Well, thank you very much and thanks for coming. Welcome everyone to the IT State of the Union for 2006. We've got just a ton of stuff to cover, so I'm going to dive right in and go through it. Agenda for today, number one, I want to spend some time talking about Apple's product strategy for business.

And I know there's a lot of IT people in the audience today, and Apple is not a new player in the IT business, but we've been getting a lot more attention lately. So I want to talk about that. Second, I want to dive a little bit more deeply into Apple's security strategy and process. And security is, of course, top of mind for any CIO or IT person today. Security for Mac and Apple has been in the news a little bit lately, so I want to go through that. And then we're going to go through some examples of some markets where Apple has been playing for a while, some established markets that are in the IT space, and we have some great customer examples to take you through, and some customers who have been kind enough to come and share with us what some of their challenges have been in IT and how they've used Apple solutions to meet those challenges.

And then finally, we're going to spend some time diving deeper into XServe and Mac OS X Server. You saw a little smattering or preview of it in the last two presentations. We're going to go a lot deeper into that. And then finally I'll give you some ideas on what else is going on at WWDC that's specifically designed to be of interest to IT people.

So Apple product strategy for business. And as I mentioned, we've been getting a little bit more attention lately around our enterprise use of our products. This is from Federal Computer Week. This is when you think about Apple computer and Macintosh systems, you probably don't think about servers, but think again. And this increased attention is partly, and honestly, I think due to the fact that we've transitioned to Intel And for whatever reason, I think there are people who feel maybe more comfortable in the IT space with Intel. But really, I think what's driving this is that we have a complete platform that is tuned for business. Starting from Mac OS X, which is, of course, Unix-based, fits in very well in the server room as well as on the desktop. On the desktop, we are really the only environment that combines the power of Unix plus the ability to run Microsoft productivity applications on that very same desktop. A very nice suite of pro applications for companies that either have it as their business to manage media or, as more and more is true, it's part of your business to manage media. And the Apple applications for managing media are really second to none. Servers and storage, of course, since we've introduced our 1U server product and now, as you've seen, are transitioning that to a quad Intel product, that is going to be, I think, of increasing interest to people who are looking for not just a nicely designed, nice appearing product, but a product that actually fits into the server room and gives you the price performance that really drives everything there, especially when you start looking at heating issues. and you saw some of the heating information earlier today. We're going to go a little bit deeper into that. Service, of course, Apple provides world class service for our products, sales, pro sales service and support that really is tuned for businesses and what businesses need. And then finally, none of this works without the software and the software produced by the people who attend this conference. We're at 22,000 titles and growing. In addition, of course, we have a large number of IT solution partners, many of whom are represented here at this conference. People like Oracle, SAP, TIBCO, Cisco System, some nice point solutions, for example, Backbone for enterprise level backup of data. A lot of partners that were helping us bring the Mac into the enterprise.

So what do we focus on when we look at how the Mac fits into business? Well, let me go through that. Number one, since Mac OS X has come out, we have been extremely standards-based, open standards-based. And that's everything from standard networking TCP IP to standard protocols like IMAP and LDAP for directory service to standard file formats like XML. And this has led to incomparable interoperability. The Mac will fit in everywhere.

It's Unix-based, so it fits in the server room. We run Microsoft file formats and productivity applications, so it fits on the desktop. Even to the point now with Boot Camp, where you can boot up and have a dual boot system that boots both Windows and Mac OS X now that we're Intel-based. So I think it's hard to find a more interoperable system on the planet. And as you saw earlier today, we are focused on price performance. And we know this is important to everyone in the business space. At the end, it's dollars and cents.

How much can you do for how much you spend? And as you saw earlier, this is a key focus, and we think we do very well in terms of just dollars and cents you have to spend to get a certain amount of performance. And we'll go into a little bit of that, how we get there, how we design our hardware to do that a little bit later on. Open source, I want to spend a little bit of time talking about the importance of this. I believe the statistic is that 83% of all businesses are now dependent on open source. Open source is part of your job if you're a CIO today. You really can't run your web servers in the most effective way if you don't use open source. And we'll have some of the customer examples talk about that. Today we're really pleased to announce that we're expanding our open source efforts. As you know, a large number of those 83 million lines of code that Steve talked about are open source software. And we're announcing today that we are including, starting with 10.4.7, going to put the buildable kernel sources for Intel-based Macs on the web.

You know, we waited until we're complete through the Intel transition to do that, so we thank you for your patience, those of you who are questioning out there, but we think you'll be really happy with the results. We're going to include the EFI extensible firmware utilities along with that. Also, we're announcing that we're moving to Apache 2.0 licensing for some of our components. The iCal server that was mentioned earlier, that's a brand-new project using the CalDAV calendar protocol. Bonjour is going to be moving to Apache 2.0 licensing from APSL licensing. And LaunchD, which is for managing daemons and processes at start time based on XML file descriptors, that is going to be moving to Apache 2.0 licensing. That's going to make it even easier for others to include those components as part of their open source distributions part of their products in the same way that they would include an Apache web server or some of the other Apache components.

