Recent blog posts

Why it’s no surprise that Nimble Storage has a Net Promoter Score of 85

In the Dark Ages of storage, we tended to focus on the brand with the biggest market presence, the brand that could be dubbed: “Everything Made Complicated”.  It worked – we made it work – but installation and maintenance were troublesome, upgrades were price-prohibitive and the sales process was reminiscent of 16th century piracy, complete with the swearing and cries for mercy from innocent victims.

At this stage, SAN was deeply entrenched as a smart and practical choice for Australian mid-sized firms looking for the cost-effective IT flexibility offered by virtualisation and storage consolidation.  

We moved to Nimble Storage at the end of 2012, when it was first available in Australia, in order to solve a specific customer’s performance issue, on the advice of our then lead engineer.  With some magic timing, we supplied the first pair of storage devices Nimble sold in Australia, to the Australian Institute of Management, where they continue to perform to this day.

As a director, I have a number of practical reasons for preferring to work with Nimble:  there is a good local team to assist with choosing the right platform; ordering is easy; installation and provisioning are both lightning fast, which saves $$ on engineering time; performance is amazing; training is quick and free; and ownership is easy.  These benefits are often unavailable from other brands, which generally translates into a cost increase for end-users.

But that’s just a management perspective.  Feedback from the engineers is more direct:

Support is amazing – instant response from a level 3 engineer makes high-end tuning easy

Support is proactive – with the AI smarts in InfoSight, the Nimble Cloud Management Platform, everyday challenges are often advised or resolved, without either the client or our teams logging an incident.

Everything just works – While everything ought to work, we all know that it doesn’t always.  With Nimble Storage, it all just works.  Every time. Nice.

Let me be clear here – we did not turn to the Nimble support team to fix issues with storage, as this works beautifully.  The support team is so proactive, they advise us in advance of issues with the other vendor’s technology – networks, servers and virtual machines – that are connected to Nimble Storage.  The analytics help us to spot VM and connection issues quickly, making infrastructure tuning so much easier. 

For the reasons above, we were not at all surprised when Nimble announced a Net Promoter Score (NPS) of 85 (I checked – they have held this since April 2016, so it’s not a one-off).  Here is a picture of how that looks in relation to the industry:


NPS is a big thing in the US particularly amongst US based technology firms. Everyone loves iPhone and they only have a score in the 60’s! 

While I can see why Nimble would actively promote their Net Promoter Score in the US, we have a better metric - 100% customer satisfaction from every single instance where we have Nimble Storage installed.  This includes museums, schools, building consultants, advertising agencies and general Australian business, both very large and medium sized.  100% satisfaction is remarkable and is something that no other technology brand has ever achieved in our experience at Nexus.

Please contact me if you would like to discuss storage. Maybe you think it’s time to slim down your storage and move some to the cloud?  Or you might be looking to improve performance or capacity in your office, data centre or your cloud. 

And if you’d like an independent reference, we can put you in touch with several IT Managers, who can tell you their Nimble story. I think you’ll be impressed.

Please get in touch if you have any questions or would like to know more.  



There are many good reasons why most Australian businesses are moving at least some of their IT infrastructure into the cloud, such as improved application performance, better security and lower costs. 

However, we must also consider what happens to those IT assets that are left behind, when all the others have been moved to the cloud. What assets should remain? Which solutions should we select and why?

At Nexus IT, we specialise in supporting Non-For-Profit organisations, such as registered clubs, museums, schools and others whose budgets are not “enterprise” but still need a solid IT infrastructure. This blog will answer many of the questions that are being asked by organisations such as these. 

So what is left, once you have moved to the cloud?

The essential physical IT assets required after cloud migration are security and the local wired and wireless networking.  

Our challenge is to find the best strategy to provision these IT assets so they cater to a multi-device, IoT-ready, security-first environment that supports teams with rapidly changing work-styles, such as BYOD, work from home or always travelling.

Which network vendor should we select?

At Nexus IT, we’ve thought about this a great deal and we have chosen to lead with Extreme Networks as our default network solution, for some pretty solid reasons: quality, feature set, price mix and because they provide the best support.

Let me elaborate on our decision making process:

The least known, best performance platform

Extreme Networks has been our first choice for some time, on a simple price / port / performance basis.  They provide line speed and quality switching for less money than their competitors, stretching your IT dollar further. 

This value proposition was further magnified in 2015, with the successful integration of Enterasys, making Extreme Networks the legitimate #4 player in the global network market. This merger created a fully integrated wireless portfolio and, most exciting of all, it emerged as an outstanding management and reporting platform that delivers insight, value and efficiency.

Knowledge is power - East West Networking

We are all familiar with the importance of deep inspection of the traffic passing through our firewalls (North-South traffic on the standard network diagram), yet many people overlook the criticality of the same information traversing the local network, sometimes called East-West traffic.

In a cloud-centric world, there are many benefits to having the capability of identifying the existence of application or network bottlenecks, and then showing the problem to a non-IT owner of a cloud based application. It speeds up communications, improves IT service and allows informed conversations with external service providers.

