Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

2/17/2011
08:46 AM
George Crump
George Crump
Commentary
50%
50%

Building Storage Proof Applications

A storage system failure where more drives have failed then the RAID protection scheme will cover you from or where the storage software itself has crashed is a disaster. The amount of work required to return the system to service can be daunting and applications are likely to experience downtime, in some cases that time can be significant. We have to start working on building storage proof applications.

A storage system failure where more drives have failed then the RAID protection scheme will cover you from or where the storage software itself has crashed is a disaster. The amount of work required to return the system to service can be daunting and applications are likely to experience downtime, in some cases that time can be significant. We have to start working on building storage proof applications.While this type of storage system failure is still rare, I do believe that we are seeing a slight increase in the occurrence of this type of failure. I also feel that the impact of such a failure, application unavailability, is more significant than ever. We count on applications more so than in the past and the size of and reach of those applications is larger than ever. In short more users are impacted for a longer period of time as IT scrambles to try to return the application to service. Recovery from any type of backup device may be too slow. In either case it is important to start considering how to build storage proof applications.

As drive capacities increase the time it takes to rebuild a RAID set after a drive failure can now take days in some cases. The chances of a second or even third drive failing during that rebuild process also increases. There is also the impact on performance during the rebuild process. The more you allocate storage processing toward the rebuild effort the faster the rebuild occurs but the slower the application performs. If you allocate more processing toward the application the rebuild process slows down and you are exposed to additional drive failures for a longer period of time.

As we discuss in our recent article "What's Missing From Your Disaster Recovery Plan?" application or operating system clusters often won't help much here. Most rely on shared storage. If that storage fails there is a chance that your application cluster just failed along with it. Most operating system level clustering technologies won't detect specific application failure nor will they monitor performance conditions.

There are a few ways to protect your application from its storage. The first is a better storage system with multiple, more than two, controllers that are resilient to a storage software failure, meaning you can roll a storage software upgrade to each processor. There is also a growing number of backup applications that allow data to be served from the backup device. The third option is to use failover applications that can make sure that application data is being written to two separate storage systems at the same time. The use of software would allow the deployment of a more mid-range storage solution to support an enterprise class storage system. Most of these software solutions will work across applications and not require special versions of operating systems. Some are even application aware, so they can detect an in-application failure or performance degradation.

Armed with this level of resiliency, applications can now be kept available even if the worst case local disaster occurs, a storage system failure. Too often we focus on getting data out of the data center, when in reality the data center is fine. It's these inside the data center failures that really get you into trouble, a software based tool is something to look into to make those troubles go away.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27187
PUBLISHED: 2020-10-26
An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related command...
CVE-2020-7752
PUBLISHED: 2020-10-26
This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands.
CVE-2020-7127
PUBLISHED: 2020-10-26
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-7196
PUBLISHED: 2020-10-26
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the ur...
CVE-2020-7197
PUBLISHED: 2020-10-26
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* U...