Vulnerabilities / Threats // Insider Threats
2/12/2013
11:48 AM
George Crump
George Crump
Commentary
50%
50%

3 Ways To Protect Cache Writes

Here's how to protect your storage from three situations that could cause it to lose data.

7 Cheap Cloud Storage Options
7 Cheap Cloud Storage Options
(click image for larger view and for slideshow)
Recently I discussed the importance of write caching in a VMware environment. A key issue when addressing write caching is protecting the cache until data is written to the hard disk.

Although protecting the data in the cache is always important, cache safety is especially important when caching writes. A write cache acknowledges the write before it is safely committed to hard disk. In write I/O-intensive environments, the cache always has data that has been acknowledged to the application but is not safely written to hard disk. If the cache storage area fails, this data could be lost and corruption might ensue.

The key three circumstances from which you should protect a write cache are: power failure, cache device failure and server failure.

[ Why run two backups, one for virtualized servers and one for non-virtualized, when one backup will do? Read The Virtualized Backup Gap. ]

1. Power Failure.

Power failure was a bigger concern when caches were mostly made out of server DRAM, but as I discussed in my article "The Need For Server Grade SSDs," most flash devices also use a small amount of DRAM to organize inbound data. If the device loses power, data in that DRAM area could be lost. The DRAM area in flash devices should leverage capacitors to charge DRAM long enough so that the data it stores can be flushed to the flash area of the device prior to the drive shutting down. There also has to be some intelligence in the drive to sense a power loss and take this corrective action.

2. Cache Device Failure.

Failure of the entire flash device can be a larger problem because many caches often are built using a single drive to keep down costs. A write-cached environment should provide greater redundancy. For server-side write caching, consider drive mirroring or PCIe card mirroring. Caches built from shared storage systems will leverage the mirroring or RAID built into the storage system.

3. Server Failure.

Server failure normally is not a caching problem, because the server hardware would typically be returned to operation and caching should pick up where it left off. In a virtual server environment, though, it is entirely possible to restart a virtual machine on another host if the primary host failed. If the caching was server side, the write data in the cache would need to be flushed somehow prior to the VM being restarted elsewhere.

To protect against uncommitted writes held captive in a failed server, you must get those writes outside of the host. This can be done by either mirroring the cache externally to a shared solid state device or by mirroring one server's cache to another server. Although both of these methods do introduce some latency because a network of some sort has to be traversed, they should still provide better write performance than hard disks, and reads would still be serviced from within the local physical host.

Flash storage has made it to a point of reliability that the technology is able to sustain the higher write traffic of write-back caching, and the surrounding technology has improved to make sure that the cache is protected in case of a device or server failure. With proper design, writes can be safely cached and both sides of the I/O equation can benefit from memory-based storage.

Our four business scenarios show how to improve disaster recovery, boost disk utilization and speed performance. Also in the new, all-digital Storage Virtualization Gets Real issue of InformationWeek SMB: While Intel remains the biggest manufacturer of chips in the world, the next few years will prove vexing for the company. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6501
Published: 2015-03-30
The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_s...

CVE-2014-9209
Published: 2015-03-30
Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

CVE-2014-9652
Published: 2015-03-30
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote atta...

CVE-2014-9653
Published: 2015-03-30
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory ...

CVE-2014-9705
Published: 2015-03-30
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.

Dark Reading Radio
Archived Dark Reading Radio
Good hackers--aka security researchers--are worried about the possible legal and professional ramifications of President Obama's new proposed crackdown on cyber criminals.