So Apache 2 licensing for those components. Finally MacOSForge.org is an Apple-sponsored website that is going to be hosting these projects along with other projects such as WebKit that is used in Safari, an open-source WebKit used in Safari. And MacOSForge.org going to be the successor to Open Darwin for those projects that want to move to macosforge.org. So stay tuned in this space. Open source is very important to us as part of our strategy, and we think it's been very effective as well. Finally, as we think about putting Macs out into businesses, security. And I'm going to delve into a little detail on this. Security has really always been important to Apple when we design our products and it's not just a feature that you slap onto a product. It's actually there's a strategy around it. There has to be actually a process around it and I'm going to talk a little bit about that. But before I do that a couple myths that I want to debunk. Of we think that Macs are invincible.

We know that Macs are not invincible. I'm sure all of you know Macs are not invincible, but somehow this always ends up making headlines that, oh, Macs are invincible. Write a headline. We know that we're being targeted by hackers, and we are very cognizant of that, and that is why we spend a lot of time in our product design, in our product review in the way we design our user interfaces and the way we respond to issues when they appear, to be very proactive about that. Macs are secure because of small market share. Again, we know that the hackers are targeting us. It actually doesn't take a very big bot net or what are called bot armies for a hacker to make a lot of money. They can make money off of a little botnet of 5,000 machines or 10,000 machines and go run a DOS attack against someone and blackmail them. So what is really happening, the hackers are targeting wherever they find weakness. And it's our job to make sure that the Mac is not weak. We actually have a very good track record there. I'll talk a little bit about our strategy and our process for achieving that. And finally, the myth that PC users are smarter than Mac users about security.

And I think running those commercials and talking about security probably brought this out. I don't know where it's coming from, and I probably don't need to talk to you guys about it, but obviously both PC users and Mac users span a large spectrum in terms of their sophistication about security issues. One thing that is different, I think, is that we spend a lot of time making sure that the security features are very easy to use for our users. So that, for example, we've always had, since the day one of Mac OS X, a very easy single button security update process. So as a result, our users actually keep their systems up to date and always have with Mac OS X, and we think always will because we've made that so simple. paid attention to ease of use. So our security principles are actually very simple. Number one, good security starts with design. It's not something you slap on. Number two, good security is easy to use. Security that's not easy to use doesn't get used. Number three, good security continues to improve. It's not a one-time deal. It's not a one-shot. It's something that we are continually paying attention to with every release. So design. Of course, it helps a lot to start with a good OS. And Unix has been really a blessing for us in terms of a starting point for security. It's not the ending point, but it's a great platform on which to build. And we believe a lot in defense and depth. That means layered security. Includes the hardware security features of the CPU, memory protection, which is also a hardware issue. User authentication and privileges, which come with Unix, but we've added on with ACLs over time, and we continue to leverage that. Data encryption-- that's not just data encryption over the net with SSL, but things like FileVault that allow you and your employees to keep their data secure on their system, even if it gets left on the seat of a taxi. Limited application privileges-- let's make sure that that application only has the privileges it needs to run. That's part of defense in depth.

And then finally, network protection. And that is not only things like built-in IP firewalling, which is there built in in Mac, but things like detecting when executables are being downloaded and giving users a notification that, hey, did you really mean to download an executable? Do you want to think about that before you actually load it onto your disk? Those features are things we think about a lot and think about how to make them easy to use. Security and ease of use are integral. There's nothing worse than, by analogy, a home security system that's too hard for the homeowner to use. Now, I'm sure they don't make anything like that ever, but it just doesn't get used. It gets left turned off. And we're very cognizant of that and spend a lot of time with the Mac thinking about how to make the security features transparent to the user so they know what's going on, so they feel comfortable turning those features on, or more often than not, having those features turned on out of the box so that when a user unpacks the system and first plugs it in, it's got those security features turned on. And then finally, making it easy to keep the Mac secure by making security updates simple to install. Then finally, we're very proactive about making sure that issues don't become problems. Jumping on theoretical exploits as they become publicized, as people find them at Black Hat conferences or whatever. Making sure that we do timely updates. don't wait for the next month to roll around we do our updates on an as-needed basis I know that there's some controversy in IT shops you know wouldn't it be easier if we could have our security updates scheduled on a monthly basis or something like that we actually think it's better to get those security out updates out as soon as we can get them out and not wait for the next month to roll around.

We work very closely with the security community, so that includes people like CERT, ORFIRST, the global response community, the FreeBSD security team for the OS. We work with the Department of Homeland Security. Security involves a lot of communication with all these groups, and again, we're very proactive and have a whole process for doing that. And then finally, I mentioned doing the response and the quick update when needed. We've done 34 in the last five years for those who are keeping count. This is an ongoing process that I think we've actually gotten pretty good at. And then finally continuing to innovate in areas that will stop these issues before they become a problem or provide features like FileVault that allow users to keep their data secure.

So talk a bit now about Apple's established markets. And as we move out into the IT space, there are some markets where we've been present all along and actually provide great examples of how IT challenges have been met and met with Apple solutions. And we're going to have some examples of that today. Examples of our established markets-- education, design, pro audio and video, science and technology, government. Some of these are enterprise level deployments. For example, education has some of the largest institutional deployments around that would give any Fortune 500 deployment a run for their money. And of course, government tends to be large as well.

I need to say no more. Design, pro audio and video, science and technology are both examples of smaller medium sized businesses, but also are oftentimes a portion of a large enterprise. So in pharma you have the science and technology desktops where they do these days genetic engineering. Or in many Fortune 500 companies you have the, you know, IT shops first experience with Max was in the audio and video in the creative services in that shop and they had to make those fit in with the rest of the corporate IT infrastructure. So the first one we're going to talk about is Apple on Campus. And as I mentioned, you know, the campus IT administrator has all of the same issues that any IT administrator has, plus some. And, you know, they are dealing with the mission of educating their students, not just making money. They have to be on the leading edge in order to take advantage of the technology that's out there.

