DCIGFeed

DCIG 2012 Big Data Tape Library Buyer's Guide Now Available

2012-05-17T12:00:00Z

DCIG is very excited to announce the availability of its inaugural DCIG 2012 Big Data Tape Library Buyer's Guide that weights, scores and ranks over 140 features on more than 60 tape libraries from 8 different storage providers. Driven by the explosion of storage requirements to address "Big Data" and the "Cloud," organizations are now more than ever looking for cost-effective, viable storage media on which to store this data. This is why DCIG believes tape libraries are poised to be one of the big benefactors of these growing storage demands which prompted DCIG to produce its first ever Tape Library Buyer's Guide to help enterprises choose the right solution for their environment.

The world of Big Data is upon us. More organizations of all sizes capture, store and retain more data for longer periods of time than ever before. Even as the traditional drivers of data growth remain with us (backups, growth of structured data stores, etc.), new ways in which organizations may capture data are driving today's unprecedented data growth.

As enterprise organizations come to grips with their Big Data requirements and/or look to store data in the cloud, the cost of retaining all of that data is beginning to come fully into focus, especially if they look solely at disk to do so.

2, 3 and even 4 TB disks coupled with compression and data deduplication have certainly contributed to lower the upfront cost of disk such that, on a per GB basis, it is now on par and may even be lower than tape. But what is getting the attention of more organizations is the operational expenses (OPEX) associated with keeping these disks powered on.

Further, not all data is created the same. While it may be "valuable" to the organization, it may not have an immediate value that justifies storing it to disk and incurring ongoing operational costs. Additionally, organizations are also looking to store data that:

Cannot be easily or cost-effectively reacquired
Consumes little or no power
Does not compress or deduplicate well or at all
Is rarely or infrequently accessed
Needs to be retained for years or even decades
Scales into the hundreds of terabytes or even petabytes

It is for reasons like these that DCIG produced this 2012 Big Data Tape Library Buyer's Guide as DCIG sees tape as being viable storage medium for the foreseeable future. In it, DCIG accounts for tape's historical use case of backup as well as its emerging role as a cost effective storage medium for archival data that is resulting from the advent of Big Data and the Cloud.

In doing its research for this Buyer's Guide, DCIG uncovered some interesting statistics about tape libraries in general:

100% supported the LTO format
100% supported a FC interface
39% still support a SCSI interface
64% have 1 year warranties
36% have 3 year warranties
22% scale to support over one (1) petabyte of storage capacity
Only 7.5% support a tape media other than LTO (SDLT, 9840, TS1140, etc.)
6% offer dual robotics

As with prior DCIG Buyer's Guides, it accomplishes the following objectives for end users:

Provides an objective, third party evaluation of tape libraries that weights, scores and ranks their features from an end user's viewpoint
Includes recommendations on how to best use this Buyer's Guide
Scores and ranks the features on each tape libraries based upon criteria that matter most to end users so they can quickly know which tape libraries are the most appropriate for them to use and under what conditions
Provides data sheets for 66 tape libraries from 8 different storage providers so end users can do quick comparisons of the features that are supported and not supported on each tape library
Provides insight into which features on a tape library will result in improved availability and increased storage capacities
Provides insight into which tape libraries are supported by popular archiving and backup software products
Gives any organization the ability to request competitive bids from different providers of tape libraries that are "apples-to-apples" comparisons

The DCIG 2012 Big Data Tape Library Buyer's Guide is available immediately and may be downloaded for no charge with registration by following this link.

Boosting Transactional Performance with the Fusion-io SDK Kit; Interview with Fusion-io Sr Director Product Mgt Brent Compton Part II

2012-05-16T19:00:00Z

The deployment of flash memory storage as either storage or memory almost inevitably results in increases in application performance. However to get the real 'kick' in performance that today's transactional applications need and which flash can provide, a more elegant approach to flash's deployment is needed. Today I continue my discussion with Fusion-io Senior Director of Product Management, Brent Compton, who elaborates on the APIs that the Fusion ioMemory SDK exposes that make this boost in transactional performance possible.