In a security conscious world, pinning down traffic within the network, but which may not go through the edge security, is a critical capability to identify and then block or apply policy, as this approach supports good user behaviours and prevents malicious or uninformed activity.

Next Gen support for any device, any place

While there is a great deal of talk about Software Defined Networks, most of it, in my opinion, is “IT Market Fluff”, because we do not need to write software to manage Ethernet or wireless connections.  However, out-of-the-box capabilities supporting automatic sensing of devices and application of access policy are powerful as they improve network outcomes and reduce the IT resources required to make it happen.

Quicker support at lower cost

Network visibility and automation of connections, coupled with industry leading capabilities in rolling out configurations locally and in the cloud, speed up network support, issue identification, policy implementation and ticket resolution.  Obviously, it is extremely beneficial to be able to solve problems faster using fewer IT resources.

Very long asset life-cycles

Extreme Networks knows it is a “challenger brand” and responds by offering industry leading compatibility with the directory, security and networking interfaces of the other vendors. This makes it much easier to implement Extreme with an existing network, either at the core, edge or across a wireless interface. It also allows for a staged introduction if that is required.  

Interoperability with existing silos and a “core-to-edge asset life cycle”, extends the value of the investment and the existing operational equipment beyond 5 years in most cases.

A Platform for the Future, but ready now 

The other top four players in networking all currently have massive challenges when integrating their network portfolios. They are desperately re-writing software and re-deploying product teams to create a single interface, in order to provide visibility from one screen across their wired and wireless networks. In contrast, Extreme Networks is ready now and still has an exceptional pricing model to meet the ongoing challenge of delivering “more for less”.

So that’s why we recommend Extreme Networks.

Thank you for taking the time to read this blog. If you found my views were useful, then please register your interest in attending one of our up-coming “Round Table” events, where we discuss the pros and cons of various technologies in an open forum. To join your industry peers, you can either use the “contact us” facility on the website or simply reply to one of our emails. 


Posted by on in Uncategorized

Where we have been staying close the GovDC requirements for our NSW Govt clients, it is unsurprising that we have started doing work in that space given the August 2017 deadline for some agencies to move infrastructure, systems or capability into that space.

Over the past decade we have done some of our best work for various NSW government aligned organisations, including government departments but more often some of the larger galleries and museums* as well as other not-for-profit organisations including education organisations and some charities.   This has given rise to a mature service model, delivered by consultants and engineers based in Sydney, with over a decade of experience serving the specific requirements of this customer set.  More recently a goodly proportion of this work has included moving these customers to the Microsoft Azure platform and Office 365, which has its own NSW Govt related considerations.

It has emerged that GovDC is an important central service centre for some key high level NSW Govt initiatives including SAP access to HR and finance systems. Agencies and aligned organisations that need this functionality will have some specific requirements to properly connect to critical systems, which we can now comfortably deliver for a reasonable fee compared to the market, based on recent experience.

Other functionality that might be useful or even mandatory include:

  • Hosted storage repositories
  • Interconnection with Office 365
  • Secure Gateways for VPN or direct connection to specific common systems
  • Virtual machines in shared environments

Needless to say, all of the above services require the security and connectivity to be above reproach, robust and with a meaningful support process in place to allow business as usual to proceed.

It is very pleasing that we have been able to so easily acquire another capability, with the accompanying NSW Govt certifications.  Cheers to the engineers, specifically Sachin, who lead the charge on this with clients and the GovDC teams.


*Musea is technically the plural of museum, but it looks odd written I think.

Posted by on in Uncategorized


we havent blogged for a while - been busy on projects and in particular some consulting (as well as some travel), but here's a quick round-up of the current projects that we have on the books:

- Microsoft StorSimple project for a major cultural/science institution, replacing HDS, and taking advantage of some clever archiving to Azure.  This project also includes a new RDS environment, Window 2012 Hyper-V improvements and moving a huge file system.

- New Nimble SAN and other core systems for a property management company

- Business and technical consulting for a leading advertising agency

- Completing a major co-lo upgrade, including an EMC Extreme IO SAN, Fujitsu Servers and other core vendors for a travel and hospitality group

- Engagement around managed service, making IT management easier and improving reporting and transparency for a large school

We look forward to some new announcements and getting back on board with some more general comments on the Australian IT Industry soon, once we have returned all those calls and emails + done our timesheets.


Posted by on in Uncategorized

I sort of promised myself more frequent updates on the cool plans and outstanding outcomes that the team here is generating, in the Nexus-bloggy-thing, but we have got caught up in that wonderful loop where doing things is more important than writing about them.   For anyone interested, here are some thoughts:

  • Best new vendor - Splunk.   Splunk is a terrible name for a call it of software, which 'listens' to your devices, by ingesting log files and other data streams, and then allows some amazing dashboard-y goodness, with an almost-simple query language generating some great visualisations.  I know that's not a great explanation - Splunk is one of those tools whose use case can vary wildly from IT operations, analytic, sharing data visually, compliance, reporting ... the list is too long.  Watch this space as we do some clever stuff with existing clients and publish some case studies on that in upcoming months.
  • Interesting Vendor - Pernix Data - Puts flash to work in a smart low cost way to rev up your IOPs in many VMware environments.
  • We has a long debate about why NFS (a network communication protocol) whould or should not be used in hyper visor deployments.  A key is that MS Exchange is not supported on NFS.
  • The Nexus Yammer Portal is up and running with genuine collaborative conversations as well as intra-office silliness.
  • Our friends Jake and Moheb got snapped at an industry thing.