The kinds of products we produce make creation by the students and the teachers very simple. Even things like iLife add to the ability to create for the students. Broad distribution, campuses are highly networked. They need to get their content that's created, whether it's courseware or student work, broadly distributed on the campus. So that means XSERVs and XSERV raids. And then finally, mobility. And this is an area where education is a leading indicator.

Education was the first place we saw that laptop volume was going to surpass, and it already has by a large margin, desktop volume. And this will hit the rest of our world as well, and is in the process of hitting the rest of our world. But even beyond that, hypermobility with the iPod, and you find large numbers of students and teachers innovating with how to integrate the MacBook, the MacBook Pro, and the iPod for a complete learning environment. So here to tell us a little bit about that is I'd like to introduce Anton C. Harfman, who is Associate Dean for Technology and Facilities at the College of Design, Architecture, Art, and Planning at University of Cincinnati. So welcome. ANTON C. Thank you, Bud.

Thank you so much, Bud. And I really appreciate the honor. It's such an honor to present here. And let me start off by apologizing for the tie. The College of Design, Architecture, Art, and Planning is four schools with a total of 13 programs. The College of Design, the College of Architecture and Interior Design, the School of Art, and the School of Planning. I'm sorry, those are all schools. It must be the tie. This is a quick tour of our building as well. As you can see, there are no right angles. If you're drunk, I'm told the building does look straight. It's the first building on the university's master plan. We have 2,400 students in our college with 110 full-time faculty and 30-plus staff.

The University of Cincinnati itself is a Research I institution with 35,000 students. It's a very design-rich environment. We have a really broad collection of contemporary signature architecture on campus that makes this a really incredible environment. This has all recently been done in the last 10 years. I'd like to start with the history of Apple at our college.

And the history begins in 1999, when we were unable to keep up with the pace of technology, and we couldn't afford to maintain all the labs, so we asked our students to bring their own personal computers, which they did. They brought every variety of, as you can imagine, Gateway, Heathkit, and so on. Only four students in our program in architecture chose to bring an Apple. Huge monitors sitting on these drafting tables made it impossible to build conventional study models or do large drawings. And then furthermore, the studio faculty, of which I was one, were spending all of our time solving IT and network issues and no time teaching design. Well, I marched right into the chair's office and said, we're either going to drop computers from the curriculum or we're going to move to a laptop environment. And we're going to do it with one platform only. It was a hard sell at first, but as I made the argument, they seemed to go along. Architecture, graphic, and digital design all went that way, and that was a good chunk of our student population in the college. And all first year students in those programs came with PowerBooks. The others in the college came with other stuff.

The argument was pretty easy to make. They're minimal IT. We didn't want to invest in IT in the school. We'd rather have another faculty member. They were very intuitive and very powerful and graphically interesting to use. And moreover, they were well-designed. If we're a college of design and we're interested and curious about design, we ought to be using well-designed products as well. Practice what you preach, in other words. The first wave of this laptop tsunami, of all of these laptops arriving on our doorstep, forced us to change some things critically right away. The administrative structure just wasn't working. We had these silos with individuals reporting to other individuals, and when somebody in their area wasn't working, they were picking their nose. We immediately moved to a horizontal structure, made it more team-like, and fit a little bit better with the academic model. Physically, we were able to reduce our labs one per year with every new flow of laptops from six mediocre labs to three high-end labs. The third one I didn't show a picture of because it's the other one. So these are two of our high-end labs. And the other thing that's interesting with this many laptops in the building is any classroom is by default now a computer lab. The students all have really pretty good computers and wherever we are, we can make this a lab. So they sit there and have lab right in any classroom. We teach a lot of classes that way.

In architecture, it allowed us to get smaller desks because no longer are they doing these huge drawings. They're doing all of their stuff in Photoshop or Illustrator on their small laptops and printing out really huge plots and pinning those up. So we could get by with smaller desks, increase enrollment, more revenue, yay. So, the curricular changes that we found necessary to make was to teach IT fundamentals across the college at the freshman level as well. So, in our first year, all 520 of our freshmen take the freshman class. They all sit in this room. It's quite amusing. It cuts across all 13 disciplines, and they learn basic things for the full year. They're learning things like basic fundamental graphic skills, 3D motion, and web applications. This obviously is not a first-year project, but this student was once a first-year student. Other curricular changes. In architecture, we teach this immersion studio. It's one course, 18 credits, totally integrated content.

So the only way to manage all of this was we forced our students to subscribe to iCale so that they could tell what's going on every week or every day or every hour for that matter. As you can see, that second week is pretty intense. The second wave of the tsunami allowed us to make some critical changes in the infrastructure and the virtual space. In the infrastructure, we did an evaluation and decided to support all these laptops. It would be advantageous to move to XSERV and XSERV RAIDS. So we chose them because of the hardware monitoring, the headless installation and management, as well as the swappability of the hard drives and the flexibility that gave us and the availability. The XServe X-Rays, we have currently 22 terabytes of available storage. We give each of our students 4 gigabytes of storage. The video students, it's basically on demand. Most of them get about 100 or 200 gigabytes. They're very powerful and very easy to set up. Furthermore, they're managed by one IT person for all 1,200 students in the building, as well as all the Macs in the building. He's sitting right over here. His name's Pete Akins. If you have questions for him... Thank you.

at the at the it reception he'll be there to answer all the technical questions since i have no clue what i'm doing this has allowed us also to develop a portal and management infrastructure as well we use out-of-the-box solutions like samba open ldap kerberos and so on and most importantly we use an alter apache mysql and php which come native on the machines and we use those basically to develop our own intranet. We are not really totally satisfied with the university's purchase of the web portal for the student body at large, so we've been developing our own home folder and web management and course management system.