Ben: Direct access to flash RAM is definitely a foundational requirement. The ability to offload processing of key-value stores is another basic yet consistently needed functionality for developers. What else can we expect?

Brent: First, I'd like to distinguish between a 'primitive' and an 'API' in our SDK nomenclature. A primitive is a single, foundational interface call while an API is a family of related interface calls. For instance, the directKey-Value Store API is a family of related interface calls.

One of the primitives is the Atomic Multi-block Writes. It takes advantage of one of the native properties of our ioMemory flash translation layer: the log structured write mechanism. This mechanism provides a basic copy-on-write foundation.

Just a simple illustration, if you write three blocks A, B and C and then you come along and update A, unlike a disk which performs a rewrite in place, ioMemory writes 'A' to the tail of the log. So both A and newly-written 'A' exist on ioMemory.

There are many different ways that applications could exploit this foundational copy-on-write property, not the least of which is to provide atomicity for multi-block writes. This occurs when an application says, "I need to write a bunch of blocks and I need to ensure that all of them are written, or none of them are written."

A practical example of this might be writing a combination of data and metadata. Both the data and corresponding metadata need to be written to ensure integrity of the update. If only part of the data is written, or only the metadata is written, the data repository will be out-of-sync. All written, or none written.

This means we have all the makings of a double buffered write. If there is any interruption to a multi-block write we have all the mechanisms in place to roll back to the previous content. We just ignore a partial write of those blocks as if it had never occurred.

We gave a sneak preview of Atomic Writes in October 2011 at Oracle Open World. In conjunction we pulled down some of the MySQL open source for the InnoDB storage engine.

We modified MySQL InnoDB by replacing its double buffered writes with native calls to our atomic multi-block write interface. We saw significant latency reductions, performance improvements with more IOPS, while reducing the code path. So it's one of those "less code, better performance" stories.

Ben: I think those are some good examples. What other categories of APIs are available?

Brent: The next category is the memory access API family. Note the different use of words: memory access API versus direct IO API.

Flash has always been a hybrid of memory and storage but to date, its uses in industry have been storage. We're offering the industry's first memory access semantics to flash. There a couple of different APIs under this memory access API family. I'm going to highlight one.

On January 5th Fusion-io demonstrated one billion IOPS using a technology we call Auto Commit Memory (ACM). This SDK becomes the vehicle through which we provide this capability to software developers through an ACM API.

The essence of it that is an application can designate a region of its process virtual address space as persistent. ACM provides API semantics to attach this persistent region to Auto Commit Memory, to ioMemory, such that anything written to that region of the process virtual address space is guaranteed to be automatically persisted.

This is a mechanism has some similarities to mmap, so you have the benefit of saying, "Wow! I can eliminate a lot of my code complexity by persisting my data, without having to resort to IO primitives. I can just store data in that location of memory and have somebody else worry about persisting." In this case the 'somebody else' is the ioMemory SDK.

However, unlike mmap, and this is key, ACM guarantees persistence. In other words when you write something to memory allocated with mmap, and there is an interruption of service, you're not guaranteed that it will be persisted. You don't have the durability of writes which means you have to resort to various other mechanisms of journaling or double buffered writes or things like that.

On the other hand, when you write something to Auto Commit Memory, by design it will be automatically committed. In other words, it is durable across service interruptions such as power failures.

Note that part of the ACM API will be a write barrier operation, like a flush, ensuring that the data is cleared from the processor complex, various levels of CPU caches and what not. Once flushed from the processor complex, it's automatically persisted to ioMemory.

What attracts a lot of database developers to this new API is the notion of solving the tail-of-their-transaction log performance inhibitor. By definition, it is the transaction log through which they can ensure ACID properties of transactions.