Also this article on why Google + is way better at preventing trolls than, say, Facebook.





This article reminded me of many of the conversations that we have been having recently, amongst the confusion that the changes in the available solution set cloud has created.

I often find the conversation about 'cloud' circular and murky with the confusion of IT outcomes, commercial agreements and marketing blather making sense a rare commodity.   There is nothing new there.  IT vendors and the channel are happy to promote and chase 'the next big thing' in an effort to make market and hit budgets; and they are so good that sometimes the buyers get caught up in the hype, at the expense of meeting core business objectives.

However, we are amused that the boutique Nexus cloud offering, where we run quite bespoke managed services and infrastructure for clients, has better uptime that the three biggest and most advanced commercial cloud providers.   Sounds amazing?  Not really - the largest Cloud providers have had some major set-backs, days long outages and incredibly poorly timed service disruption.  Some of these are classic technology fails, usually as a result of the sheer scale and complexity of the systems that they have to run to host millions of sessions.  (Oh.  So your replication services took out the entire system?  Oops.)

Some, however, are the direct result of being a large target.

As a classic example of cloud, for over a decade have used WebCentral as a our hosting provider of choice for clients.  Providing a website has never been difficult and WebCentral were from the outset great and only a few dollars more per month.  As an aside, we stayed with WebCentral even when other less expensive hosting providers hit critical size, as the service console and support systems for partners at WebCentral were so much better, we all saved a great deal of time on administering client websites or mail systems against the competitors. WebCentral were and I presume are very successful and became the provider of choice, either directly or through, for example, a Telstra white label service to market leader.  They also became a large target.

And large targets get hit.   If you are partnering with a brand name cloud provider, look at their brag page with the best customer references; if your hosting or cloud provider has a controversial brand, a government department or a successful web-reliant service on it, it will get hit.  And I agree with the pundits who suggest this will become a larger phenomena as time goes buy.  From the article linked above:

The only commonality, in fact, may be the ease with which DDoS attacks can be launched. Experts like Molly Sauter, an academic and author of the forthcoming book The Coming Swarm, say that the process is childishly simple.

"Literally, if you have a credit card and if you're bored, it could be anyone," Sauter told Network World. "It's so easy to rent a botnet most of them are out of Russia and you can rent one for stupid cheap, and then deploy it for a couple of hours, and that's really all you need to target a major site like Feedly or Evernote."

We have had client lose key services including email due to political protests on Depts of Immigration and Defence when controversial decisions or policies were announced, and similar actions from various world issues like payment to outsource workers or similar were the news of the day.

Sometimes a smaller provider is the better one.  For this reason we have some hosting equipment of our own for flexible and specific boutique delivery, some smaller white label partners for quality specific IaaS & BaaS outcomes, as well as a couple of larger partners like AWS and Microsoft for more mainstream or highly compliant requirements.  Honestly, as a service focused business, where the infrastructure as systems we look after is located - your premises, ours or cloud - is less important than doing good work in a timely fashion.  The more it changes the more is stays the same.

More here:

As the digital publishing team at Nexus know, the metadata on a file is more useful that the content when it comes to automation.   This article on metadata use discusses something that looks to be a paradox; at a meta level, the content of communication is much less useful than the information about when and with whom the communication was.

"... because it appears that what we actually say to each other really isn't important. It's who we are saying it to and when that matters. Communications metadata is not a poor proxy for content. It's actually far more important than content.

Pentland makes the point that such knowledge offers real power, which is why privacy is so important. Understanding the interconnectivity of human relationships inevitably reveals the focal points of the network being studied. Those focal points can then be manipulated, through targeted advertising or other means, in order to influence the behaviour of the group.

Not many people realise this, which is why there's no huge fuss when politicians or corporations tell their electorate or customers, "It's OK, we're not reading your emails or texts, or listening to your phone calls. We're just collecting metadata: addresses, phone numbers, that sort of thing."

A more honest, accurate statement would be, "It's OK, all we're doing is metadata analysis to build up a comprehensive model network of relationships so we can accurately pinpoint the social connections between individuals and understand exactly who is talking to whom, when and why. That tells us far more about you than the content of your phone calls, texts or emails. And, should we so desire, makes it easy to manipulate your behaviour."

more here:

North Plains have released security patches in response to recent widely publicised vulnerabilities in applications services across the World Wide Web. Please refer to their channel announcement, excerpted below:


With all the attention given to software security recently (Heartbleed and the Internet Explorer bug), additional security audits were run.  Potential vulnerabilities in Xinet software were identified, all of which have been addressed in the patches. 


