to virtual desktop infrastructure (VDI) as a way to get a handle on the megatrend of IT consumerization. Increased traffic on dynamic infrastructure will also force networking pros to bring back the out-of-band management network. Finally, network managers will have to open their networks up to more integration with DevOps teams, bringing back nightmares of a bygone era of programmable routers.

How will virtual desktop infrastructure (VDI) help enterprises with IT consumerization?

Lori MacVittie: We're back in that world where we had three different versions of Windows and asking how we support all these applications. We're seeing that with all the different tablets and smartphones and laptops. We've got applications that might not necessarily work very well on tablets, and we want to make sure that users can get to those. But we don’t want to write native clients. It's just not feasible for IT to write applications for 50 different operating systems and platforms.

So if you pull virtual desktop infrastructure into the picture, it controls the application in the VDI environment. It keeps the data inside the data center for the most part, so you can still apply the right security. And you get a little bit more control without constraining the end user. They get to use the device where they want, when they need it. But you don't have to worry about the management of the actual endpoint. Of course that has an impact on the network because you're talking about new and different protocols and more devices. Some people like to multi-task. There is a lot of traffic and there are a lot of changes to infrastructure that have to be made to support something that.

What will enterprises have to do on the network side to support all of this virtual desktop infrastructure resulting from IT consumerization?

MacVittie: One of the first things is managing access. Who are we going to allow? From where? And over what network? One of the interesting things about the phones and even some tablets today is you can connect over both the mobile network as well as your Wi-Fi. I can turn on Wi-Fi on my phone, and suddenly I'll be on Wi-Fi network instead of the mobile network. That particular piece of information to the network is important. In the case of being on Wi-Fi you know that my phone is in the building on the network. If I'm coming over the mobile network I could be anywhere. There may be a need to control access from certain locations, such as saying this information can't be delivered outside the building. So if you're coming in over a corporate Wi-Fi connection, I'll let you have it, but if you're coming over a mobile carrier network, I don't know where you are and you can't have it.

That ability to dig down and see who you are, what you are using, where you are and what it is you want is going to be important to controlling who is going to get access. That's a lot of traffic going back and forth. You need to identify the user, you have to pick up the information out of the data that's being transferred and the protocols themselves, and you need to be able to make intelligent decisions about it and start sending people to the right places. So I think that access management layer is going to be very important, just trying to keep control of what you can: the resources and the applications.

F5 has mentioned that the out-of-band management network will be a technology trend in 2012. Whatever happened to it in the first place?

MacVittie: The networks got so fast and so fat that we didn’t have a problem with congestion. So we could keep it all on the same network. It was easier, and everything was static. We didn’t really need to have real-time [management] communication. If we needed to get some information from a switch, we could pull it with SNMP. It wasn't imperative that we got it in 0.5 seconds. If I got it in 3 seconds or 5 seconds that was fine, because I was really just digging for information or running a report or trying to hook it up to some bigger management system like [HP] OpenView.

Why do you think the out-of-band management network is coming back?

Find out how NYSE-Euronext built an out-of-band management network
MacVittie: As we're seeing all these things getting more dynamic, and [enterprises] want to provision [services] on demand, that requires a lot of interaction and it can be very time-sensitive. We need be sure that if that if we need more capacity that message actually gets to all the components involved at the right time; that it's not delayed; that it's not lost.

Automation is going to make us again more sensitive to the ability of all those components to receive things in a timely way, and that may require out-of-band management networks because the traffic on [production] networks is increasing. We have a lot of video and twice the number of applications and devices. What do you prioritize? Are we going to prioritize provisioning traffic over the CEO getting his email? I don't know; that's not a question I want to answer. I want make sure that both are just as fast as they need to be.

How do you build an out-of-band management network?

MacVittie: It's either a completely separate VLAN or a completely separate physical network, so that we can make sure it's got the speed and the bandwidth and that everything on it is actually management traffic.

As things continue to get integrated and we start looking at solutions where we've got this entire integration framework where network components are starting to be more dynamic in their configuration and actions, we're going to need a lot more collaboration and an entire set of systems and architecture to be able to support all that automation and orchestration in the network.