Previously developers had to issue blocking synchronous I/Os at the tail of their log, to ensure that the most recent writes before service interruption were durable. With our ACM API they can convert that blocking synchronous IO to a non-blocking asynchronous IO by maintaining the tail of their transaction log in auto commit memory.

They may still persist the tail of their log to a backing store but they will not need to do it synchronously through a blocking IO. If there's an interruption, for instance upon a system or an application restart, they can always recover their state through what was persisted in auto commit memory. So developers are quite keen on that.

In Part I of our interview series, we discussed how the Fusion-io SDK kit will help to unleash the next gen properties of flash.

In Part 3 in this interview series we will discuss the "DirectFS" API, a native POSIX compliant direct file system layer and discuss the more technical aspects of how the SDK works.

Three Tips for SMBs to Follow to Ensure a Successful Storage Tiering Implementation

2012-05-15T12:00:00Z

Storage tiering as a strategy is gaining a lot of momentum as a way to optimize available storage capacity and bring storage costs under control. But many small and midsized businesses (SMBs) still question if storage tiering is right for them and, if so, what steps they should take to implement it. To answer these concerns, there are three tips for SMBs to follow to ensure implementing storage tiering is the right choice for them and that they do it correctly.

The decision for some organizations as to whether or not to implement storage tiering is sometimes pretty clear cut. If an organization only has a couple of terabytes of data under management, implementing storage tiering is probably not a necessity. Conversely enterprise that have hundreds of terabytes under management will probably see substantial cost savings by implementing a tiered storage strategy.

However SMBs are often caught in the middle. They have more than a couple of terabytes but certainly nowhere near hundreds of TBs under management. As such, it is only logical to ask if implementing storage tiering will benefit them and, if so, what does such an implementation look like.
As is the case of any hypothetical question, the answer is, "It depends." To arrive at the right answer for their business, they should first consider the following two findings.

In 2010, a Planet FileStore analysis of storage at Cardiff University found that 93% of the files the university stored were not modified after 60 days. It also found that idle disks consume 90% of the energy of "busy" or "active" disks.
In a 2011 report, analyst firm IDC found that 80% of today's enterprise data is unstructured and growing at an annual rate of 60%. However only 1-5% of it is used regularly and actively accessed.

So if an SMB finds that its data is growing rapidly and that most of its data is unstructured, the question is not, "If they will need storage tiering?" The question is "When?"

As such, they should follow these three tips as to how to know best when to introduce storage tiering into their environment and how best to implement it.

First, SMBs are always going to need a certain amount of storage capacity to function as their online storage tier on which to store their active, production unstructured data. This online storage tier will consist of either hard disk drives (HDDs) or solid state drives (SSDs) that provide the highest levels of performance for their active data. So long as all of their data (active and inactive) fits on their online storage tier, SMBs probably only need this tier for their data complemented by a secondary, offsite tier to store backup copies of this data.

Second, select a single storage solution that supports multiple storage tiers. Storage capacities on HDDs are NOT experiencing 60% year-over-year (YoY) growth rates like data is and certainly not at the 100, 400 or 800% YoY data growth rates that some IT executives already report. So as SMBs select new storage solutions, they should anticipate these higher unstructured data growth rates in their environments and buy storage solutions that accommodate multiple tiers, including online, offline and even offsite tiers to control and manage their storage costs.

Third, implement a solution with software that provides an automated way to manage the data and move it between tiers. It is one thing to have multiple tiers of storage. It is quite another to make sure that the right data is placed on the right tier at the right time. This is why software that automatically moves data between storage tiers based on policies is a necessity. Absent any software to perform this function, organizations will not be able to effectively use their various storage tiers even if they have them in place.

This is why SMBs who need or anticipate needing storage tiering should consider the Imation InfiniVault as the storage solution to house their unstructured data. Providing multiple tiers of storage in a single solution with the software that is needed to manage and place data on the appropriate storage tier, the InfiniVault provides SMBs with the full range of storage tiering options that they need now or in the future without the management headaches that can accompany the introduction of storage tiering.