We call this DAP space. DAP is the acronym for Design, Architecture, Art and Planning. We have our own discussion and bulletin board and wiki based web content management and a whole bunch of other features to integrate other databases like facility asset enrollment management as well, and we custom develop these things as we go and as we need a new tool. Culturally, as you can imagine, this has had a huge impact on our college. Seventy percent of our students come with iPods.

100% of them, though, have laptops, so they're all podcasting, so it's just a question of mobility. But they all have laptops, and they're all downloading podcasts of lectures and music and so on. Wireless, sort of, I say that because there's a slew of people on the side here who are all plugged in. We have the same plague, even though we can download anywhere in the building, you can't recharge anywhere in the building.

While we're speaking, the electricians are adding about 100 outlets to the public spaces of our building so that the students with their laptops can recharge. And I'd like to end with this last two slides here. If you draw your eye to the right side, upper right-hand corner, you'll see one of our newest students. Ethan, and he is a sculptor that resides as the concierge in that great hall in our building. And the interesting story here is that the dean, when he entered the building after the weekend that it was installed, really thought it was real and yelled at him and said, "Young man, you come down right now," and went and called security. Until someone told him he's not real. Even with a faux plug, the students tried to plug into the false plug there for quite some time, which is why we're adding these other ones. So thank you very much.

Thanks a lot. This next customer is going to be very interesting. This is actually all of it says Apple in the studio and it is Apple in a studio production environment, but it's actually a story about availability and scalability. And of course, most CIOs understand that when you're near the end end of the quarter and you have to close the book up time becomes super important if you're down you hear from the CFO the CEO but nothing compares with a production studio environment where your deadline based and that's what we're going to hear about 24/7 availability is is an absolute necessity as well as scalability so that you can have appropriate fault tolerance and appropriate performance to meet the needs. So of course Apple is well entrenched in the studio market with products like Final Cut Studio and Logic Pro for sound and you know rock-solid SAN servers and XServe and XServe RAID for meeting the needs of that market. I'd like to introduce JJ Franzen who is CIO and technology supervisor at South Park Studios. So JJ.

Thank you, Bud. As Bud said, I'm the technology supervisor for South Park Studios. Some of you are probably asking, what does that mean? That means I have the coolest job on the planet. I get to play with all the toys, the render farm, the file servers, the workstations, even Matt and Trey's Xboxes. I touch it all. I get to play with everything. Another cool aspect of my job is I get to know how everyone else does their job. I get to look over the shoulders of the artists while they sketch new characters, while they animate the other characters, while they record audio on the audio booths. I get to be part of every single thing and see how the episodes evolve over the course of a production. I'm also the guy who writes all those little pieces of glue that a production requires to make things flow smoothly, to get data from one part to the next and so on. But if I've done my job properly, while we're in actual production, I'm the digital equivalent of the Maytag repairman. I sit there and do nothing, waiting for something to break. Hopefully nothing ever does. So let's go over the production process of making a South Park episode.

South Park began as a cardboard cutout, stop motion animated short that then was decided to make a TV series out of. But the pilot for that TV series took over 2 and 1/2 months to develop. Obviously, they couldn't do 13 episodes a year at that scale, so they had to use computers. So we developed, over the course of nine years now, a production process that is very streamlined, very organized, and very, very fast.

First stage, the script. Most animated series, or most TV series in general, start with a full script before they do anything. We get a few pages. We get those few pages Thursday before the Wednesday it airs. And we get a few more pages every day after that, so we literally don't know what's going to happen from day to day. Not until Tuesday around 9:00 or 10:00 when we get the final pages of script.

After we get that script, we begin the storyboard process. And that's where we take those texts and we actually convert them into images. We'll do a comic book version of the episode to see how things looked, how things are staged. This is also where we design our characters, our backgrounds, and color design. While that's going on, Matt and Trey will go into the audio booth and record all the dialogue for the show. They even do the females because you never know if the audio is going to change. So we don't bring our females in until the very last minute.

Once those two stages are done, we begin the animatic stage. And that's where we take the audio and those individual frames of the storyboard and time out the still frames to the audio. This gives Matt and Trey a chance to see how things are flowing. It also gives us a chance to see how long each shot needs to be for animation. While the animatic stage is going on, we have the setup stage. That's where we take those character designs and background designs and locations and model them, get them rigged, get them going, getting prepared for animation. After that's done, we go to lip sync. Lip sync is the thankless job. This is the one job where they sit there, listen to the audio, and animate just the mouse. That's all they do. It's a thankless task, but we're very dedicated to it. After all of that is done, we can finally get to animation, where a shot spends most of its time.

This is where they'll do everything else, the bobbing heads, the blinking eyes, the dancing, the talking, everything else is done there. And this basically is the primary part of the iterative process where we'll do a first pass at a shot, send it through the pipeline, Trey will look at it if he likes it. Great, if he doesn't, he goes back through.

