News
8/18/2008
01:56 PM
George Crump
George Crump
Commentary
50%
50%

The Death Of Storage Hardware

My former boss, who is still a mentor today, had a saying: "Success in life is the elimination of variables." Words to live by and words that the storage community must have heard. The biggest variable they deal with when installing a solution into their environment is the variable of, well, their environment.

My former boss, who is still a mentor today, had a saying: "Success in life is the elimination of variables." Words to live by and words that the storage community must have heard. The biggest variable they deal with when installing a solution into their environment is the variable of, well, their environment.No manufacturer can make their lab identical to every data center that their solution will be installed in. To eliminate this variable, manufacturers have developed appliances with their solution preinstalled on them. If you look under the covers of most of these appliances, there's really not much special to them. Typically they're just off-the-shelf hardware, probably running Linux in some form. The special part is that it's a "known," and no longer a variable. Every system they provide has the same memory, processors, network I/O cards, etc. The result is that these solutions are up and running faster, with fewer support calls back to the manufacturer. Everybody wins.

Variable elimination isn't perfect. The challenge with appliances is that it costs the manufacturers money and at some point they have to change the hardware to keep up with processing upgrades and network I/O upgrades. When there is a platform refresh it also causes challenges within your data center. First you have to allow a potentially foreign platform manufacturer into your data center, or, even more ironically, you may pay extra for a platform that you already have. You also need power, cooling, and rackspace for the appliance. As server virtualization becomes common and, in fact, integrated into the OS, why can't the manufacturers simply provide images? This still delivers a common platform for them to support -- the hypervisor -- keeping support costs down. This can be delivered as a server image that can be installed into the virtualization OS. True, you would have to learn how to get the image loaded and start the virtual machine. It might cause some extra steps on the networking side, but these struggles are far offset by having a solution that can be delivered simply and without using additional power, cooling, or rackspace. Storage hardware manufacturers can and will eventually participate in this situation, and some already are. There are a few manufacturers that already allow their software to run as a virtual machine. There are a few that will allow other virtual machines to run on their appliances. Realistically, there will be a need for customized hardware for storage performance for the foreseeable future. The unique hardware requirement will be the shelf itself; the software IP can live as a series of virtual machines on a group of Virtualization hosts.

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9676
Published: 2015-02-27
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.

CVE-2014-9682
Published: 2015-02-27
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.

CVE-2015-0655
Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

CVE-2015-0884
Published: 2015-02-27
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CVE-2015-0885
Published: 2015-02-27
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.