News
11/24/2008
10:13 AM
George Crump
George Crump
Commentary
Connect Directly
RSS
E-Mail
50%
50%

IT Efficiency, First Demand Oversight

In this era of tightening budgets, storage administrators are once again being asked to do more with less. The problem is that for most data centers, the efficiency crank has been turned several times already and the easy efficiency steps already have been taken.

In this era of tightening budgets, storage administrators are once again being asked to do more with less. The problem is that for most data centers, the efficiency crank has been turned several times already and the easy efficiency steps already have been taken.Two examples of those easy steps are server virtualization and storage consolidation. Most organizations already have done a phase one virtualization; basically, many of the noncritical servers have been virtualized. In a similar fashion, many organizations have consolidated storage; this amounts to keeping the direct attached model and its limitations but not really leveraging the full potential and efficiencies of shared storage. In future entries in the IT efficiency series we will dive deep into these subjects.

The very first step in improving IT efficiency is to demand oversight. In the world of storage and virtualization, this means demand command and control of the environment. Demand a tool that will give you a visual view of the environment both in real time and a historical view. The reason this is critical is that to increase efficiency there are two components that must be available at the outset. First, it's the ability to know what you have, and the second is the ability to know where you have been, so you can measure and prove success.

These tools are available from the larger storage manufacturers like EMC, HP, and NetApp, but make sure that their tools will cover more than just their own, or a select number of third-party storage vendors. There are companies like Tek-Tools, Akorri, and Monosphere that are independent companies and by their nature can provide a more neutral application for this purpose.

Sometimes a concern with standardizing on an independent software solution is support from the storage hardware manufacturer. What we have seen repeatedly is that selection of one of these tools and strict insistence on support of it causes the hardware manufacturers to quickly fall in line and provide support. Some will even begin to offer advanced support to capture a competitive edge in your data center. This isn't a time where storage manufacturers can sustain a customer loss based on lack of support of software application. The knowledge of how the storage network interrelates to the virtualized server environment also is critical. The ability to see what storage is assigned to which virtual machine or physical host is critical in allocating future systems as well as trouble-shooting problems that may arise.

Understanding what you have, especially in a virtual environment, is a critical first step in identifying areas within your infrastructure that can save IT budget dollars or at least optimize the infrastructure for the economic realities of the day. Tools that can give you a view of what you have, what you have too much of, and what you need more of will help you prioritize those budget dollars correctly.

Join us for our upcoming Webcast on Improving IT Efficiency.

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4594
Published: 2014-10-25
The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.

CVE-2014-0476
Published: 2014-10-25
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

CVE-2014-1927
Published: 2014-10-25
The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$(" command-substitution sequences, a different vulnerability than CVE-2014-1928....

CVE-2014-1928
Published: 2014-10-25
The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "\" (backslash) characters to form multi-command sequences, a different vulner...

CVE-2014-1929
Published: 2014-10-25
python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.