Storage tiering may be in vogue right now but an SMB first has to possess a sufficient amount of data to even justify implementing storage tiering in the first place. Then if even they do want to introduce multiple tiers of storage, they will still need software that manages and automatically places data on the different storage tiers.

Using the Imation Infinition, SMBs may implement storage tiering at the right time and on their timetable using whatever tier of storage that their unstructured data requires. Further, the Imation InfiniVault avoids the pitfalls of other solutions as bundling its hardware and software in its all-in-one appliance makes implementing and then managing tiered storage easy and simple for SMBs to accomplish.

The Coming Identity Based Network Management Revolution; Interview with Blackridge Technology CTO John Hayes, Part III

2012-05-14T12:00:00Z

Since the advent of the TCP/IP protocol, network administrators have had a major blind spot: the ability to reliably determine the identity of an individual device or user. BlackRidge's new Eclipse™ solution, built on BlackRidge's patented Transport Access Control (TAC), uses client drivers or gateway appliances to insert unique identity information to every TCP packet. In this third and final post in our blog interview series, BlackRidge Technology CTO John Hayes and I discuss where BlackRidge is heading and the challenge of managing infrastructures from the perspective of devices rather than networks.

Ben: Let's discuss your recent identity aware networking solution release. What is different in this release?

John: We've made a number of advances since our first release, which was targeted at government customers. The main advance is in scalability. We can now handle 10,000 Identities per physical or virtual gateway.

Next is manageability. We have a more comprehensive management interface, including a GUI. We have Active Directory and LDAP integration. In general, we have a better-defined integration with existing systems. We have also implemented log management so we can process the logs appropriately and feed into other systems.

Another interesting use case that we have found is in network segmentation. One of the issues with VLANs is a technical limitation within the VLAN tag itself, you can only support 4,000, 4k VLANs. Eclipse allows you to implement the functionality of VLANs without having to deal with the limitations of VLANs.

I would consider VLANs to be another topological limitation of the networks. Think of it this way, VLANs were invented as a management control mechanism. It took one physical LAN and carved it up into a bunch of virtual LANs and it works well. But you are still tied to the policies of both the underlying physical and the virtual LAN. If you can completely free yourself from that, it makes policy implementation easier.

Ben: How do you keep administrators from getting snowed under? This is a pretty revolutionary concept and when you are looking at managing individual devices it sounds complicated.

John: You are right. At first glance this can viewed as a big hairball. We really are looking at this from the perspective of the Identity of an individual device or user.

But you probably do not want to manage everything -- if I had 10,000 users, I do not want to manage every user individually. What we normally do is determine a couple of common groups. Then you drop users into those groups.

You are going to be in the engineering group. You are going be in the finance group. You are going be in the sales group. What that does is it allows you to say, here are the policy filters that for sales, and anybody in the sales group uses that policy.

That means I do not have to write individual policies for everybody in that group. And also I can modify those policies and modify the policies for sales, and it applies to everybody in the group. That is how we are looking at it.

If you need to, you can have a group of one or set specific policies for a specific identity and it can be completely custom. Or I can say, you are going to follow the sales group policy, and then you are also going to have these other policies in addition.

But for most users, we would expect the administrator to say, "OK, you are going to fall into this group of users and just follow those policies."

Ben: You also announced a virtual appliance correct?

John: Yes. The biggest challenge we have going into customers in many cases is they say, "We love your product, but I do not have any rack space for you."

Having a virtual appliance gives us the ability to say, "OK use your existing infrastructure. Just deploy us virtually and we can provide you the same features."

Again, this is in response to major customer feedback. Power, cooling, floor and rack space are some of the most precious commodities in the data center. Operating virtually gives our customers the ability to take advantage of the core reasons they deployed a virtual environment in the first place.

Ben: This also helps organizations be more agile, is that the case?

John: Yes. Actually, one of the areas that we are working on for future releases is enhancing both the agility, not only of the clients and the gateways, but also being able to track the resources that are being authenticated, or who the requests are being authenticated for. This is an exciting path for us.