Our render queue has evolved over the years to the point that it's a completely automated process now. The artist clicks a button, and from then on out, the editor gets a signal saying it's ready to be brought in. No one has to touch anything. It's a very smooth system. We're using Cube, XN, NFS. It's all very slick. We're using, in fact, Shake to convert every single individual frame into a QuickTime movie for import. So for those of you who like Shake can say that Shake is used on every shot in South Park.

After that, he goes to the editing bay where Trey will actually sit down and edit every part of every show. He's very directly involved in the entire process. The retake process, as I mentioned, we go through. It's a very iterative process. If Trey likes something, he's great. If he doesn't, he'll make notes. There have been times where a shot will come through that completely changes where he's going with the show just because of one little extra thing an animator did. It completely inspires him in another direction. After we finish all of that, we get video locked, which means no more animation is done. That's usually around 7:00 or 8:00 AM, Wednesday, the day it airs.

After we get video lock, audio still has another couple hours synchronizing audio to the final animation. Once all that's done, we then roll off the videotape, take it for color correction, and then upload it from Comedy Central's Los Angeles office to the New York office where they broadcast it. That usually happens about an hour, hour and a half before it goes on the air. Thank you. Now, on very rare occasion, if everyone's really kicking butt and we're all doing great, there's 10th stage we reach.

Okay, so this is how we do it. This is what we use. We use all the standard protocols. We have servers dedicated for every individual job. We have a server dedicated just to serving data to the artists. Another one just serving data to the render farm. Another one is just dedicated to converting those frames to quick times. We have another one dedicated just to doing backup. You can see all the tools we use. And from the entire staff and crew of South Park, I'd like to thank all you developers for making those tools and enabling us to make the show we do. Thank you. Thank you.

Thanks a lot. Okay, finally, we have Apple in the laboratory, Apple in science. And this is a great example of a challenge, which is to build a very highly collaborative environment and to leverage open source. In the sciences, Mac has actually taken off in the last few years. Part of that is due to the interest in visualization, and of course the great job we do at providing visualization tools. And the Cinema HD display has helped a lot there, as well as groundbreaking applications from third parties, but also open source, especially in the bioinformatics field, where most of the applications that are used in that field were written in the era of open source.

That means in the 1990s or later. And so what this has led to is a great amount of sharing in that community between researchers, both commercial researchers as well as researchers at institutions. StructureBiologyGrid.org, I think associated with the Harvard Medical School, but actually a distributed collaborative environment is going to be talked about by Dr. David Gohara from Washington University School of Medicine, Center for Computational Biology. So, David.

Thank you, Bud. It's really a great pleasure to be here today and for the opportunity to be able to share with you some of the work that we've been doing and some of the ways that we've integrated Apple technology in the lab. But before I do that, I'd like to give you a little bit of background about SB Grid and some of the things that we do.

SBGRID started in the lab of Steve Harrison at Harvard Medical School out of a need to unify and standardize the software and computing environments that his lab members were using with a specific focus on x-ray crystallography, electron microscopy, and NMR. My primary responsibility as part of SBGRID is to identify performance bottlenecks in our users' calculations and then to develop solutions to help them get those calculations done faster. Since its inception, SBGRID has expanded to 14 other institutions across the country, and we now have over 50 labs and support over 500 users with software. Thank you.

Almost all of the applications we use are open source software and can be run from the command line. And so any system we use has to provide a UNIX environment. And because we're dealing with open source applications, we need developer tools and performance tools. We need everything that's required for porting, building, and optimizing open source applications. As structural biologists, molecular visualization is very, very important to us. We want to be able to relate structure to function, and so we need to see what's going on with large molecular assemblies. And so having access to high definition displays, fast graphics cards and stereo graphics hardware is not only important for us, it's an absolute requirement.

We typically tend to turn over or upgrade our hardware faster than we decommission it. And so anytime we bring new system types into the mix, they have to be able to work well in a mixed computing environment. So interoperability is really key. But probably the most important thing for us is the fact that the types of problems that we deal with are extremely computationally expensive. I'm going to give you an example of that in a little bit.

What's really key to us is the fact that we need systems that are priced well, that are fast and that are reliable. And so what we really strive to do is we want to minimize the bottlenecks that are introduced by the calculation itself and have the science and the understanding of that science be the rate limiting step in everything that we do. And so having systems that ship with multiple CPUs, vector units and highly tuned vector and numeric libraries that we can use out of the box are very important features for us.

Our first entry into high-performance computing solutions from Apple was a 14-node XSERV G5 cluster, and that system was commissioned primarily for some of the EM work that was being done in the Harvard labs. On the desktop, we're using primarily Power Mac G5s and iMac G5s. We've seen some of the Intel Macs coming in as well. And in terms of our graphics workstations, we're still using the Power Mac G5s, now with dual LCD displays. And in the case of stereo graphics, we'll attach CRT monitors to those. So let me give you just one quick example of how we've used the technologies that ship with these systems to be able to speed up some of our users' calculations.

We had a user that was performing a calculation that would take about 10 days per iteration. And at the end of that, he'd sit in front of the graphics workstation, move some things around, analyze the results, of course. That's what we were referred to as analyzing it. And then he'd resubmit it for calculation again. And so what this really meant was that he was spending about three days out of the month on this actual portion of the project, and the rest of the time he was simply waiting for results.

