News
7/27/2010
05:10 PM
George Crump
George Crump
Commentary
50%
50%

Making Storage Management Easier

As we discussed in our last entry no matter how easy the storage protocol or storage system you select at some point someone is going to have to interact with the storage itself. It may be a problem that needs to be resolved or it may be a need to provision a new server but something will come up. In most mid-sized data centers managing storage is no one's full time job. It is something that is dealt with

As we discussed in our last entry no matter how easy the storage protocol or storage system you select at some point someone is going to have to interact with the storage itself. It may be a problem that needs to be resolved or it may be a need to provision a new server but something will come up. In most mid-sized data centers managing storage is no one's full time job. It is something that is dealt with as the situation arises. This interrupt driven style of storage management is not ideal but it is reality.The goal of the interrupt driven storage manager is to solve the problem and then get back to their real job as fast as possible. We find that there are two steps that can be taken that can help accomplish this goal. In this entry we will discuss the first step which deals with system selection and the second is selecting the right management tool, which we will discuss in an upcoming entry.

Most decision makers when selecting a storage solution will consider ease of implementation, ease of expansion and ease of operation, all of which are very important to keeping storage management time to a minimum. One consideration that seems to often be overlooked is how far will the system take you? Meaning if the organization grows and expands when will you need new or additional storage systems for IT to help support that growth? You don't want to be in a situation where you have five or six separate storage systems supporting the business. If you do storage will almost certainly become a full time job by potentially multiple people.

Look instead for either a system that has all the capacity and performance you are going to need to cover the next few years of storage demands either by having that capability built in up front or one that can be expanded to meet those future demands. This does not mean having a collection of separate storage systems that can all be managed by some sort of unifying application that the vendor provides. Most of these provide a unified view but individual operations means managing and configuring each individual storage system.

For many mid-sized or smaller data centers consolidating to one storage system is a reasonable goal. For some mid-sized and larger data centers covering all your storage needs with one system may not be feasible. Not every system can do everything. However, keeping the number of systems to two or three, at the most, should be achievable for all but the very largest data centers.

The payback of having one system, assuming it meets the other criteria of implementation and operation ease, is less time managing storage. When troubleshooting a problem, looking for available capacity for that new VM or deciding which file server that new user should be attached to, if there is only one place to look it becomes a very simple decision.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2208
Published: 2014-12-28
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string.

CVE-2014-2209
Published: 2014-12-28
Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote attackers to bypass intended access restrictions by leveraging group permissions for a file or directory.

CVE-2014-5386
Published: 2014-12-28
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initial...

CVE-2014-6228
Published: 2014-12-28
Integer overflow in the string_chunk_split function in hphp/runtime/base/zend-string.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted arguments to the chunk_split ...

CVE-2014-6229
Published: 2014-12-28
The HashContext class in hphp/runtime/ext/ext_hash.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 incorrectly expects that a certain key string uses '\0' for termination, which allows remote attackers to obtain sensitive information by leveraging read access beyond the end of the string,...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.