More ITIL notes

Configuration management fits between change management and release management. It ensures that assets of the IT group are recorded, change is done with minimal risk, and data integration is maintained.


To account for all IT assets and configuration within the organization and its services. To provide accurate information on configuraiton sand their documentation to support all other service management processes. To provide a sound basis for incident management, problem management, change management, and release management. To verify configurationr ecords against the infrastructure and correct any exceptions.


Service level management and SLAs are the customer facing part of the IT department. The configuration management organizes this data and allows us to organize and present this data. This correlates to asset management and relationship management with the user community. Some companies keep asset management in spreadsheets that are used for taxes and depreciation tracking but not for asset tracking. It typically is an afterthought or something that is done once a year. This is a bad practice that is typically driven by the accounting department. It should be driven by the IT department on a daily basis, not yearly.


The configuration information should be stored in the configuration management database. It should include hardware, software, peopleware, and documentation. It should also include services and the relationships between configuration items as well as incident, problems, and known errors. It should also include a history of all changes and releases. Historically this has been kept in a journal or notebook and done in different formats based on the note keeping ability of the administrators. This format and repository needs to be standardized and centralized. Deployment of an asset management package typically does not include hooks into the help desk, request for change requests, and release announcements. It does, however, typically resolve accounting issues that upper level management has and gets funded easier than a configuration management system.


The configuration management system should have linkages into the definitive software library (typically CVS or Subversion) and the definitive hardware store (typically the enterprise management interface in the IT organization).


The first of configuration management process is planning. This should include strategy, policy, scope and objectives. It should also include processes, procedures, guidelines, and responsibilities. It also includes relationships with other ITIL processes and relationships with other parties as well as tool and resource requirements. The objectives should be simple, measurable, achievable, realistic, and timely. Many of these categories should be boilerplate items because processes, procedures, and guidelines should not change very much between projects.


The second part of configuration management is identification. It is important to define what level of detail is needed to identity an item. The level of detail is what differentiates companies from each other. Higher levels of detail requires more time and typically more cost. Less detail typically leads to differentiation of services and non-uniformity between systems. In defining relationships it typically helps to define the composition, connection, and the usage relationships. For example a workstation typically is composed of a keyboard, processor unit and monitor. It is typically connected to a network hub, network server, file server, and print server. It is typically used by a user but could be time shared at night for batch processing of jobs.


The third part of configuration management is control. The subcomponents of this is register, update, archive, and protection. When we receive new equipment, we need to register this equipment. If this equipment is changed it should be updated. For example, if we get a computer and install new memory in the system we need to register the computer and update the definition when we add memory to it. Archiving is backup of the CMDB to a backup repository and might or might not involve pruning of data as the backup is done. Protection of the data keeps changes being made to the repository without proper authorization. It also keeps the data from being stolen or corrupted.


The fourth configuration management activity is status accounting. This is reporting of all current and historical data concerned with each configuration identifier throughout its lifecycle. It helps create configuration baselines as well as analyze risk and cost that changes create in an organization.


The fifth and final element is verification. This is to verify that the data in the CMDB and make sure that it is accurate. This is typically done on a regular basis and not done once a year as is required by accounting. It is important to make sure that verification is done before equipment is moved or new software releases are made. It is also important to verify configurations after disasters since changes can be made in times of emergency and not recorded.


Change management is the next major component of ITIL. Change is the process of moving from one defined state to another. It us used to ensure that standardized methods and procesures are used for efficient and prompt handling of all changes, in order to minimize the impact of any related incidents upon service. It is responsible for implementing changes in the orgznization with the minimum of disruption. This also allows for announcements of what changes will be made, when the changes will happen, and a definition of when and where a backout plan should be implemented when problems occur. This helps maintain a good balance between the benefits of change as well as the risks associated with change. Layered on top of this is an approval process that tracks and manages change requests. It typically involves some type of review, a go-no go selection, and resource commitment before a change is begun. It typically is integrated with capacity management, availability management, and configuration management. When a change is proposed to a system it is moved from configuration management into change management. When the project is approved it is moved into the release management process so that it can be rolled out as a new configuration. The capacity and availability management systems are also integrated into change management so that existing operation parameters can be analyzed to figure out if the changes will positively or negatively impace the service.


A typical trigger that initiates change management is a request for change that comes from the service desk, problem management, or changed CIs made by engineering. New business requirements can also generate change requests. Legislation and corporate changes typically mandate change requests as well.


