News
10/28/2010
02:43 PM
George Crump
George Crump
Commentary
50%
50%

The Futility Of A Single Storage Platform

Every storage supplier wants to be your only vendor. It sounds like a good idea. It would simplify storage management, simplify purchasing and make it easier to train new IT staff and protect you if the current staff has some turnover. While meeting with users at SNW Europe, I was reminded just how futile of a goal this really is.

Every storage supplier wants to be your only vendor. It sounds like a good idea. It would simplify storage management, simplify purchasing and make it easier to train new IT staff and protect you if the current staff has some turnover. While meeting with users at SNW Europe, I was reminded just how futile of a goal this really is.There are several things that users cite as reasons they can't get to a single platform. First, despite what many suppliers think there is no platform that is perfect for all possible use cases. Different data and application demands as well as budget realities are going to drive the need for differing types of storage products. The suppliers back me up on this by their own product offerings, most don't have a single storage offering. In fact most of the large vendors have several that are dramatically different in form and function.

Second, even if you were able to find a single platform that could cover the wide majority of your data needs, you can't control acquisitions and mergers. Your company may acquire another company or you may be acquired. The chances of the other company having the same storage hardware as you is relatively low. It is also unlikely that you are going to be able to throw out whatever storage hardware that the other company was using and buy new equipment that matches your own. Reality will mandate that you integrate the two storage platforms as best you can.

Third, there is also the practical matter of keeping everyone honest, or at least on their toes. If you have other storage vendors for your data center it is going to reduce the risk of a vendor getting complacent. This is not just a matter of price but also capability. If you only have one vendor, and that vendor starts to fall behind in technical feature set, moving to another platform that is more feature rich could be challenging.

Once you accept the fact that multiple storage vendors are going to exist in your data center. The next step is to decide how many are you going to have? My advice is to limit the number of vendors to two or three but if you put the right vendor neutral storage management tools in place then it is really up to you which platform you choose to host your applications on and how many of platforms you need.

The tools available to manage a mixed storage vendor reality have matured greatly over the past few years and there are several choices to make when it comes to how you are going to manage that environment. There are storage appliances that can virtualize a variety of attaching storage devices. These appliances essentially "turn-off" the feature set of your current storage systems and then replace it with their own. There are also software managing and monitoring tools that provide a centralized view of storage that allow you to keep the specific features of your storage systems "turned-on". Most of these tools require that you still go to the storage systems individual GUI to take action though. There are also the operating systems or hypervisors that can now provide much of the storage management or intelligence that used to be the sole domain of the storage system.

We will detail each of these methods in upcoming entries but it is important to realize that managing a mixed vendor environment is more possible then ever. Given the realities of budgets, mergers, acquisitions and meeting varying degrees of data demands a mixed vendor storage model may not just be reality, it may be the best possible option.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, January 2015
To find and fix exploits aimed directly at your business, stop waiting for alerts and become a proactive hunter.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3580
Published: 2014-12-18
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

CVE-2014-6076
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site.

CVE-2014-6077
Published: 2014-12-18
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

CVE-2014-6078
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack.

CVE-2014-6080
Published: 2014-12-18
SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.