News
4/30/2010
12:13 PM
George Crump
George Crump
Commentary
50%
50%

Storage Checkers Vs. Chess

Checkers is a two dimensional game where all the pieces have the same ability. Its about covering space. Chess is a complex three dimensional game where all the pieces have different capabilities and there is one common target: the enemy's king. In storage some features begin to look like checkers because they have become so commonplace, but when you dig deeper you find that the capabilities of these features between vendors vary greatly.

Checkers is a two dimensional game where all the pieces have the same ability. Its about covering space. Chess is a complex three dimensional game where all the pieces have different capabilities and there is one common target: the enemy's king. In storage some features begin to look like checkers because they have become so commonplace, but when you dig deeper you find that the capabilities of these features between vendors vary greatly.A great example is snapshot technology. I would be hard pressed to name a storage system vendor or even an operating system that does not have the feature listed. If you have a checkers view of storage, covering the bases, then you will give the feature a check mark and move on. Reality is though that snapshot technology is still different between vendors. Many vendors still have a relatively small limit on the amount of snapshots that can be maintained per LUN or volume because of how the tracking and managing of snapshots will impact performance of the system. Even systems that have seemingly high snapshot limits really should be reviewed with close scrutiny. Thanks to server virtualization you can hit 200+ active snapshots per volume quickly.

Thin provisioning is another technology that seems headed toward the checker status that really should not be. There are still key differences in vendor offerings. The first is how the thin provisioning allocates storage. Many thinly provisioned systems are really just dynamically allocating chunks of capacity as the volumes they are monitoring reach their allocation limits. For example if you define a 1TB volume some systems will allocate volume to its capacity rather than chunks at a time instead of a very fine grained allocation. When this chunk is filled up another chunk is allocated. What this means is that for each volume there is capacity that is allocated and not in use. For some vendors this extra allocation can be quite large, and in a storage system with hundreds if not thousands of volumes it can result in a lot of wasted capacity.

Another key development in thin provisioning, as we outline in our Thin Provisioning White paper, is the ability to migrate from hard volumes to thin volumes as well as reclaim capacity on thin provisioned volumes after data has been deleted from them. These are still relatively new features. Most storage systems do not have it yet and they could be important, especially in larger data centers.

There are other features that are often assumed to be the same yet on further examination are very different between vendors. Capabilities like deduplication, auto-tiering, compression and replication are just a few, even basic capabilities like the actual provisioning of storage can be vastly different on further review. When considering your storage options make sure you are playing chess, not checkers.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1449
Published: 2014-12-25
The Maxthon Cloud Browser application before 4.1.6.2000 for Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses the history API.

CVE-2014-2217
Published: 2014-12-25
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.

CVE-2014-3971
Published: 2014-12-25
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

CVE-2014-7193
Published: 2014-12-25
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site ...

CVE-2014-7300
Published: 2014-12-25
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.