Changes are typically categorized as urgent, minor, significant, and major. Urgent requests are typically handled by an emergency group that handles change requests quickly. Minor changes are typically approved by a larger group and done through collaboration tools like email or shared files. Significant change requests typically require discussion and reviews of the changes. Major changes usually requires higher levels of management to get involved because it has a larger impact on the organization and typically requires more resources and assets to be involved.


Typical metrics for change management are number of changes, number of changes backed out and why, cost per change vs estimaged cost, and number of urgent changes. Other items that need to be measured are time from RFC to release, number of items reviewed by review board and items handled by change manager.


Release management is the final component of support services. This is defined as a way of taking a holistic view of a change to an IT service and ensure all aspects of a release, both technical and non technical, are considered together. It includes software, hardware, and documentation required.


Release management typically incorporates processes in the development, test, and production environments. Release management typically manages the definitive software library and definitive hardware hardware store. It is also important that the release manager be integrated with compliance checks as well as license agreements.


 

information collaboration and libraries

Technorati Profile

I have been working with my wife in building a school library for my kids new school. When the school opened this fall they did not plan on creating a library for the kids due to expenses. My wife thought that this was wrong and began a grass roots movement to gets books, bookshelves, and a library computer donated. This movement was very popular among the parents and over 7000 books were donated as well as money for bookshelves, time to build and install the bookshelves, and a computer to checkout and checkin books. Now that we have the basic resources to build a library, it reminds me of a problem I am having at work. How do you arrange information so that it can be referenced and indexed at a later date and how is this information shared with my peers.


What are the basic technologies that can be used to share information?


A web page? A good start but I want to make it a little more dynamic. When I was at Sun we started onestop.central.sun.com which was a central navigation tool into product engineering. It was very successful but didn’t capture day to day problems and FAQ data that people posted on a daily basis. It was typically controlled by one or two people thus the data was limited to the knowledge base of these few people and the availability of their time to update the pages. It did allow us to create pointers into engineering so that we could navigate and learn about technologies quickly.


A blog? Blogs are interesting but they don’t have enough order to them. They are typically good at recording daily thoughts and stream of events but are typically organized by calendar and not topics.


A wiki? Interesting idea since it does allow for a blending of web information and blogs. Administration of a wiki server is a little complex but I like the idea of something like OraclePedia (Oracle specific implementation of WikiPedia). This might just work so I will have to investigate more.


A portal? We do have an internal portal that everyone has access to and it does allow us to customize it to view my personal interests. The problem with a portal is that it does not allow me to create content but subscribe to existing content. If I go this route I am still locked into the question of linking in web pages and blogs that I generate. It also gives me a view of what I want to see but how do I share this with my peers?


Shared files? I can create a shared file repository with information in heiarchial format but how do I index this data without opening the files? Directory organization of information is complex and different for everyone. I can give people access rights so that they can drop files into a directory and even give them access rights that allow them to update files. The problem is that you need to open the files to read the data. It is much easier to navigate this data with a web browser and navigate it with links. Shared files typically don’t have hyperlinks that allow you to go from file to file.


collaboration has always been a difficult topic. There is no single answer for all problems. I have been looking at applying this problem to the legal industry. How do laywers collaborate yet still keep confidential client information from people who should not see the data? It seems that searching and discovery of information is critical to their industry. I know that there are legal search engines to look at judgements and verdicts of court cases. The problem with these search engines is that they don’t index and search local information controlled and managed by the law firm. Allowing this data to be indexed is potentially an issue because key words published to a public search engine like Google desktop could lead to a break in the client confidentiality. The same is true for a sales organization. Do I really want to use Google desktop to index my documentation and presentations? Yes. Do I want to index my email exchanges with people inside my company and customers? Not really. This metadata gets shared with Google. True, they have done a good job of protecting this data and not using it malicously but it does become a vulnerability out of my control. I don’t think that many CIOs would approve of using a tool that exposes them to a risk that they have zero ability to control or mitigate.

being successful

I’m not sure if I have written about this before or not but it is something that I keep coming back to on a regular basis. What makes someone successful? Is it power? money? fame? fortune? To be honest I don’t care how someone judges being successful. I have my own definition that probably is different from the average person. To be brutally honest it is something very personal that I don’t share with many people and I don’t talk about very much. What I do talk about with as many people that I can is how you become successful. How do you start a new job and contribute, make a difference, and make the group that you work for meet it’s goals? The two key elements that are consistent with everyone that I talk to is a little luck and picking something that they can become very good at. Part of the luck is picking the right thing. For example, I think that I make a really good bread pudding that is better than most resturaunts. Does that mean that I should open a place of my own? Does that mean that I should be a chef or go to cooking school? No, I am smart enough to know that this won’t make me happy and won’t make me successful. I also know that I would not keep my job very long since cooks aren’t something that Oracle typically hires.

