Online Extra: Survival Guide, Marc Andreessen, expanded version

Marc Andreessen, Internet pioneer and chairman of Opsware Inc., can fit 90 minutes of insights into a 45-minute interview. He talks about as fast as technology changes.

Here are some additional observations from the co-founder of Netscape Communications, who talked with Washington Technology staff writer Brad Grimes.

WT: So how's your software used today in government?

Andreessen: Large government agencies have tens of thousands, going on hundreds of thousands of servers, and we think there's a need for a new generation of software to help automate a grid or utility-style backend to all these things. Our customers usually find that they can run their systems cheaper with our kind of software because we substitute for a lot of manual labor, but also they can roll out new applications and new services much more quickly.

The [Energy Department] uses Opsware for Oracle. They've standardized their Oracle provisioning, configuration management, patch management on Opsware across their whole organization. So if you're going install Oracle inside DOE, you're doing it through Opsware. What they're doing is enforcing a DOE-blessed standardized configuration of Oracle. Then Opsware tracks all those Oracle installations so when a patch needs to be rolled out, our software coordinates that.

WT: You mentioned patch management. Is the process of administering software patches getting any better?

Andreessen: Our customers typically have at least a hundred or more servers, usually a thousand or more servers. They usually have a group that is evaluating patches and vulnerabilities. And often they have different opinions about which patches are critical because a lot of it depends on what you're running in combination with everything else. The reason that no operating system vendor can solve this problem is that the problem is not just about patching the OS. You also have this other thing like Oracle running on top of it that may have been tested with that patch level or maybe it wasn't. So it's really a multi-vendor thing.

WT: In a dawning age of cross-agency communication and interoperability, could government agencies benefit from consolidating their infrastructure management tools?

Andreessen: In general, yes. It would give them visibility of everything and all their assets. Another advantage would be disaster recovery. If two agencies are running something like Opsware, then they can use each other's facilities and locations for disaster recovery if they need to. Or one agency could even be an outsource provider to another agency. If it's tax season and the IRS sees a huge spike in demand, they could offload some of that demand over to DOE, for example.

They could also leverage security knowledge. If there's an expert in one of the intelligence agencies that knows a lot about the criticality of patches, for example, the Department of Labor might want to take advantage of that, so people could share that information.

WT: But it's unlikely every government agency will run your software. How can agencies achieve all the advantages of consolidated infrastructure management?

Andreessen: Since we'll never run everything, we've worked with EDS and Computer Associates and others on something called DCML, which is Data Center Markup language. It's an XML-based format for basically integrating together systems like Opsware with other systems that are running in a data center. It's a way to describe what's in your data center, what's running on your servers, how they're configured, and output that information in a common format that you can load into a completely different system.