News
8/18/2008
01:56 PM
George Crump
George Crump
Commentary
50%
50%

The Death Of Storage Hardware

My former boss, who is still a mentor today, had a saying: "Success in life is the elimination of variables." Words to live by and words that the storage community must have heard. The biggest variable they deal with when installing a solution into their environment is the variable of, well, their environment.

My former boss, who is still a mentor today, had a saying: "Success in life is the elimination of variables." Words to live by and words that the storage community must have heard. The biggest variable they deal with when installing a solution into their environment is the variable of, well, their environment.No manufacturer can make their lab identical to every data center that their solution will be installed in. To eliminate this variable, manufacturers have developed appliances with their solution preinstalled on them. If you look under the covers of most of these appliances, there's really not much special to them. Typically they're just off-the-shelf hardware, probably running Linux in some form. The special part is that it's a "known," and no longer a variable. Every system they provide has the same memory, processors, network I/O cards, etc. The result is that these solutions are up and running faster, with fewer support calls back to the manufacturer. Everybody wins.

Variable elimination isn't perfect. The challenge with appliances is that it costs the manufacturers money and at some point they have to change the hardware to keep up with processing upgrades and network I/O upgrades. When there is a platform refresh it also causes challenges within your data center. First you have to allow a potentially foreign platform manufacturer into your data center, or, even more ironically, you may pay extra for a platform that you already have. You also need power, cooling, and rackspace for the appliance. As server virtualization becomes common and, in fact, integrated into the OS, why can't the manufacturers simply provide images? This still delivers a common platform for them to support -- the hypervisor -- keeping support costs down. This can be delivered as a server image that can be installed into the virtualization OS. True, you would have to learn how to get the image loaded and start the virtual machine. It might cause some extra steps on the networking side, but these struggles are far offset by having a solution that can be delivered simply and without using additional power, cooling, or rackspace. Storage hardware manufacturers can and will eventually participate in this situation, and some already are. There are a few manufacturers that already allow their software to run as a virtual machine. There are a few that will allow other virtual machines to run on their appliances. Realistically, there will be a need for customized hardware for storage performance for the foreseeable future. The unique hardware requirement will be the shelf itself; the software IP can live as a series of virtual machines on a group of Virtualization hosts.

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3971
Published: 2014-12-25
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

CVE-2014-7193
Published: 2014-12-25
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site ...

CVE-2004-2771
Published: 2014-12-24
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

CVE-2014-3569
Published: 2014-12-24
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshak...

CVE-2014-4322
Published: 2014-12-24
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or c...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.