I really don’t have control over luck. I know that I can prepare myself to take advantage of luck but I can’t make luck happen. If I could I would have become a professional card player. That leaves only one thing left to do and that is be good at something. If I pick the right thing and get lucky in what I pick I can be successful. Ok, looking at what Oracle has been successful in might help. Oracle has done well in database. Oracle has done well in acquiring companies that require database. Given that I don’t have enough money to acquire companies I should probably focus on something that surrounds a database. When I was at Sun I started becoming an expert in identity management. It seemed important and was something that everyone wanted to talk about (as well as Java). I did ride the Java wave for a while but realized that I was not very good at producing code. I tend to overanalyze things and take too long to get a product into production. So the question that is difficult to ask is where should I spend my time? Analytics? Business Intelligence? Security? Compliance and Audit? Database? Management and Performance? 

Lately I have been looking at specific markets and how our software can be used. Law firms, real estate, oil and gas, and retail. Somehow it seems like my Computer Science and Electrical Engineering degrees didn’t prepare me for any of this. I learned how to use tools and how to create things but I never learned why. Focusing on specific markets has made me aware that I haven’t learned why things are done. I think I know how. I think I need to focus on why.

good luck figuring it out, let me know if anyone figures it out.

computers in the legal market

And now for something completely different……to borrow a phrase. One of my friends asked me to do some research for him. The question is “What do lawyers need computers for”. I thought I would start my search and find out what Oracle does in the legal field.

Business intelligence appears to be a big part of law firms. http://searchoracle.techtarget.com/originalContent/0,289142,sid41_gci1155993,00.html

Storing confidential information also appears to be important.

Records management appears to be important as well
http://www.pa-lawfirmconsulting.com/articles.htm#records
http://www.americanconference.com/docretention.htm

Separation of duties and conflict of interest also appear to be important.

search engines appear to be important as well.
http://www.legaline.com/2006_10_01_lawsites_archive.html
  – 12.5% firms have search engines

collaboration and document sharing

knowledge management
http://www.systems-thinking.org/kmgmt/kmgmt.htm

document repository like Ringtail hosted by Fulbright and Jaworski
http://www.fulbright.com/images/publications/GenericRingtailPresentation.swf

blogging, web site management, e-newsletters
http://www.legaline.com/2006_10_01_lawsites_archive.html

portals for….
witness preparation, deposition and hearing transcripts, trial preparation.
http://www.ftiringtail.com/web/

strong or weak management styles

So I am somewhat of a history buff and a fan of football. I also have a disdain for authority and don’t really respect managers or leaders. My feeling is that they need to earn my trust and prove their worth. I have worked for a large number of worthless managers that got in the way of accomplishing the organizations goals and had a personal agenda that I got sucked into. I have been fortunate to find a couple of people that I would take a major pay cut or work major overtime to work with because I believe in similar things that they believe in and like their management styles. Even more fortunately, my current manager is one of those people. Currently, life is very good.

The reason I bring this up is what management style is best? The parallel in real life is which is better, centralized strong government or distributed and delegated authority? Most Americans agree that one of the strongest presidents that we have had of modern times was Ronald Regan. I don’t want to get sucked into a Republican vs Democrat debate so for the record I am more of an Independant/Libretarian in my voting style. What I do want to talk about is Regan’s leadership skills. He was not the type of person that could quote facts or statistics about an issue. He delegated most of the decisions to his trusted advisors. Alan Greenspan, for example, was one of his trusted avisors and led the financial market very well during his tenure. During the Regan administration states powers increased which for some states was a good thing but for others caused problems later down the road.

On the flip side, Adolph Hitler was a strong central government. His generals could not execute war plans in the field without approval from Hitler himself. Now I am not bringing up Hitler as an example of great leadership. I am bringing him up as a polar opposite to the Regan style of government. Instead of trusting his advisors, Hitler insisted on “micro managing” all decisions. This lead to weak and ineffectual middle level of management. This management style was pervasive into the organization. Every level of the German government required approval from the management. This led to lack of response in time of emergency, specifically when the allies landed on the northern coast of France.