Ben: Speaking of the future, are you looking at any strategic partnerships?

John: Yes we are. May has started off with a couple of very important announcements for us. The first announcement came from Sypris Electronics. Sypris announced they are integrating our TAC technology into their key management system giving public and private sector customers a new level of network protection.

The second announcement came from McAfee. McAfee announced that we have joined their SIA program. McAfee's alliance program is enabling us to plug into an established framework for interoperable and compatible solutions within the security marketplace. We look forward to building tighter relationships with some of the other companies in this program.

Today, I would say our partner activity fall into three categories.

On the client side, and I would also emphasize mobile here, it is very important for us to be able to get our clients out and accessible to the customer on as many platforms as possible. We are continuing to focus on that. Mobile initiatives based on BYOD or the 'Internet of Things' are going to continue to keep this top of mind for the foreseeable future.

The second one is although we are just announcing Eclipse in both a physical and virtual appliance, there's other vendors doing integrated security devices that are also expressing interest in the Eclipse functionality. We are getting a fair bit of interest from OEM and channel partners right now.

Third, when our products are in operation, we see a lot of things. We are able to learn things. By generating events I can tell that, "Hey, we are getting a DOS attack from some place over there." Obviously, this is not saying that we are going to expose identities or things of that sort. But we can use those identities internally as an additional point of reference.

Using those additional points of reference you can basically gain operational knowledge of what's going on in the network. The ability to allow people to subscribe and to communicate to those events is another really interesting area that we are having some very interesting conversations with folks on. I think that's the area that you should probably keep an eye on for partnerships in the future.

Ben: John, thank you. I think this has been a very enlightening interview.

John: Thank you Ben and the rest of the DCIG team! We look forward to keeping you updated as our product roadmap gets fulfilled.

In Part I of this executive interview series we examined the three practical use cases for network layer identification.

In Part II of this executive interview series we discussed why most current authentication schemes fail in headless environments and described Eclipse's underlying technology, TAC.

Symantec Vision 2012 Exposes Attendees to the Real Threat of Today's Constant Barrage of Attacks

2012-05-11T16:30:00Z

The keynote given by Symantec's CEO Enrique Salem this past Tuesday and the series of presentations that followed exposed every attendee at Symantec Vision 2012 to just how dangerous today's internet world really has become. Yet the larger threat that every business faces is not putting in place a solution to address them. Rather it is the danger that dealing with these threats will cause organizations to take their eyes off of the ball and fail to focus on where their business needs to go next.

Every business realizes it needs to protect its data from loss, keep its production applications highly available and secure its perimeter from attack or theft. The challenges each business faces as it seeks to deliver on these objectives are:

What is the appropriate amount of data protection to put in place?
How available do their applications need to be? (three 9's, four 9's or five?)
What is the right level of security to put on the perimeter to keep the bad guys out while keeping our good data in?

If you were in attendance at Symantec Vision 2012 this week and heard some of the stats they had to share, you begin to realize just how difficult it is to achieve that balance. The paranoid among us might even think it is time for everyone to batten down the hatches, go into their bomb shelters and expect the apocalypse to strike at any moment.

Clearly that last statement is a bit melodramatic but there is an element of truth to it as I got a sense of what Symantec sees every day in terms of the number of attacks that it has to help businesses defend against. Here is just some of what Symantec had to share regarding what it sees in the security space:

The number of threats increased 81% in 2011 over 2010.
1 million new pieces of malware are now written every single day.
Cybercrime attackers made over $100 billion in 2011 and may have cost businesses between 3 and 4 times that much.
It used to take a few minutes to discover a piece of malware. Now it may take months to detect it.
Malware can now kill power grids, open dams and sabotage nuclear reactors.
Threats are becoming more targeted towards individuals and the intellectual property they possess.
97% of security events are now false positives as attackers look to get in and get out undetected making it difficult for a business to know it has been compromised.