And so the performance tools that are provided with Xcode Shark told us immediately that we're spending, with this particular application, we're spending about 30% of our time allocating and deallocating memory. And that this memory allocation turned out to just simply be for scratch space. And so we could move that allocation to the beginning of the program's execution and we could immediately get the runtime down to about seven days. Continuing on, we could see that the program was doing a lot of two things. It was moving data around, it was transposing it, three-dimensional data set, and it was calculating a lot of FFTs. And if you're on a Mac and you want to do either one of those two things, the first place you really want to look is the Accelerate framework. Some of the fastest FFTs available anywhere are in Accelerate. And so after integrating Accelerate, we were able to get the runtime down to about 5.6 days.

And so then continuing on, what we could see was that the application was doing a lot of similar operations on these large chunks of data, and that the operations that were occurring over here could be done independent of the operations that were over here. And so then after multi-threading the application, we could get the runtime down to about 3.7 days. And so at this point, I say, OK, hey, that's not bad. Take it back to the user and to the user's boss. And the user's boss happened to actually be my boss. And the user's boss, who was my boss, was happy. And so the user was happy. And so I was happy. Great. And so normally we just sort of leave it there and move on to something else. But we didn't.

In fact, the story gets a little bit better. Because what I realized is that in thinking about the problem a bit more, the particular calculation that this user was doing was inherently a parallel calculation that was masquerading itself as a serial one. And so we backed off on the multi-threading code. And instead, I wrote a Cocoa app that would break the job up into chunks, send it off to XGrid, then X-Grade could farm it out. And so what we ended up with is a calculation that was taking 5.6 days on one CPU and originally 10 days on one CPU. We could farm it out to 26 CPUs and get the calculation down to 0.2 days or roughly about five hours. And so what this meant was that the user could start the job in the evening before he left and when he got back in in the morning, the results were now waiting for him. So it was a complete opposite. And this is just one example of how we've been able to take advantage of some of the technologies that ship with Apple hardware and software to really get some great performance out of our applications. And so when people come up and ask me you know why OS X and why Apple, I usually respond with well why not Apple? Almost everything we need comes in the package with the system ready to go out of the box and if we add up all the features that we use and factor in price and performance, reliability, interoperability, Unix, it It simply makes sense for us. And given the announcement that was made this morning, it makes even more sense given the hardware that's now gonna become available to us. And so this is why we use Apple. This is why we continue to use Apple. And that's it. Thank you very much. - Great, thanks.

Thanks a lot. Before we get into our next session, I just want to say thank you to these customers. And really, customers like these are worth their weight in gold because what they do is they push us on issues of price performance, scalability, availability, manageability, and really help us to focus on innovative ways to solve those problems and also give examples to the rest of the industry as to innovative ways to solve those problems. And again, thank you for coming to speak here. Next, we're going to talk about XSERV as well as OS X Server Leopard. For XSERV, the hardware, we're going to ask Michael Culbert, who's distinguished engineer, scientist, technologist in Apple hardware engineering. Mike has been hard at work the last year architecting our transition to Intel. I think everyone would agree that this is one of the smoothest architecture transitions that the industry has ever seen. And I think we have a lot to thank Mike for for that. So Mike. let you take it over. Thank you. Hello.

So we're done. It's been quite a year. XServe is the last product that we'll be shipping as part of the transition, but it's also the fastest and the coolest, and was one of the most fun. It has two dual core Intel Xeon processors in it, 64-bit throughout, and of course supports tremendous amount of performance and memory. We're going to go through that.

The dual core Intel Xeon that's been codenamed Woodcrest is the new Core 2 microarchitecture It's full 64 bits throughout, 1.33 gigahertz front side bus. This thing screams. Four megabytes of shared L2, which is really, really important for these high performance, particularly in the science and video industries where a lot of rendering and a lot of manipulation of data needs to happen. It's also got the first full 128-bit vector engine that Intel has done. It's optimized for power efficiency, as you'll see in a little bit. And it's built using their most advanced 65-nanometer process.

Now, it's over five times faster than the XSERV G5, 5.4 times on integer specint rate and about 3.7 times on floating point specFP rate. has superior power efficiency, 3.88 times more compute per watt than the Intel Xeon that it replaces. And as you notice, the PowerPC G5 was actually not much better than that original Intel Xeon in this metric. So it's a tremendous improvement in density that you can achieve in a data center or in compute in the same physical volume.

it's a very high bandwidth server architecture we focused a lot of time and effort uh... making sure this thing can really behave well as a server as well as a compute engine so we have twenty one point three gigabytes a second of processor bandwidth to those two processors we have a two hundred and fifty six bit wide six hundred sixty seven megahertz memory system very very well balanced twenty one gigabytes a second of main memory bandwidth dual eight xpc express expansion slots that's two gigabytes a second per slot. So you can get quite a bit of file system bandwidth if you're using this directly with an XServe RAID as part of an XAN or anything like that.

Very, very high I/O bandwidth. And of course the built-in drives, we now support SATA and SAS drives. So you can actually get tremendous performance with the drives built in. As you can see, scientific benchmarks, LINPACK is used to demonstrate the overall system throughput. So you have tremendous memory system, processor, and disk performance that lead up to a very, very good LINPACK result. Almost three times faster in double precision, and 3.2 times faster in single precision.

