Thursday, May 30, 2013

What is KVM?

If you’ve been around the industry for awhile, the first thought that comes to mind when someone says “KVM” is the “Keyboard-Video-Mouse” switch that allows you to manage multiple systems through a single console. While that is still valid, the more current definition of KVM is “Kernel-based Virtual Machine”. So let’s talk about what that is, and what it means to today’s IT professional.

The kernel component of KVM was first included in mainline Linux, 2.6.20, released in February 2007. It is a Linux virtualization solution that allows multiple Windows or Linux virtual machines to run on a single physical server. KVM has enjoyed continued improvement and development since its original introduction, and is now generally considered to be a mainstream virtualization hypervisor. In fact, KVM is able to stand on its own against such competitors as VMware vSphere, Microsoft Hyper-V, and Citrix XenServer.

Red Hat, one of the predominant distributions of Linux, offers KVM-based virtualization through subscriptions to several of its distributions including single guest, four guest, or unlimited guest versions of RHEL (Red Hat Enterprise Linux). It also offers a subscription for a lighter-weight, bare-metal hypervisor distribution known as RHEV (Red Hat Enterprise Virtualization) Hypervisor.

KVM recently got a rather large boost by IBM’s shift to open source cloud architecture. IBM opened the KVM Center or Excellence labs in Beijing around the end of 2012 and has announced a second location in New York. The aim is to encourage enterprise adoption of KVM because of its affordability and exceptional performance.  

Thursday, May 23, 2013

A Review of QLogic's FabricCache QLE10000 Adapter

The QLogic FabricCache QLE10000 adapter delivers shared server-based SSD caching to the Storage Area Network (SAN). The QLogic QLE10000 adapter is the first product built on Mt. Rainier technology; it combines a Fibre Channel host bus adapter (HBA) with a Flash-based cache.  The QLogic FabricCache adapters utilize a single HBA driver and standard management software, so no additional skill set or software is required to install and manage the QLogic QLE10000. TheQLogic QLE10000 is deployed as a traditional SAN HBA, and the FabricCache technology is transparent to the SAN and existing management software.

As a combined HBA and cache solution, the QLogic QLE10000 provides a number of benefits for servers running an extremely broad range of enterprise applications.  QLogic FabricCache adapters are in constant communication with one another, providing clustered caching for shared storage that is typically not available with conventional server-based SSD solutions.  Common storage traffic is offloaded from the SAN onto the FabricCache adapter, reducing precious I/O requests to the shared storage. Cache processing is transitioned from the CPU to the HBA, freeing processing resources.

To ensure cache consistency, each LUN is owned by a single FabricCache HBA; when data is requested from a different LUN, the FabricCache HBA will check with the LUN-owner cache.  If the data is cached, the response time for the data is reduced to microseconds.  If the requested data has not been cached, the data is retrieved from the source LUN.  Consistency between the cache and the LUN is maintained and I/O latency is minimized by the 1:1 relationship.

A demonstration video has been published on YouTube to show a multi-server cluster with shared storage.

Friday, May 17, 2013

How Juniper Networks Helps Improve Patient Care

One of the most pressing questions on the mind of hospitals and other healthcare providers is, how do we achieve better patient care? Due to the impact of Meaningful Use Stage 2 on HIPAA privacy and security regulations, many hospitals and healthcare providers are being incentivized, and ultimately required, to make changes to their current network infrastructures in order to better protect patient privacy when exchanging health information.  Fortunately, since network technology is evolving alongside the healthcare industry, these changes also lead to improvements in patient care and satisfaction.

Hospitals and healthcare providers require cost-effective solutions that will deliver the additional capacity, security and capabilities that their network infrastructures require. One key challenge these infrastructures face is the growing number of mobile devices caregivers and patients are using (both on and off premise).

One solution that takes both patient care and HIPAA regulations into account is Juniper’s Simply Connected for Healthcare solution.  As an integrated portfolio of resilient switching, security and wireless products, Simply Connected for Healthcare enables simple, secure access and collaboration, regardless of the type of device, its user, or its location. This makes it simple for both caregivers and patients to securely access medical information via one security policy per user, and it works for everything. 