Proper administration of Xinet-based server systems and attached network environments lowers the risk of exposure greatly. However, ensuring that Xinet software is coded securely is also necessary.


Security hardening is a very high priority for North Plains product development. North Plains leverages the industry-leading Veracode scanning service to help ensure as many potential issues are flagged and fixed as possible, but given the shifting landscape, this is an ongoing effort.  



The patches are available from our server, at the following URL:



All servers, especially those with external-facing Portals, should be updated urgently. Please do not hesitate to contact us if we can be of assistance.

North Plains have produced a handy introduction to Xinet, the DAM system that underpins the creative workflow of many leading advertising agencies and design studios. 


The Xinet Demo introduces:

  • Remote production 
  • Workflow automation 
  • Seamless integration with Adobe Creative Suite
  • Versioning
  • High-Speed High-Resolution file handling
  • Artwork Approval
  • Simple Administration

For more details on how Xinet can be used to enhance creative studios, please don't hesitate to contact Nexus.



Posted by on in Uncategorized

Last Friday we had what started out as a little party at the office, with Sanjith Mohan having his last day at Nexus IT as a regular full time employee. Sanjith has spent the best part of the last three years leading the services delivery on our Network and Security practice, helping us simplify and improve the often over-complicated and arcane world of IP networking, edge security and fire-walling.

When it came time to say a couple of things about Sanjith, it was once again very easy to be complimentary.  Nexus IT authorises and empowers smart and capable engineers, which means that we completely trust them with clients and partners.  As good as our account managers are, engineers are the real deal; it was a founding concept that the best engineering team ever would have this backing by the business. Sanjith exemplified delivering against that, as well as delivering a new level of professionalism in his daily dealings with the whole Nexus community.

A couple of other things stood out that night.  The first is, as you can see in the photo, there were a bunch of engineers who don't work here (well, dont work full time, right now, is probably more accurate) any more ... but they came back to spent the evening with us and farewell Sanj.  I think that speaks to our success in building a genuine team culture here and it makes me proud.  

The second is that we continue to deliver on adding greatly to the individual skills and experiences of the whole team, although it is easiest to measure with the engineers.  Great vendor partnerships allow our suppliers to be a real part of our community.  An insistence on ongoing training and certification for everyone, builds skills - we need knowledge to deliver knowledge.  And we have client engagement that meets the technology and business needs, but respects the IT teams' time and organisation's budgets, forcing not just correct but also creative solutions to the challenges we solve and the answers we provide.

So as well as the fact that Sanjith has done the hard work and gained a Masters in IT from UTS off his own bat, we can be satisfied, and he was kind enough to thank us for, genuinely adding depth and breadth to his already excellent skill set.

Best of luck, mate, and no doubt - like the others who treat us like Hotel California, although you have checked out I dont imagine its that easy to leave.


Nice to see one of our longest standing clients YHA, in the press and looking good.  I often reference this account because the work of the IT Managers that we support there was so good that NSW based IT spread around the country.

To save a click, here's the article:

How YHA Australia reduced costs through virtual desktop infrastructure

Savings for desktop hardware refresh in Victoria, NSW was approximately $400k


Not-for-profit hostel accommodation provider YHA has reported financial and IT support savings following the rollout of virtual desktop infrastructure (VDI).

The not-for-profit needed a centralised architecture that would allow staff members to access data on their smartphones or tablets so that they could work remotely without the risk of data loss.

YHA implemented Citrix XenApp, XenDesktop and XenServer in 2011 and then developed a national property management system called Guest Centrix in 2012. This system is used at 94 hostels in Australia by 300 staff.

In addition, YHA began a staged merger process of its state associations in Queensland, Victoria, New South Wales and South Australia. Part of this strategy was to deliver shared services on a national rather than state level.



YHA IT manager Popy Bernado told Computerworld Australia that the drivers behind the Citrix deployment were cost reduction and a desktop hardware refresh.

“When we did the merger with Victoria, we needed to do a hardware refresh. We also needed to roll out a standardised operating environment because we wanted to be able to gain control.”

According to Bernado, the cost savings for the hardware refresh in Victoria and NSW was approximately $400,000.

Using VDI has also meant that YHA staff members can use smartphones and tablets remotely.

“When we had a distributed environment, the hostels would have local user names and backups. We didn’t really have the resources to do the due diligence to make sure that was effective,” he said.

“By rolling out the VDI we centralised all the data, user profiles and security centrally. There is no data stored at the hostel level.”

Follow Hamish Barwick on Twitter: @HamishBarwick



Tagged in: case study citrix

Posted by on in Uncategorized

We have some great office space available in one of the funkiest parts of Sydney. Not only that, but we can fully service it with IT: fibre, dedicated firewall, server infrastructure, support, reception ... We even have some furniture.