Super fast memory back setup, fully buffered DIMMs, 2x the capacity, 32 gigabytes in a single one-use system, increased high availability features to keep these things up and running, ECC with on-demand scrubbing, CRC protection of the data. So the transactions between the memory DIMMs and the systems are protected with CRCs, giving the system the ability to recover from transient errors rather than coming to a halt.

There's massive memory bandwidth in this machine, 2.1 times more than the original XSERV G5. And that is what helps reflect the benchmarks you saw earlier. Tremendously flexible storage. The SATA, of course, is no small feat, 2.25 terabytes of internal hot plug storage in this 1U machine. 24 by 7 server rated drives, very, very important. And of course, if you want really, really high performance, with the SAS drives, you get 125 megabytes a second per drive, 3.5 milliseconds of seek. These are ideal for large database applications, anything that really has very, very I/O intense operation.

As you can see, this is just comparing SATA and SAS in the same machine. Both of them are quite fast, but the SAS is really unbelievable. 125 megabytes a second. Remember, you have three of those drives. So you actually have three times that bandwidth if you stripe them. And the seek time means that for large data sets with random access behavior, like a database, you have tremendously high performance right in the box.

And then of course the I/O, we have two, as I said, two by eight PCI Express card slots. One is a standard slot for 6.8 inch cards, so fiber channel cards and the like, and one is actually a full nine inch slot which allows you to put fairly large graphics cards and other things in that slot. There's 50 watts of total power available for the slots and the long slot can actually support PCI X cards which gives you the ability to use cards that haven't yet transitioned PCI Express in the same server form factor.

So, there were a lot of customer requested features which you guys have been waiting for for a while. We have dual core processors, we have redundant power supplies, we have remote lights out management, which I'll demonstrate in a minute, and built-in graphics. The built-in graphics does not occupy one of those two slots, so you get the graphics and the two slots.

So, we'll take the cover off this thing. There's some other very, very subtle but important improvements as well. This machine has a tremendous amount of thought put into the thermal design. It's actually quite a bit quieter than its predecessor and, very importantly, has a very direct clean airflow path through the machine. So even in a non-ideal machine room, which a lot of these find their way into, it can tolerate pretty adverse environments with ease. Of course, we have the dual redundant power supplies. The dual Intel processors are in the center. As you can see, the air flows straight through. The three drives in the front.

32 gigabytes of RAM on the side there. Not in front of the processor, which a lot of other servers do. This is, again, making the thermal environment substantially better. The two PCI Express slots. Dual onboard gigabit Ethernet ports. The built-in graphics. Mini DVI. And we didn't take anything off either. FireWire 800, USB 2.0, the DB9 serial are all still there. Of course, this is really, really important. Redundant power supplies.

Hot swappable. Fully load sharing. You only need one of them to run the machine. Again, the ECC, on-demand scrubbing, embedded diagnostics, and integrated software RAID. So the lights-out management. It's based on the IPMI 2.0 protocol. We can remotely power on, off, and restart the server. It's Ethernet access with encryption. And the server monitor application, which you're already familiar with, will control this. So I'm going to demo it here. We have this rack over on the side that's basically... This laptop, of course, is connected to the projector, so it's got wires hanging off of it. But running the server monitor app, you can see one of the machines here. This little pip is reflecting that it's on the net, but it's off. See, it's half full. So we're going to go ahead and power that machine on.

And while we're at it, we're going to take the top one here. And if you watch the rack there, you'll see the lights come on. We're going to take the top one here, which is running, and we're going to just go ahead and shut that one down. So you'll see-- I don't know if probably most of you can't see it, but we did put them in the top of the rack. You can see the lights on. One of them go on, and the other one went off as it shut down. So that's the demo. And it actually worked.

So anyway, and of course, it's really the software that makes this an amazing machine. We've built this incredibly fast piece of hardware, but guess what? It has all of Mac OS X Tiger Server in the box, which makes it an incredible server story. And to come tell us a lot more about what's new in Mac OS X Server for Leopard, Greg Burns, our Senior Director of Server and Software Storage Solutions. Thank you.

All right. Thanks, Michael. So we've got three new updates today, actually, in server software. And the first one is Tiger Server Universal. This is an update to the existing Tiger server that we shipped today on PowerPC. And as the name says, it's universal. It runs on the new Intel boxes. It runs on the Mac Pro and the XServe, as well as the other Intel Macs. And it's actually the first version of the Mac OS X operating system that's universal in a single image. What does that mean? That means that a single image on disk will boot Mac OS X Server and run it on both Intel and PowerPC.

If you have a lot of servers and you need to image them, it makes your job vastly simpler. Of course, it gives you access to the power and the performance of the new Mac Pro and the XServe and the 64-bit address space of the Xeon processor. And we've made a few enhancements in the OS. We've improved some of the locking and data structure allocation in the kernel to allow it to scale better as a server on the new hardware. So that's Tiger Server Universal. Mac OS X servers completed the transition to Intel, and that's available now.

Second product is XAN 1.4. This is our storage area networking product. And if you're doing a video workflow, if you're consolidating storage behind your servers, it's the fastest, it's the highest performance way to connect all your Macs into a single storage pool. It scales up to two petabytes, and it provides uptime through redundant metadata controllers. So, XAN does all this today. So, what's new? Well, I'm sure you've guessed, it's universal. So, it runs on the new Mac Pro hardware and AXSERVs, and you can mix and match Intel and PowerPC systems on the same SAN. And, we have one more feature that's new in XAN 1.4, and that's access control list support.

