Thursday, June 27, 2013

What is Dynamic Disk Pooling?

When IBM introduced firmware release 7.8x in the fall of 2012, there were a number of new technical advances, but by far the most exciting was Dynamic Disk Pooling.  With the general release of firmware level 7.84, many of these capabilities became available not only to new IBM System Storage DS3500 purchases, but to installed systems as well.  DDP does not require a license, nor does it require a purchase.  As soon as a DS3500 system is upgraded to 7.84 or later (7.86 is the latest), Dynamic Disk Pooling is available.

DDP dynamically distributes all data, spare capacity, and protection information across a pool of drives.  That pool may be all drives in the system, or a subset, such as all of the SAS 15K drives.   Effectively, DDP is a new type of RAID level, built on RAID 6.  It uses an intelligent algorithm to define where each chunk of data should reside.  In traditional RAID, drives are organized into arrays, and logical drives are written across stripes on the physical drives in the array.  Hot spares contain no data until a drive fails, leaving that spare capacity stranded and without a purpose.   In the event of a drive failure, the data is recreated on the hot spare, significantly impacting the performance of all drives in the array during the rebuild process. 

With DDP, each logical drive’s data and spare capacity is distributed across all drives in the pool, so all drives contribute to the aggregate IO of the logical drive, and the spare capacity is available to all logical drives.  In the event of a physical drive failure, data is reconstructed throughout the disk pool.  Basically, the data that had previously resided on the failed drive is redistributed across all drives in the pool.  Recovery from a failed drive may be up to ten times faster than a rebuild in a traditional RAID set, and the performance degradation is much less during the rebuild.

Apart from improved data protection, performance, and failure recovery, there are other benefits from DDP as well.   Administration is significantly easier.  When adding capacity, there is no more agonizing over whether to create a new RAID set or expand a current RAID set, and no more question about where the optimum placement is. You just put in the drive and add it to a pool.  The total capacity of the pool has now been increased, and you can then proceed to expand your logical drive, or create a new logical drive as needed.  Using disk pools instead of RAID sets makes disk utilization much more efficient and avoids issues found with traditional RAID, such as islands of stranded capacity that can’t be recovered.

With the proliferation of large format drives, traditional RAID is becoming progressively more difficult to manage, and the long rebuild times associated with large SATA drives creates unacceptably long windows of vulnerability (as much as 4.5 days with a 3TB drive in an operational array).  Over the coming months and years, technology like DDP will continue to replace traditional RAID because of these issues.

Thursday, June 20, 2013

Protecting Your Network: A Firewall Isn’t Enough

If I had a nickel for every time I heard a networking professional say “I have a firewall, so my network is secure”, suffice it to say, I’d have a LOT of nickels.  10 years ago, firewalls were one of the primary ways you protected your network.  But even then, it was difficult for the engineers to convince their managers, and then for their managers to convince the executives, that a firewall was necessary.  They were costly and the mentality was “we don’t have an issue, why do we need it?”

Today, engineers, specifically security-conscious engineers, tend to stay current on networking security, vulnerability assessment, and the “how data might be compromised” - which is a daunting and never-ending task.  A Security Engineer suspects how someone might gain unauthorized access to their network, and therefore they have methods of preventing or logging and reporting said access.  These things take money and/or time to implement. 

Managers will generally focus on both the benefits and cost of the engineer-proposed solution.  They generally have a good understanding of what the engineer is proposing and the benefits of such a solution.  They also understand what the executive level will and won’t do in relation to authorizing these types of projects, whether it’s funding or time-related constraints. 

For those security projects that make it to the next level, the Executives tend to focus on the primary business objectives of the company rather than focusing on individual business units, such as Networking or Security.  As a result, most security-related projects are done “post-mortem”, i.e. after an incident has caused an issue within the business.

The fact is that almost all businesses spend time and money on network security only after they realize there’s an issue, or if they are forced by a regulatory committee for compliance, i.e. HIPAA, SOX, PCI DSS, etc.  According to the 2013 Data Breach Investigations Report (1), 92% of all breaches are performed by external sources originating OUTSIDE your firewall while 14% originated INSIDE (with 1% originating from trusted Partners).  What this tells us is that a firewall is simply no longer enough to adequately protect a network.

(1) - 2013 Data Breach Investigations Report

Thursday, June 13, 2013

VMware vSOM: What's the Big Deal?

The release of VMware’s vSphere with Operations Manager, or vSOM, licensing option has created a bit of an industry buzz. Whether it’s concern over how vSOM will impact vSphere Center Operations Management Suite (vCOPS) licensing or excitement over the advantages of the new licensing option, vSOM has caught the attention of VMware-virtualized organizations.

First of all, the new vSOM licensing option consists of VMware vSphere Standard, Enterprise or Enterprise Plus edition combined with VMware vCOPS Standard Edition for every host in your virtual infrastructure. This makes it an attractive licensing option compared to previous vCOPS licensing, because it allows you pay per CPU for both vSphere and vCops. Additionally, the price point for vSOM is below the price point of any vSphere edition combined with Operations Management.

Secondly, in addition to cost, vSOM enhances operational efficiency. vSOM enables datacenters to improve their VMware capacity utilization by up to 40% because stranded capacity can be reclaimed and utilized efficiently. Reducing the amount of time spent on diagnostics and problem resolution, vSOM also provides, on average, a 36% reduction in application downtime.

There are three ways that users can obtain vSOM. Not only can users straight-out purchase the new vSOM licensing option, users can also obtain vSOM by upgrading their current vSphere licenses. Just a tip, upgrading current vSphere licenses will be significantly less costly than outright purchasing vSOM. Last but not least, vSphere with Operations Management Acceleration Kits are also available for purchase.  The new Acceleration Kits include a vCenter Standard Server license, six vSphere licenses in the edition of the user’s choice, and vCenter Operations Manager Standard licensing with each processor license.

Thursday, June 6, 2013

Driving Innovation with HP ProLiant Gen8 Servers

Now that HP ProLiant G7 servers have officially gone end-of-life, it’s time to take a good, hard look at their successor – HP ProLiant Gen8 servers. What are the key differences between the two generations, and what advantages do the new generation of HP ProLiant blade and rackmount servers provide? Well, with over 150 design innovations from the G7 architecture, there are definitely plenty of improvements to talk about.

Beginning with the improved technologies and features, HP ProLiant Gen8 servers come equipped with cutting-edge Intel Xeon E5 processors for superior energy-efficiency, reduced I/O network latency, and overall improved performance. Gen8 servers also feature LRDIMM memory, which provides reduced loading for enhanced speed and a memory capacity ranging up to 768GB.

Along with enhanced performance, Gen8 servers also feature improved server management through the new HP Integrated Lights Out 4 (iLO 4). HP iLO4 features the new HP Agentless Management, HP Active Health System, HP iLO Mobile App, HP iLO multi-language support, and HP Sea of Sensors 3D. These features deliver enhanced thermal and power control as well as secure server management and simplified server deployment.

Designed to decrease downtime, failures and data loss, HP ProLiant Gen8 servers also feature Integrated Lifecycle Automation with HP Intelligent Provisioning, Dynamic Workload Acceleration, Automated Energy Optimization, and Proactive Insight Experience and Insight Architecture Alliance. These features combine to offer incredible server intelligence and automation for an intuitive, optimized server experience.

The most popular new models within the HP ProLiant Gen8 server family are: HP BL460c Gen8 blade servers, 1U HP DL360p Gen8 rack servers, and 2U HP DL380p Gen8 rack servers.