News
4/6/2010
12:15 PM
George Crump
George Crump
Commentary
Connect Directly
RSS
E-Mail
50%
50%

What Is Zero Detect?

There is a term you are going to start hearing more of in storage circles; Zero Detect. Some storage systems that offer thin provisioning are adding the ability to detect areas of a volume that have been zeroed out so they can reclaim that space and use it elsewhere. Zero detect becomes a critical component as we advance the capabilities of thin provisioning.

There is a term you are going to start hearing more of in storage circles; Zero Detect. Some storage systems that offer thin provisioning are adding the ability to detect areas of a volume that have been zeroed out so they can reclaim that space and use it elsewhere. Zero detect becomes a critical component as we advance the capabilities of thin provisioning.Most file systems when they are told to delete a file, simply mark the area as available to be overwritten, they don't actually remove anything. This creates a challenge for storage systems that offer thin provisioning. If you delete a large amount of data to free up capacity, the thin provisioning system will not be able to understand what happened and reclaim that capacity. The result is that overtime thin provisioned systems used to "gain weight" as files were deleted from the file system. In other words the thinly provisioned volumes most efficient day was its first.

Despite this shortcoming, thin provisioning has caught on, almost becoming a required feature. The ability to only allocate capacity as it was needed, even if you could not later reclaim that capacity, still saves many organizations lots of wasted capacity. The ideal situation is to be able to reclaim the deleted space as well and the next era of thin provisioning will be defined by vendors that can advance the state of the art to address this challenge.

Which brings us to zero detect. As I said earlier a file system does not automatically zero out deleted blocks. It just marks them available to be overwritten. A separate utility will have to be run that will scan the file system for deleted files and then zero them out. Once thats done the zero detect aware thin provisioning system can scan the volume and identify the blocks that have been zero'ed out and reclaim those areas. While this adds a few extra tasks to the storage administrator's todo list, imagine being able to reclaim TB's of capacity. This will likely become a housekeeping chore that is run once a week or month but the return could be well worth the investment in time.

Zero detect does let a few worms sneak out of the can though. There will be issues with how many consecutive blocks of deletion are available before the space can be reclaimed and all of this scanning is going to take processing power on both the attached server and especially on the storage system. Storage system suppliers will have to come up with ways to address at least the later.

The ideal solution may be to have a file system that is thin aware and communicates directly with the storage systems. This would allow the storage systems to reclaim the space as soon as it becomes available. The communication would eliminate the need for a separate maintenance process as well as reduce the impact on server and storage processors.

There is an effort within the Technical Committee T11, which is the committee within INCITS to produce a standard interface between file systems and thin provisioned storage systems. Until this standard becomes ratified and established it is going to be on the file system vendors and storage hardware vendors to work together. Until that time though the zero detect method may be the only way to enable thin reclamation.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3621
Published: 2014-10-02
The catalog url replacement in Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the publicurl endpoint field.

CVE-2014-6242
Published: 2014-10-02
Multiple SQL injection vulnerabilities in the All In One WP Security & Firewall plugin before 3.8.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) orderby or (2) order parameter in the aiowpsec page to wp-admin/admin.php. NOTE: this can be leveraged usi...

CVE-2014-6414
Published: 2014-10-02
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.

CVE-2014-6856
Published: 2014-10-02
The AHRAH (aka com.vet2pet.aid219426) application 219426 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6857
Published: 2014-10-02
The Car Wallpapers HD (aka com.arab4x4.gallery.app) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using.