Up till now, XAN's been limited by Unix access privileges, and that's fairly difficult to map into your workflows of your shared work groups, especially in video work groups. And so we've removed that limitation, and it's now fully compatible with Tiger Access Control List. So you can map it to your workflow and not have to map your workflow into your access privileges. So XAN 1.4 has also made the transition to Intel.

So our biggest release today that we're working on now is Leopard Server. This is going to be shipping in the spring of 2007. And we have a lot of new features coming. So here's just a few. The first is the iCal server. This is a complete calendaring server.

And it's got everything that you'd expect from a full-fledged calendaring server. So users can schedule events and meetings. You can send invitations, receive them. You can search free busy time, proxies, access control, all the features you'd expect. And the most important feature is that it's built on an open standard, CalDAV. So it not only works with the iCal client in Leopard, but it also works with other clients such as Mozilla Sunbird or OSF's Chandler. We've designed it from the ground up to be scalable. So you can start simple with one server and then grow as you need to with multiple servers all sharing the same calendaring database on the back end with XAN. And because we want to promote the adoption of this server as well as CalDAV, we're actually releasing the complete open source-- the complete source to the server as open source as the Darwin Calendar Server, and that will be available this week under the Apache license.

So another new service in Leopard is Teams. Teams is a wiki and a set of web services that easily allows groups or project teams to create and share information using Leopard's server. We use wikis a lot inside of Apple, and they're really powerful, but sometimes the usage model can be really arcane, and some of the markup language is hard to use. We've solved all that in Teams. Teams uses Ajax. It's all truly what you see is what you get.

It's direct editing. If you can use a word processor, you can use Teams. And so Teams is new. It's a Wiki service in Leopard Server. And it's more than just that. It also has a lot of other services as well. So there's shared group calendars. You can publish information through blogs and podcasts.

So it's truly a rich set of services for Teams to create and share content using Leopard Server through the web. Now both Teams and iCal Server actually use Open Directory. They're actually integrated there. So all of the information they need, such as groups and shared contacts, resources, rooms, locations, other things like that, are all now stored in Open Directory. And so we've introduced another application as well called the Teams Directory that actually lets normal users who need to work with these entries create and manage these. So you can create project teams or groups. You can manage their membership, rooms and locations, resources that are used by iCal. All of these can be created using Teams directory.

Another new feature in Leopard Server is streamlined setup. Tiger Server was already very easy to set up, and we've made it even simpler. So it's very quick to get the server up and running. But also, it's not just the server. It's also the clients as well. We've automated the client setup. So all your applications in the client that work with the server, such as mail, chat, calendaring, time machine, et cetera, can all be easily configured to work with the server in just a few clicks. So if you need to set up a server with a collection of clients, it's very easy, very quick, and there's truly no day-to-day management is on here. And in addition, as part of our server management enhancements, we've also integrated backup. So now the server uses Time Machine to back up your server settings and data as well.

Spotlight Server allows you to easily search for content, both locally and now on your server as well. So in Leopard, when you do a Spotlight search, it will transparently search for all the content on your mounted server volumes. There's no configuration required, and it'll support all the new features of Spotlight, such as advanced search queries. On the server, everything happens automatically. You don't need to configure it. The indexing happens automatically for all your content. It's done in the background at a lower priority, so it doesn't interfere with the performance of your services. And of course, as you would expect, it adheres to the file access privileges. So people only see the results for the files that they're actually allowed to access.

We have another new service called Podcast Producer. Podcast Producer is an end-to-end solution for capturing, encoding, and publishing content on the web as a podcast. It's great for people who quickly and easily need to be able to capture audio or video feeds and publish them out. You can set up an automatic workflow so that you can capture video or audio content on a Leopard client. It's automatically uploaded to the server where it can be encoded in any number of formats that QuickTime supports.

And then it's published out to the web as a podcast via RSS. It's integrated with Open Directory to control who can publish content through your services. And all the encoding is hosted on top of XGrid. So you can start with a single server, but then you can grow as your encoding needs grow. So it's a great end-to-end solution for rapidly capturing content and getting it out to the web. So.

So the iCal server, Teams Wiki, Spotlight server, Podcast Producer, these are a few of the major new services in Leopard server. There's a whole bunch more. We have clustering in the mail services. We have a federation of instant messaging servers with iChat server 2. We have the ability to host distributed computing without a dedicated controller in XSquare 2.

As well as in the CoreOS foundations, we have the ability to perform 64-bit computing now at all layers of the operating system in Leopard and Leopard Server. So there's a lot of stuff that's new. We don't have time to go into all of it right now, but the good news is there's another session right after this, the Mac OS X Server overview session. We're gonna spend that whole session going more into Leopard Server, so I hope I'll see you there. Thank you.

Thanks Greg. Let's see. So, to summarize, the things we're focused on for business, standards-based, that's been true all along, interoperable, especially with Windows, best price performance, open source, and of course security. Now, at this WWDC we actually have a lot of things going on that are of interest to the IT professional. We have sessions or actually labs downstairs right across from the IT lab. Apple in the lab, which is scientific computing. Apple in the studio, Apple on the campus. You should especially go take a look at Apple in the lab. One of the things we have there is a smaller version. If you heard about the Hyper Wall at UC Irvine, we've got a smaller version of that, which which is a huge number of pixels done with a mosaic of displays. We also have community areas in digital media, system administration, and scientific computing, and as I mentioned, the IT lab across from the Apple Lab Studio on campus.