  • 213 Square Metres
  • Separate male and female amenities and kitchenette and completely air conditioned throughout.
  • Newly data cabled with options for hosted I.T services, internet inclusions and phone system and some furniture by negotiation.
  • Sublease until November 2015 or new direct lease.
  • Available immediately for your occupation.


If you are looking for short or medium term office space to house your Australian office, your search is over.

More Info here 

Contact Emma: Emma (at)

Posted by on in Data Storage

Update - this post has started smashing out the Google hits for Nimble SCOM integration - so hi, you are probably here because you would like some integration of Nimble Storage with your SCOM.  We understand that Nimble, who tend to include their software in the purchase price of the platform, will have something out ... timing uncertain, but feels like late 2014 to us here.   In the meantime, if you want our SCOM Nimble pack, happy to help out for USD $1000 (or for free if you buy your Nimble platform from the best integrator, Nexus.)  Drop me a note at sean dot murphy at if that's of any interest. Cheers, SM.

Phil Sharrat, our Nimble Storage guru and fearless engineer, has been hacking into the Microsoft stack to make Boot From SAN magic happen for a large Sydney based client, lately.  Having conquered those hoary challenges, he has now come up with what we think is a world first - SCOM Nimble integration.  Here's a sneak peak - Phil says:

Quick write-up on the SCOM / Nimble integration.

There are three rules at present that collect data from the Nimble. At the moment, it’s using static hard coded mappings but in the next stage I want this to be a dynamic discovery within SCOM, which will require no further configuration.

These rules pass property bags, which are large XML dumps filled with headers and data, back to SCOM, which receives this data after running the rule, and with specific criteria puts this XML data into the SQL database for later reporting.

At present we record Total IO Reads, Total IO Writes, and Volume Usage.

Markus Strazds has just moved from a five and half year stint as first a support engineer and then heading up the then new development team at Nexus.  Here is his note to us as he moves into a consulting and contracting arrangement with us that gives him room to move on some third party projects and heading up our 'Big Data for Small Business' initiative.   We publish this here as we think this captures the essence and the passion of a Nexus engineer.

When I came to Sydney six years ago. I had no idea where my future might lie. I had worked for companies overseas like British Telecom and AIG but hated it. I saw a unique job opportunity that offered career development and provided support responsibilities that seemed a perfect chance to realise my skills. I met with Emma, she loved me, and soon I was hired.

I started supporting clients like TPG, YHA and the MCA. I was provided ample opportunities to fix server issues that were mission critical in all of their operations, but moving from desktop to server support was intimidating. In the end it was ok as the engineers taught me so many valuable skills and provided so much support that I thrived. I am sure you can all agree that Tony is a perfect example of being an oracle of knowledge that can provide the direction and confidence to handle anything. And I thank him for all he has taught me.

After support, managed services and other endeavours, I shifted into a several roles that distanced myself from the infrastructure elements of Nexus to the software integration and development aspects of our growing company. We persisted and struggled through many lessons in project management, graphics automation and software development. Unknowingly at the time this transition started my second life at Nexus and one that I have thoroughly enjoyed since.

One of the most important things that I will take away from working at Nexus is one of my most cherished values today. Never stop learning. Nexus provides that. It always has. I think that you can all agree that the opportunity to develop your skills and provide them at an extremely professional level, amongst an exceptional group of engineers, project managers, principals, shadow directors, storage experts, network gurus, support wizards, client service masters and the occasional interrupting account director is second to none. The opportunity to learn about the fundamentals of client relationships, responsibility of service and the art of conceiving, selling and executing projects is unlike any other learning experience I have ever encountered.

John and Sean over the years have forged an exemplary company that I have been proud to be a part of and always will be. Their ability to create a working environment of collaboration, trust and responsibility is one that I hope to encounter again and again.

I want to thank Sean and John for their support and believing in me during all these years. Helping me to learn and progress my skills to the level they are today. Without their belief in me and my time at Nexus I wouldn't be who I am today. And I know through our time together, as tumultuous as they have been on occasion, I have forged friendships that I hope will last a lifetime.

And with this I would like to conclude.

IT in all its beauty is a constant learning experience. The moment you achieve mastery in one area you are a novice in another. Find what you love to do, and you will excel at it no matter what. This is true for everyone who is working at Nexus now and it will be for the people who will walk through the door, even if they don't realise it yet. Help them and nurture them as the people here have nurtured you.

Nexus means: 'a connection or series of connections linking two or more things.' Or a connected group. This couldn't be more true of us. We are all connected in learning, in sharing and developing our abilities to help teach and provide support to those who need it most. And we do a fucking good job at it.

Some words that will always stick with me often constituted late in our chaotic town halls are: "We have the best team ever.!" Although the message is true, I have never thought they have needed to be said. Nexus will ALWAYS have the best team ever, thats what Nexus is.

A team.

Thanks to you all, Good luck for the future and I will see you around.


Live long and rock and roll.

Markus us still working with us, albeit less formally; get in touch if you need help on a project - we'd be happy to help.