The reason I degress into the management analysis is that I am currently working with a customer that is having difficulty rolling out products in the IT department. The previous CIO was an iron fisted do-it-my-way-or-the-highway manager who was just waiting to retire. The company stagnated technically and didn’t grow as the industry grew. The new CIO is more of a trusting individual that wants to let individuals contribute and express their creativity. Unfortunately, the staff that exists was trained not to ask questions, not to show initiative. When the CIO attends a meeting he expects everyone in the room to contribute and they don’t. They have hired a team of consultants to deploy the new technology but the employees who are managing the consultants are not willing to step forward and make decisions. They require an additional meeting getting someone else in the room to make the decision. When that person does not show up, nothing gets done or they start down the wrong path and have to restart the initiative. No one has global view on what they are trying to accomplish.

On the flip side I have been working with a new manager that is allowing me to see how long my leash should be and letting me have the run of the yard. I haven’t been given everything that I ask for but I have been given everything that is reasonable plus a little more. My previous manager was very non-confrontational and didn’t even insist that everyone on his staff show up to group meetings. If the lead developer wanted to sleep late on our normal Tuesday meeting time, it wasn’t a problem because he was working hard. Unfortunately, that elevated that developer over everyone else and made us repeat all decisions that were made in the meeting and the background of the decisions. The job before that I was told that there was an open door policy but asked to leave the office when I started asking the tough questions like why is the manager consuming over half of the training budget on himself.

I guess that I am very fortunate to have a good manager that is giving me the freedom to be creative and supporting me in my initiatives. Unfortunately, it means that I have to be successful in the long run. Not that there is a problem with that. It just makes it more important to do well. For me it is more insentive than a large bonus or pay raise. Meeting expectations for me is the key to success. Fortunately I am in an industry where I have been given the opportunity to set my own expectations and resources needed to meet them.

While on break this week, think about your managers style. Does it fit your personality? Are you doing things to make them successful or are they providing you the resources to make you achieve your goals? What motivates you? Money? Fortune? Fame? Doing your best? I think that I know my answers to these questions. I’m just glad that I am not the manager that has to take care of these questions for people reporting to me. I am a much better individual contributor than I am at meeting other peoples expectations.

 

 

ITIL Certification

ITIL – Information Technology Infrastructure Library


started by UK government in the last 1980’s. Published by office of government commerce. Recently updated in 2002 to include internet and companies doing business on the internet. The library consists of 7 books. Service delivery, service support, business perspective, infrastructure, and application management are the core books. Planning to Implement Service Management and security management are extensions.


ITIL provides a best practice framework for customer relationships. Service delivery helps define SLAs. Service support helps address changes in agreements. These both lead to ISO 9001 certification. These help with management of the IT organization. Application management looks at managing applications from “cradle to grave”.


The recommended IT infrastructure consists of hardware, software, and peopleware. The ahrdware consists of computers, comm equipment, workstations, and printers. Software consists of operating systems, databases, tools, applications, and data. Peopleware consists of skills, training, documentation, procedures, and practices.


What is an IT service? Set of related functions provided by IT to support the business. Some examples are email, payroll, and order processing. It can be defined as “an integrated composite that consists of a number of components, such as management processes, hardware, software, facilities and people, that provides a capability to satisfy a stated management need or objective”.


Service delivery can be broken down into components: Service Level Management, IT Financial Management, Availability Management, Capacity Management, and IT Service Continuity Management. Service Support can also be broken down into components: Service Desk, Incident Management, Problem Management, Change Management, Release Management, and Configuration Management.


Service desk is a function of the IT organization. It is a central point for support to help resolve problems. Service desk is the focal point for support and is a communication channel. The incident management allows you to report issues or problems. Problem management allows you to look for root cause of problems. Multiple service desks can exist for different parts of the business like a financial help desk or human resources help desk. ITIL focuses on the help desk to help support computers and computer services. Customer satisfaction and retention is an important benefit of service desk. It should also support the business goals of the organization and reduce cost of ownership of systems. Reporting the status of services and maintaining communications is also a key part of service desk.


A user is a person that uses the product under discussion. A customer negotiates the cost, service level agreement, and operational parameters. It is important that the service desk understands the SLAs to support users as specified by the customers (typically department managers). The service desk should be both reactive and proactive. Reactive to user problems and proactive in the form of notification in the change of services. A centralized service desk and repository is needed. Distributed service desks might be needed to support different users in different time zones. The cost of a centralized data center can be expensive if not integrated with a corporate communications that supports calling between sites.