Yet potentially the biggest threat that companies face is becoming so consumed with reacting to these threats that they fail to create and then execute on more strategic initiatives that keep their company moving forward.

To Symantec's credit, it realized that it is not immune from this same problem so back in 2010 it tried to envision what the world was going to look like in a few years. Frankly, it did a remarkably good job of constructing that vision. The most poignant part of Salem's keynote was when he shared how Symantec in May 2010 documented how it thought the world might look in 2012.

It envisioned:

A transformed data center where tasks once only done inside the data center could be done anywhere
People would use multi-purpose devices with both local and cloud storage
People would move from one device to another without waiting for data to be moved

In other words, Symantec was envisioning the world of bring your own device (BYOD) to work that was a major theme of InterOp, another conference going on essentially across the street from Symantec Vision 2012. It was as he shared these thoughts that he also put on the big screen behind him a picture that closely resembled the tablet. This was the vision Symantec had developed in 2010.

However what was most impressive and is a credit to Symantec, it did more than just put a picture on a drawing board two years ago and then forgot about it. It treated that vision seriously and acted on it. As Salem said, "This is the year Symantec's vision becomes a reality."

Based on what I saw at Symantec Vision 2012, companies can learn a lot from Symantec. Yes, they can turn to Symantec to get data protection software, high availability software and security software to meet just about any level of need they may have from low to moderate to the most extreme.

Yet my primary takeaway out of Symantec Vision 2012 was that the real threat that today's barrage of attacks against businesses present was how they can distract organizations from focusing on the business. Nothing is more distracting than when the information that you need to run your business on a day-to-day basis is suddenly not available and, in worst case scenarios, may actually be in the hands of someone else that may now use it against you or to even use it put you out of business.

BYOD Trend Finds a Reference Point in HP CV2

2012-05-10T21:30:00Z

The allure of client virtualization is increasing in the eyes of enterprise organizations. Aside from its obvious benefits of eliminating the management headaches and upgrade cycles of corporate desktops and laptops, organizations can better meet the growing demands of employees who want to bring their own devices (BYOD) to access corporate networks. However client virtualization can result in enterprises simply swapping one set of problems for another unless organizations first assess what their requirements are so they may put a solution in place with the right framework for their environment.

Desktop virtualization clearly has momentum. High performance networks, powerful servers and bountiful storage capacity have all become extremely economical in recent years. These factors coupled with the virtualization of other parts of the business are giving organizations the technical and business justifications they need to roll out client virtualization. Toss in the never ending OS upgrade cycles on PCs and laptops and the ongoing security risks they pose and client virtualization becomes almost a no-brainer.

Yet the intangible that is starting to drive client virtualization from a "nice to have" to a "must have" is the speed at which individuals are adopting mobile computing devices. Today's employees want the flexibility to bring their own device (BYOD) to work and use their mobile phone, iPad, tablet or laptop anywhere and use it to as their preferred device to access corporate networks.

This trend shows no signs of abating. One analyst firm predicts that over 140 million tablets will ship in 2015 alone with Apple CEO's Tim Cook essentially affirming this claim as he stated 92% of Fortune 500 companies are either testing or have already deployed iPads. This rapid growth of tablets makes it almost a necessity for organizations to deliver client virtualization sooner rather than later.

So here is the dilemma that organizations face. As workers go mobile, organizations are almost compelled to implement client virtualization to give their workers the flexibility they want. However that only works if the back end infrastructure they put in place provides the reliability they need so worker productivity is not impacted.