We are working on a migration of 150+ hyper-V virtual machines for a 1000+ seat organisation, moving the entire data and applications onto a new Nimble Storage SAN with a single expansion shelf.  For this customer, this meant going from almost two complete racks of traditional storage - they required that many spindles to deliver the performance required for applications, Exchange and databases - to seven rack units, which is less than 20% of a single rack.  The saving on rack space was compelling and the savings helped support the already very good business case for Nimble.

Moving a few months forward, and we are in the midst of migrating the Hyper-V hosts to the new storage platform, we noticed something very very cool.


As you can see from the picture there is 36% compression on the OS files (Boot From SAN LUNs, if you prefer), which are all that we have brought across so far.  (The engineers tells us this is "the hard bit").  However, what is not immediately obvious is that - using the correct vendor best practices - this 174 GB took up 960 GB on the old SAN; that is less than 20% of the previous number.  The 36% is misleading - so far we are saving 80%.  Cool.

The project is going well in any case, but moments of client delight like this ... priceless.

Posted by on in Uncategorized

Last week, in a discussion with our very smart Citrix field sales genius, Toby, he helped me with a better framework for taking risk out of projects with customers for running Proofs of Concept (POC).   The breakthrough for me was that there was such a thing as a pilot program, which is something different.

From the omniscient

A proof of concept (POC) or a proof of principle is a realization of a certain method or idea to demonstrate its feasibility, or a demonstration in principle, whose purpose is to verify that some concept or theory has the potential of being used. A proof of concept is usually small and may or may not be complete.

A pilot project refers to an initial roll-out of a system into production, targeting a limited scope of the intended final solution. The scope may be limited by the number of users who can access the system, the business processes affected, the business partners involved, or other restrictions as appropriate to the domain. The purpose of a pilot project is to test, often in a production environment.

So, where we have been talking about POC, we really ought to be talking about running a pilot program that tests some limited set of functions usually specific to a business.

There is something in the semantics here: the concept of nearly everything that we do is already proven, usually in a production environment.   However, we can understand that business may need from time to time to be able to better investigate a set of technologies and how they might work in a specific business culture.  Moreover, this is probably the best way to help with the successful introduction of a new system, acknowledging the change that is coming and gathering support and buy from teams, electing champions and informing the bigger scale roll-out that we are all envisaging.

We are also more and more careful to make sure that the mutual investment in a pilot program is rewarded by being very clear on what it is that we are proving, how this will be measured and what the metrics are around that - well implemented technology does what it is configured to do and being clear on that is the very best investment in success.



Posted by on in Networking

by Dan Bowen

I recently attended the APJ Aruba Airheads Conference in Macau. This was a gathering of WiFi aficionados and ethusiasts to discuss all things 802.11 and beyond. Present were many of the top engineers from Aruba HQ in Sunnyvale California; they detailed their latest cutting edge product offerings and offered insights into some pretty compelling advancements in the existing suite.

802.11ac is the big news in wireless at the moment and the term ‘Gigabit WiFi’ is being used in conjunction with it often. Wave 1 of 802.11ac offers throughput of up to 1.3Gbps with 3x3 MIMO APs like the Aruba 225. I got the chance to get up close and personal with this sleek bit of kit as all WiFi access at the conference was hosted on them. 802.11ac end-user devices are not yet omnipresent but some pretty big hitters like Apple and Samsung already have AC in some of their devices (Galaxy S4, MacBook Air etc.) and a key consideration is that the APs are fully backwards compatible supporting 802.11g, 802.11n etc. Also the processor and antenna design have been revised to provide significant performance boost to none ac clients so you will see results straight away.

ClientMatch is the technology that impressed me the most with it’s ability to place clients on the most suitable AP based on multiple factors giving the user a tangibly better WiFi experience. For instance iPhone are notoriously sticky clients as Apple have configured the OS not to actively seek a new AP until signal quality is relatively poor. This is to save on battery as the scan for a new access point is a battery intensive operation; the drawback is that clients will stay connected to an AP on a low bit-rate when there are more suitable APs closer by offering a better experience. ClientMatch resolves this problem. It is crucial feature to gain the most out of Aruba 225 access points but the beauty is that it is fully compatible with all other Aruba APs and controllers in the current range and will be available in 6.3 of the Aruba OS which is currently available on beta and will be on general release shortly.

Apps are king in the smart phone and tablet world and in the last few years Aruba have started to offer solutions to different problems around this space. AppRF will be available in version 6.4 of the Aruba OS and offers integrated visibility and control directly on the controller over apps like SharePoint and Salesforce. This advanced app level QoS empowers you to make sure your wireless bandwidth is getting to the right places. There are also APIs for Microsoft Lync to amongst other things provide real time reporting on voice and call metrics and Lync aware RF management e.g. Aruba Adaptive Radio Management (ARM) will not switch a channel an AP using mid Lync call to ensure the quality of the call remains high. 