Some services provided by the Service Desk can be automated or provided by self service applications. Issues, whether automated or manually handled must have an escalation policy to help resolve issues that can’t be handled properly or timely. The responsiveness of the service desk is not something that is uniform across different companies. A typical target is to have 70% of all service calls handled by the first person. The expertise required in the service desk to handle this target differs from product to product and company to company.


more later…..

Berkeley DB – intro to concepts

so let’s dive a little deeper into Berkeley DB

Berkeley DB is a general purpose embedded database engine. It is extremely fast. It is compiled and linked into your application. It runs in the same process space as your application. The database can store upto 256 terabytes of data and support 4 gigabytes of record keys.

There are four different in-memory cache designs: BTree, Hash, Queue, and Recno. The BTree and Hash are both for fast indexing and retreival. BTree is good for data that has locality of reference, each element relates to each other in some way. Hash is good for extremely large data sets. Queue is used for fast insert at the tail of the queue. Queue is good for high degrees of concurrency. Renco provides support for databases whose permenant storage is a flat text file.

To insert data into the database, it is different from the other versions of databases offered from Oracle. If you look at the ExampleDatabaseLoad.java that comes with the binary distribution, you can see that entries are stored in the database with a put command.

   myDbs.getVendorDB().put(null, theKey, theData);

In the command, we reference an already opened database, get the database instance known as VendorDB and call the put function to insert data. The data is inserted as a key and data elements. The key is a single element and the data is an array of elements. The function getVendorDB returns a string that points to a database that we create using the BTree construct in a file. This is done with the

   new Database(“file”, null, DbConfig)

function. The file parameter points to a directory and a file to store data.

Note that with Berkeley DB, you need to manage where everything is, how things are created, and how to add and search elements from the repository. It does not differ much from keeping records in a file but it gives you a good way of indexing and searching files that could potentially contain large amounts of data. Data is read using a get function to retrieve data as if it were an element of a structure. The key is used to point to the right element so that the right data is accessed.

Records can also be deleted using the delete function. It is important to remember that records are not truly deleted until the cache has not been written to the disk. This can be done manually with a sync or a close function call.

Cursors can be used to iterate over records in a database. If a database allows duplicate records off one key, then the cursor is the easiest way to access something other than the first record. Records are read using the cursor.getNext() function or the getPrev() function. Data can be written using cursors either with the putNoDupData, putNoOverwrite,  putKeyFirst, or putKeyLast functions. Updates are done with cursor.putCurrent and deletes are done with cursor.delete.

It is important to remember that you can open multiple databases at the same time and run them separately in different threads and even join data between multiple databases. I will not go into this detail here. The intention of this blog entry is to introduce the concept of Berkeley DB and how to insert, delete, update, and search for database elements.

the value of experience

Yesterday I did something that some would say was an incredible waste of time. Others say that it would be one of those mastercard moments, you know “priceless”. It turns out that our local major league soccer team won the playoff games and qualified for the MLS Cup Championship. The game was scheduled for Pizza Hut Park in Dallas which is 250 miles north of here.


Let me set the stage here. My wife is a big soccer fan. She works for a men’s soccer league in town. She plays on two or three teams. We played together for a while on a co-ed team before I was advised not to play any more if I wanted to walk when I got older. My oldest son played for a while with us as well. My daughter played for a while before she figured out that she did not like running that much. Swimming and volleyball are more her sport. My youngest son plays and his mom is the coach. Her family is also big into soccer so much so that they go out of town almost every weekend for a tournament or a game. I have been volunteering for the Houston Dynamos all season as a stats keeper for home games. I have sat in the stands for three games and watch as my wife kept stats so both of us know the Dynamo staff and a few of the players.


Did I say we have a vested interest in soccer? Well, the championship game was yesterday in Dallas. We paid $45 per ticket to go to the game. We got up at 8am to make a 2:30pm game. Yes, 4 1/2 hours of driving to get to the field with some time to tailgate before the game. The game was tied at the end, 0-0. After a 15 minute overtime still 0-0. After a second 15 minute overtime, 1-1. After penalty kicks, 4-3.


When I looked at my daughter who was wearing her orange team shirt with the team scarf wrapped around her and her team hat signed by all of the starters she was smiling. She knew the importance of the day. She new that she would remember this season for a long time. After the game she wanted a copy of the special release of the Houston Chronicle pronouncing “Dynamo Wins” so that she could put it up in her school locker next to the picture of the top two stars with their arms around her.


