News
5/19/2009
10:30 AM
George Crump
George Crump
Commentary
50%
50%

Selecting Your Next Storage Project - Edge Projects

Unfortunately the reality is often that the storage project you are going to work on next is based on the one that users are screaming the loudest for that you can also afford and it usually contains "add capacity". Is there a better way to go about selecting your next storage project?

Unfortunately the reality is often that the storage project you are going to work on next is based on the one that users are screaming the loudest for that you can also afford and it usually contains "add capacity". Is there a better way to go about selecting your next storage project?Project selection has to be representative of what users need or are asking for, but this has to be balanced with the needs of the overall data center and frankly the IT staff itself. I find that users are often calling for more storage space, faster provisioning of storage and occasionally better performance. Storage admins and managers are looking for ways to give users what they want while trying to reduce costs and to go home on time for once (that includes not having to log in from home to fix something).

The current economy presents the really big challenge in selecting your next storage project; having enough people and time to be able to even endeavor on the project. How can you address the screams, justify the project and come up with the manpower to get the job done?

If you are really stretched thin on staffing, big projects may be out of the question and right now you may want to look at what I call edge projects to get you through the lean times, quell user demands and maybe just solve the problem for good. An edge project basically adds to your existing environment to address an issue instead of completely overhauling it. It should be able to be completed quickly and it's use should be transparent and require little change in day-to-day operations.

For example adding a deduplication appliance to your backup system as opposed to replacing your backup application with a new one that has deduplication built in. Then as we discuss in "Deduplication Means Affordable DR" possibly using that deduplication system to sure up your disaster recovery efforts instead of implementing a totally new realtime DR solution.

Another great example is adding an SSD PCI-E Card to fix a specific performance problem as we discussed in a recent entry. Drop it in the server, move the application data to the card and witness a dramatic increase in performance. All done with little disruption to operations while installing the card and moving the data and no additional ongoing management time spent. Yet the problem is eliminated.

There are a host of solutions that are ideal for these types of edge projects; the backup and SSD examples mentioned above, adding capabilities to your virtualization environment or capacity optimization techniques like compression and deduplication. They may be just the thing to get you through and may even solve the problem, permanently. There are times however, even when staffing is scarce and money is tight, that you need to undertake a big storage project to fix the problem. In our next entry we will discuss some ideas for getting that project approved and how to go about implementing in.

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2208
Published: 2014-12-28
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string.

CVE-2014-2209
Published: 2014-12-28
Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote attackers to bypass intended access restrictions by leveraging group permissions for a file or directory.

CVE-2014-5386
Published: 2014-12-28
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initial...

CVE-2014-6123
Published: 2014-12-28
IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow local users to obtain sensitive credential information by reading installation logs.

CVE-2014-6160
Published: 2014-12-28
IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.