Aruba ClearPass is a virtual appliance that lets you create and enforce policies that extend across the network to devices and applications. It Is something I have implemented previously for a number of our clients to provide sophisticated and highly customised guest WiFi authentication workflows via captive portal as well as staff authentication via RADIUS with Active Directory.  Visitor Management is just one module of ClearPass though as it also does MDM (Mobile Device Management – OnBoard), MAM (Mobile Application Management- WorksSpace) and device health management (OnGuard), as well asproviding lots of other NAC (Network Access Control) functionality. It is basically complete end to end BYOD solution and I will be shortly implementing a PoC here at Nexus to test out some of the cool features I have not yet explored. I should point out that OnBoard and WorkSpace are currently only available for iOS but Android support is due to follow.

Instant has been around for a while now. It is a simple yet scalable wireless solution with no physical controller required as a lead access point acts as a virtual controller. It can be setup in literally a couple of minutes and administration is very intuitive, it’s an enterprise class WLAN with the ease of a home WiFi solution. It’s not the perfect fit for everyone; for instance the sys admin who wants to tweak their radio profiles to the finest detail is still going to be better going down the physical controller route, but in a lot of cases it’s a winning formula. No subscription is needed for Instant but if you have a requirement for rolling out and managing WiFi at lots of different sites then Aruba have a new cloud subscription based central management solution known as Aruba Central, perfect for branch sites with little infrastructure. I have just signed up to a one month eval of this service and will be having a play with a couple of spare APs I have knocking around the office, so maybe more on this in a later blog.

Aruba Activate is another new Instant related service being offered and is free of charge.  It is a zero touch roll-out process where an AP is pre-cofigured to connect back to Activate and pull configuration as soon as it is connected to the internet. This means none technical staff can easily deploy devices. A none too shabby idea if you ask me.

Location services are another hot topic in WiFi so the Arbua Location and Analytics Services presentation I attended was one of the most interesting. The opportunities to tie free wireless access in with other services are pretty much endless. Geofencing (contextually relevant info, offers triggered by location etc.), asset tracking (keeping an eye on expensive equipment, say in a hospital) and way finding (help customers get from A to B with a custom mobile app) are just a few. Aruba Networks have recently acquired Meridian to offer such a solution. Nexus have previously helped MCA implement a bespoke geofencing solution to allow their patrons access to exhibit information on their mobile device as they walk around the galleries and this works very well underpinned by custom radio profiles on the Aruba controller, but if I was to be involved in implementing this now Meridian would not be far from my thoughts.  ALE (Analytics and Location Engine) is a virtual appliance that works with Meridian to provide usage stats such as how long a client spends in a certain location or which order they visit areas in. This sort of information is great for assessing building layouts, which products, exhibits, attractions etc. are a success etc. It’s mobile intelligence at its best.

As you can see, WiFi and the related ecosystems are evolving quickly and Aruba are at the forefront of this. This event was a great way to keep abreast of these advancements. My only complaint about this congregation of air-geeks is that Aruba didn’t choose to hold it in ... erm, Aruba. Right dodgy puns aside, I’m off to implement tip number 7 from the ’Top 10 Tips from TAC’ session. Maybe I should get out more.

Ed - this is by our very own wireless ( + storage + apps + more) guru, Dan Bowen, surfin' Mancurian-Aussie engineer.  Small edits by SM, so any errors likely to be mine.  Aruba kindly paid Dan's conference fee and accommodation, Nexus paid the airfares as an investment in making sure we are at the forefront of wireless and how it support BYoD and contemporary user computing.

Tagged in: 802.11ac Aruba MAM MDM wifi

Posted by on in Uncategorized

Late yesterday evening, in a grand black tie gala event in the packed Sydney Hilton Hotel Ballroom, Nexus won the prestigious 2013 ARN SMB reseller of the year.  Our submission outlining how we have really gone the extra mile to look after customers, and to drive value in our engagements, was voted by an independent panel of judges to be the best of 2013.


Thanks to the teams at Nexus whose culture, engagement and sheer bloody brilliance have earned us a reputation such that leaders in telecommunications, vendors, distribution and the panel of channel hall of fame winners who backed us.  Thanks too to those partners that we work with that understand our need to go the extra mile for customers and support us in various ways small and large.  Big call out to Nimble Storage here - there were messages from everyone there that I know in my inbox this morning (when I was only just recovering from proposal writing overload for some great stuff with you guys) and the rest of the friends-of-Nexus who have cheered, helped and supported us.  It means a lot.  We appreciate your support.  Our customers probably don't fully understand how important it is to have an engaged channel to really look after them.

Finally, I am quite sure that my business partner of the past decade @johndobbin is quietly satisfied that this little IT integration business he founded in 1997 has grown up and found respect and admiration from its peers - well done, mate.

We know that, in the nicest possible way, we are geeks.  I present as evidence that fact that we email each other about internal password security, frequently. I promise we wont talk about it too much if we are ever out for a coffee with you, unless you ask us to.

Today, Richard, one of our senior digital publishing engineers and a password maven of the first order, shared this post about ... insecure ... management of passwords in Google Chrome.