10 hours driving in the car: $175


5 minutes while we get a speeding ticket: $125


3 hours at the game: $180 (tickets)


2 minutes of smiles, yelling, and cheering: priceless


some things are worth it.

BerkeleyDB

What the heck is BerkeleyDB? Origionally it was SleepyCat but was acquired by Oracle a few months back. Ok, that dosen’t answer the question, it only gives the history of the product. What it is typically used for is an embedded database. There are two flavors, Berkeley DB and Berkeley DB Java Edition. The java edition is entirely written in Java and can run on any machine that runs a java virtual machine. On top of the Berkeley DB is an XML engine that allows you to query the database using XML queries. The database is not relational. It is not object oriented. It uses key-value pairs to find the data. Values are simply payloads and can be upto 4G in length. A database table can be upto 256TB in size.

This software is different than a traditional database in that it is compiled into the application with a set of libraries. There may be many threads of control but no barriers between the threads. It is assumed that the program will maintain consistency and separation of duties. There are three access methods to data through the database engine: btree, hash, queue, and renco. The interfaces to save, change, and read records are the same. The access method and storage procedures are different for each access method.

SQL and Berkeley DB have similar actions but are performed differently. The concepts are the same but the actions are different. In SQL, for example, a database is a collection of tables which contains rows. Different elements from tables can be combined with an AND command to join data. In Berkeley DB, the database is an element of an environment. Instead of a row, there is a record which is a key-data pair. To combine different elements from different databases a join function is used passing the database parameters. Transactions, indexes, and backup have similar contexts between both systems.

Berkeley DB is very fast as far as transactions are concerned since everything is done in memory and copied to disk. A typical in memory or cached disk configuration can support 200 million non transaction reads per second or 250 thousand transactions per second. Transaction commit sync to IO can support 30 to 60 transactions per second. A sync to the operating system is about 50 thousand transactions per second and commit with no sync is 90 thousand transactions per second sustained.

The key reasons to choose Berkeley DB is performance, concurrency, memory footprint, and cost. Since this is an embedded library, a higher degree of knowledge is necessary. Since it does not use typical SQL commands but library calls, the knowledge is specific to Berkeley DB and not database in general.

what databases are offered?

Ok, some times I am simple minded. I need to write this down so that I don’t forget this. If I put it in a blog I should be able to access when I need it (hopefully). Oracle offers a variety of database technologies. The databases that exist are:

  • BerkeleyDB – free
  • TimesTen – embedded memory database. It can sync with the other types of database and effectively be a cache front end to the other databases.
  • Lite Edition – cost. used for mobile devices with a database on the back end.

to compare these three http://www.oracle.com/database/embedded-compare.html

  • Express Edition – free. no CPU limit but runs on 1 CPU, 1G Ram, 4G data, support through online forum.
  • Standard Edition One – minimal cost. 1-2 CPUs, no memory limits. support available. Priced per CPU or per user
  • Standard Edition – 1-4 CPUs, can be clustered with RAC. no memory limits. support available. Prices per CPU or per user
  • Personal Edition – minimal cost. single user environment, no processor limit
  • Enterprise Edition – 4+ CPUs, no memory limits. support available, can be clustered with RAC. Prices per CPU or per user

The extended features and options supported and not supported are

Feature Database Berkeley DB Times Ten Express Edition Standard Edition One Standard Edition Personal Edition Enterprise Edition
Data Guard No No No No No No Yes
Rolling Upgrades No No No No No No Yes
Fast start recovery No No No No No No Yes
Schema reorg/redefine No No No No No No Yes
Flashback Query No No Yes Yes Yes Yes Yes
Flashback No No No No No No Yes
RAC No No No No Yes (free) No Yes (cost)
Security and Auditing No No No No No No Yes
XML support Yes No Yes Yes Yes Yes Yes
.NET and Active Dir ? Yes Yes Yes Yes Yes Yes
Management Packs No No No No No No Yes
Enterprise Manager No No Yes Yes Yes Yes Yes
Streams No No No No No No Yes
Replication Yes Yes Yes Yes Yes Yes Advanced
Spatial No No No No No No Yes
ETL – Warehouse Builder No No No Std (free) Std (free) Std (free) Enterprise (cost)

http://www.oracle.com/database/product_editions.html