We talk about virtualization of the network, and we say, let's assume that every component in the network is going to become virtualized. What does that mean? That means a whole lot of management and a whole lot of communication between some other system that's managing when something gets provisioned, where it gets provisioned, where it's hooked up to, the topology [behind it]. There is a whole lot of communication and integration that has to go on in order to make sure that dynamic network actually works. It's really easy to push a button and provision a switch. It's not so easy to push a button, provision a switch and actually have it configured and doing what it needs to be doing. That's going to require a lot of integration [and] a lot of management. So there's going to be a lot of traffic and a lot of communication going on. And that's going to start taking up bandwidth. Yes, we've got really fat pipes right now and really good networks. We're talking 40 gigabit at the core, and most people say that we'll never hit that. We never thought we'd need 10 gigabit either, but apparently we do.

How would a network architect determine that it's time to establish an out-of-band management network?

MacVittie: I'm a fan of proactivity, but that's not always realistic. I think [most people will [establish an out-of-band management network] at a point where it starts to be very difficult to separate that management traffic from actual business and customer traffic; when the lines between that become very difficult; when it's really hard to find what you need to see on the network; when your span ports are overloaded and you're losing packets and information; when you're not getting all the data you need, and you can't figure out why something didn't launch; or when some configuration failed and you didn’t see it.

F5 has predicted that networks will have to integrate with scripting technologies like Chef and Puppet. Why?

MacVittie: Chef and Puppet are the two primary tools of the DevOps movement. It's the attempt to bring development methodologies and processes to IT operations. They allow you to create scripts that automate the configuration of a virtual machine or a BIG-IP or a switch or some other solution in the network. That's why the network API and the ability to integrate become more important. What the DevOps guys are tasked with is, ‘Here is this application. I need you to build this deployment script that is going to deploy the virtual machine to the right place; make sure the load balancer is configured, add these firewall rules and hook it to X, Y and Z.” So they take it and they build this package and they use things like Chef and Puppet to communicate with the different networking components and tie them together into an automated deployment package so they can just go click, deploy. And when someone says I need to launch another instance they can say click, deploy, and everything gets hooked up correctly.

I think probably not enough network guys are aware of this. The DevOps guys are growing out of the server admins and app admins who are coming in and trying to focus on operations. Also, the network guys don’t want people to run a script against their switch and router. And who can blame them? We had these arguments many years ago when programmable routers showed up. Are you crazy? You're not going touch our core router. So I think there is a lot of resistance from the networking team to allow these guys to come in and do these things. But ultimately it's going to be very important.

The network is a very important piece of getting an application out and delivered. If we can't include the network in that automation and that ability to orchestrate that and create repeatable, successful deployment packages that encompass the entire network, that's what's driving [the sentiment of] ‘we hate IT, let's go to the cloud and not have to worry about switches and firewalls.’ I think that kind of cultural transformation within the network team has to happen if they are going to continue to be relevant and a part of the dynamic data center as it's evolving.

So what role do networking pros have to play? Do they need to open up their infrastructure to be manipulated by these scripting technologies?

MacVittie: They have to be aware that it's there, aware that it's necessary and form their own team of guys who provide access to other teams to do this. Or, as they look at refresh cycles, they should start looking at infrastructure in networks that has more role-based access to APIs. So you can say: ‘OK, you developers are on this VLAN so I'm going to let you mess with it. And whatever happens, it's your problem, not mine. But you can't touch the finance VLAN because it's very critical to the business.’ They need to become the gatekeepers as opposed to the dungeon guards.

How do n of capabilities of individu

MacVittie: I'm a developer by trade, so I would say play with it. But that's not feasible for most network guys. Most networking guys are well-versed with scripting languages but not with the development side that these APIs require. So they would need to ask vendors, ‘Do you have an open management API? And what development languages are supported?’ Conversely, they could go to their DevOps guys and ask, ‘What are you using?’ Then use that to evaluate. Say, ‘do you support these things because these are what we are standardizing on? Even though I don’t understand what Chef or Puppet or REST PHP-based API means, it's what I need.’ So they need to get that list together and ask those questions.

It's also important to look at some of the management vendors. Your traditional questions are still relevant and may become more relevant, because CA, IBM and VMware are moving into that space and becoming more aware that it's about managing the entire infrastructure, not about grabbing some stats via SNMP. It's no longer about a MIB. I have to be able to control you through a much easier interface, and that means doing traditional Web-based and REST APIs and scripting languages. These are things that networking guys may not be comfortable with, but getting that list together and just asking the standard questions is important.

(Sources - http://searchnetworking.techtarget.com)