This is well set out in the blog, but the essence of the challenge is that if you (or anyone with physical or proper remote access to your computer) go to chrome://settings/passwords then you can click the "show" button and see what your passwords are.   (an aside - this was amongst the more popular posts on nexusnet; for unimportant sites my passwords are long).  This is what it looks like, to save you a cut and paste (and if you want to miss the opportunity to see all the passwords you haven't entered for ages as Chrome does it for you).



There is a response and the usual discussion board semantic nonsense here which doesn't do much for the argument, for either side, except to point out that all password saving in browsers is insecure, although this is not clear to the casual user.   I don't believe that Chrome is a bad browser or it's developers misunderstand security - neither is true in my view, and I prefer Chrome.  The fact is that allowing a browser to save passwords is a bad practice - the ease with which you can reveal them in Chrome is just a sideshow.

The solution is to use a secure password manager to create and manage passwords.  You get real password security as well as the convenience of auto-filling passwords, although there is a lot of mucking about changing passwords and fishing out conformation emails and such - worth it to secure your online identity in our view.  Some of the engineers here swear by LastPass but it find it a bit of a pain and will be moving to give 1Password a go.  Let me know if there is another practical solution, without an enterprise implementation budget.

It is very easy to focus on the business aspects and the glossy brochures when looking at a wireless solution, but all the technical stuff around 2.4Ghz vs 5Ghz, 802.11a/n/g, 20/40MHz is important when setting up your network and making sure that the user experience is the best it can be.

In the last few days we’ve had to look at a few issues around wireless and some performance problems people have been having with their wireless configurations.  The wireless worked well enough – since we implemented the Aruba Networks hardware, the office wireless has been rock solid – engineers being what they are, there was a chance to make it better.

And better it became – Jodie, the Account Director, hugged the engineers when everything went five times faster!

To start, one of our senior engineers, Phil, talks about some of the real world outcomes from those specifications:


There are the two spectrums available for nearly all business grade wireless access points (APs). The best APs will support both 2.4Ghz and 5Ghz, usually called ‘dual band’.  Both these spectrums advertise the same speed, but is one better than the other?

Here is a list of the available channels on each frequency:



Frequency (MHz)

Most of world
















































40/20 MHz[8]



















































































The reason that some of these channels are not available in Australia is that they are reserved for use by utilities and authorities,

This is a visual representation of the 2.4GHz spectrum, where in an ideal world it actually has 3 channels available to it:


Here is why:


Each arch above represents a 22MHz “band”, where WiFi operates. If your device operates on channel 1, it actually transmits on frequencies from 2.402Ghz – 2.424Ghz.  However, channel 2 will transmit on frequencies from 2.407 – 2.429 Ghz, overlapping frequencies 1,3,4,5, and 6.

Channel 1, however, only overlaps frequencies 2,3,4,5.

The impact of this is, since WiFi is a PTT (Push-To-Talk) medium, it requires that nobody else on its channel is talking before it can. The ideal setup for WiFi in 2.4Ghz, is if everyone runs on either 1,6 or 11, as these will have the least impact on other channels.

This doesn't always happen though, as shown in the next diagram which sets out the Wifi configurations at our office,


Already you can see a few different wireless networks competing for the available bands. Most stick to the 1,6 or 11 bands, and don’t waste bands, however, 1 (white) band is operating on channel 4. This means that whenever any devices on this AP talk, they not only stop communication on channel 1, but also channel 6.

This means that there is contention and congestion on the main networks Nexus would use if we left it in a default configuration on the 2.4Ghz band.


Here is the same WiFi scanner on the 5Ghz spectrum:


This is only a slice of the spectrum, but as you can see, it is far less congested than 2.4Ghz, in fact, the only WiFi devices operating are our own;, we don’t suffer contention when another device talks.

This is a view of the whole 5GHz channel:


As you can see there are far more channels available, and from the previous diagram, there’s far less existing traffic on the channels. Therefore, when devices are moved 5GHz, they are no longer competing to talk on the desired channel.

20MHz vs 40MHz?

This defines how many channels the AP will occupy. From the 5Ghz frequency, you can see you will easily fit in a few 40MHz APs, however, 2.4Ghz, being only 60MHz wide in total will only fit 1 AP at 40MHz. The problem here being, nearly all the other channels will conflict with this “Wide-band” channel, and your wireless network can actually perform worse, in congested areas.


So, with some very well informed tweaking, and an understanding of what is going on under the hood, wireless isn’t just wireless – it can be made to perform much better that the out-of-the-box configuration that most implementations comprise. Happy staff and faster access drive efficiency and that is what we are here for.


For the above technical stuff:

On our site and our partners:


Aruba Networks, Nexus' choice for excellent partnership with client and ourselves, superior hardware and industry leading software.

ClearPass from Aruba, for Enterprise Vendor Agnostic Network Management and BYoD done right



Contact Us

Nexus IT & Communications Solutions
2 Verona St, Paddington NSW 2021
PO Box 433, Darlinghurst NSW 1300

02 8669 9000
02 8669 9091
This email address is being protected from spambots. You need JavaScript enabled to view it.

Sales: 1300 311 002
Support: 1300 558 506