News
6/2/2010
05:20 PM
George Crump
George Crump
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Guided Storage Analysis

Software tools that provide storage and data protection analysis are very useful. They can help inventory, monitor and bring to your attention problems in the environment. Typically there are two challenges that I see with these tools however. First, they don't provide recommendations on what to do about a problem and they don't help you prioritize and organized your addressing of the problem.

Software tools that provide storage and data protection analysis are very useful. They can help inventory, monitor and bring to your attention problems in the environment. Typically there are two challenges that I see with these tools however. First, they don't provide recommendations on what to do about a problem and they don't help you prioritize and organized your addressing of the problem.The best way to describe the first problem of not providing recommendations on how to address an issue is that these tools will tell you that the patient is bleeding but they won't tell you where or how to suture the wound. For example, they may tell you that certain backup jobs are taking longer to complete than normal but won't tell you potential reasons why. Some won't even report the anomaly, you have to manually figure that out by analyzing trending data.

Storage management and data protection management tools should automatically analyze trending information and alert you to changes in the environment or its processes. When something is wrong these tools should interact with a knowledge base of some sort to help give recommendations on what to do to fix the problems that are being identified. One of the best solutions for this is interaction with an online community that uses the tool. I've seen several where a user can post in a forum what their storage management tool is telling them and then users can provide advice on what they should do about it.

The second problem deals with the reality that most IT administrators don't have the luxury of scheduling time to deal with problems in their day and that most problems come in waves when you have the least time to fix them. I'd like to see storage management and data protection analysis tools move to address this, providing organizational help to the IT administrator. Imagine being able to log in to a console and have the system guide you through what you should do each day. It could have you address problems that are affecting SLAs first and address more minor problems second. When there is available time in the day the software could even provide you with tasks to focus on that are not causing failures but tasks that are impacting performance and could lead to future failures. Think about it, a tool that helps you to be proactive instead of reactive.

Progress is being made along these fronts. There are a few tools now that are comparing storage or data protection failures to their affect on SLAs which helps greatly with prioritizing failed tasks. The next step is helping guide the IT administrator through their day.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2227
Published: 2014-07-25
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.

CVE-2014-5027
Published: 2014-07-25
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff fragment page.

CVE-2014-5100
Published: 2014-07-25
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_...

CVE-2014-5101
Published: 2014-07-25
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) TPL_address, (6) TPL_city, (7) TPL_prov, (8) TPL_zip, (9) TPL_phone, (10) TPL_pp_email, (11) TPL_authn...

CVE-2014-5102
Published: 2014-07-25
SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.