In addition to secure, device-agnostic connections from any location, the primary benefits offered by Juniper’s Simply Connected for Healthcare solution  are: the creation of a general-purpose, application-agnostic network delivering unrivaled performance and protection,  increased secured information, availability, support for service-demanding healthcare mobility applications and seamless roaming, and simplification of the architecture and software stack of the network.

Juniper’s Simply Connected for Healthcare portfolio simplifies the network infrastructure, provides secure access to medical information, and offers a more reliable and scalable network.  Thus, it addresses both key issues facing the healthcare industry; it provides the necessary infrastructure changes due to HIPAA requirements, and it ensures the continuous improvement of patient care.

Tuesday, May 7, 2013

Secure Data-at-Rest with the IBM DS3500 SAN

The new Controller Firmware (CFW) 7.84 release for the IBM System Storage DS3500 introduced several powerful premium features. One premium feature of particular interest to many industries is the Full Disk Encryption (FDE) capabilities. Through these capabilities, the IBM DS3500 is now able to provide data-at-rest encryption, which meets a variety of regulatory requirements.

The IBM DS3500 SAN meets these regulatory requirements by offering continuous data security through 300GB and 600GB Self Encrypting Drives (SEDs). The SEDs provide the IBM DS3500 with full drive-level encryption that is easily managed through the IBM Disk Encryption Storage Manager for relentless data security.

Full disk encryption prevents unauthorized access to data resulting from the actual, physical removal of the SED from the IBM DS3500 SAN. This is accomplished via “Instant Secure Erase”, whereby an operator performs a secure erase prior to removal of a drive, or via “Auto-Locking”, which locks a drive whenever it is powered down.  However, it does permit transparent access to the data when the drives are unlocked and operating. When drive security is enabled on the array, it restricts data access to a controller with the correct security key.

Since the disk drives being used are self-encrypting, they also protect the data by generating an Encryption Key that never leaves the drive. Because the data is stored in encrypted form, through symmetric encryption and data decryption at full disk speed, there is no impact to the disk performance.

Through these new, powerful full disk encryption capabilities, the IBM DS3500 SAN can now meet the regulatory requirements for a wide range of industries, including HIPAA regulations resulting from Meaningful Use Phase 2. To learn more about the impact of Meaningful Use Phase 2 on Healthcare IT, click here.

Thursday, May 2, 2013

From Rented to Owned - Datacenter Edition

Sometimes it’s difficult to know where to start when you run into a business challenge, especially one that concerns IT. Recently, we dealt with a customer that had previously opted to rent infrastructure space in lieu of operating their own datacenter, but ran into an issue when they decided to transition to Apple for the desktop and end user mobile devices.

Unfortunately, the rented datacenter was not compatible with the Apple platform. Also, because the customer was in the healthcare industry, they had an entirely separate issue with securing data at rest due to recent changes to HIPAA regulations. 

This is where we came in. To help the customer achieve an environment that was both Apple-compatible and HIPAA compliant, we developed a customized primary datacenter solution as well as a Disaster Recovery (DR) site solution with automated failover. This customized solution included new IBM TotalStorage DS3500 SANs at both sites, with full disk encryption technology, a HP C7000 blade enclosure with renew BL460c G7 blade servers, GLC certified Cisco 3750 switches, VMware Site Recovery Manager, and a VMware Essentials Plus acceleration kit.

In addition to a unique combination of best-of-breed hardware and software, the customer received professional services and knowledge transfer through our full installation, along with documentation validating the failover process.

The customer was able to complete the transfer to an entirely Apple-based end user environment in a time-efficient manner and become fully compliant with new HIPAA regulations (thanks to the full disk encryption capabilities offered by the IBM TotalStorage DS3500 SAN). Ultimately, we were able to kill two birds with one stone, simplifying the project and saving the customer money.