This is easier said than done. Organizations typically need a lot of information at the outset to successfully execute upon a client virtualization initiative. For example, they will need to know:

How many servers with the appropriate amount of capacity for the user community will be needed
The number of desktops that will be virtualized
What applications function best with client virtualization
The additional number of net new virtual desktops that remote workers will now need
Storage with the proper amounts of capacity and performance
Expected I/O loads
How to scale the environment up (or down)
How to allocate and reallocate resources where they are needed as they are needed
The appropriate network configuration to support these workloads
What software is available to manage this virtual infrastructure

It is for these reasons that we are seeing the rise of reference configurations and pre-configured solutions for client virtualization such as the HP VirtualSystem for Client Virtualization (CV2). This integrated solution addresses some of the major concerns that organizations have about deploying client virtualization as it enables them to:

Deploy tested and proven configurations. Availability and reliability are keys to winning over and gaining end user acceptance in client virtualization deployments. The last thing any organization wants to do is deploy a client virtualization solution that only works part or some of the time. All of the hardware and software in the HP CV2 is tested and guaranteed to work in an end-to-end configuration so the possibility of interoperability issues is minimized.

Flexibly grow the infrastructure in a way that matches how the organization grows. No one can predict exactly what demands an organization will ultimately place upon the infrastructure that supports its client virtualization deployment. An organization may need more performance, more capacity or both. This is where the value of HP CV2's reference architecture comes into play. It can grow and scale in ways that match an organization's specific requirements so an organization always has infrastructure options no matter what demands its client virtualization initiative places upon it.

Get out of the gate quickly. The last thing an organization wants is to deploy a solution that is new to them and then discover there is no one there to help get if off the ground or support them as they grow. HP provides a client virtualization analysis and modeling service that analyzes Microsoft Windows client devices, builds models based upon the applications found and used and identifies those apps that may present challenges once virtualized.

Using this model, HP has done many client virtualization projects with over a decade of experience deploying client virtualization. This experience has resulted in HP building up a wealth of information and expertise that it may draw upon that help mitigate deployment risks while significantly reducing the time and effort required to roll client virtualization out across the organization.

The financial and technical arguments to deploy client virtualization are evident but mobile computing is the new wildcard in today's business environments which is giving organizations new impetus to deploy client virtualization sooner rather than later. But as they feel the push to roll out client virtualization, they can also feel more uneasy about the unknowns associated with such a deployment.

Reference architectures and pre-integrated solutions such as HP CV2 quell those fears as it accounts for the key challenges that may emerge at various stages in the client virtualization roll out and adoption. It gives organizations access to a highly available and reliable solution and the flexibility to adapt it according to how their infrastructure evolves so they may confidently move ahead with their client virtualization initiatives.

Symantec NetBackup 5220 Backup Appliance Assumes Its Own Identity

2012-05-08T19:15:00Z

When Symantec shipped its first backup appliances in late 2010, it could arguably be said the primary intention of these appliances was to simplify the deployment of Backup Exec and NetBackup at customer sites by shipping both hardware and software as a single SKU. While that still holds true, these appliances also opened the door for them to offer specific features and assume their own unique identities. The new NetBackup 5220 begins to deliver on that promise as it now offers specific software and features that make it much more than just a "server with NetBackup software pre-installed on it."

Everyone generally knows that the simplicity associated with deploying backup appliances have made them a hot ticket in customer environments. This is a big reason that the market for these devices is forecasted to grow by 17% annually over the next couple of years. But what many are recognizing is that these appliances can be much more than just shrink-wrapped packages with backup software and server and storage hardware.

The Symantec NetBackup 5220 represents one of the first backup appliances to take advantage of the new possibilities that backup appliances create. In the 5220, we see this in two ways.

First, Symantec bundles more software from other parts of its product line.
Second, Symantec introduces new features into the 5220 that enhances its overall value beyond simple backup.

As the above image illustrates, there are two new software products that Symantec NetBackup 5220 now includes. On the left hand side is Symantec Critical System Protection that is deployed as an unmanaged agent on the NetBackup 5220. Using this agent, the 5220 will do host intrusion detection thereby monitoring and auditing itself and generate alerts if anyone accesses it. If they do, administrators may then see what they have doing on the appliance (changing files, which applications they have been accessing, etc.)

Those organizations that already use Critical System Protection within their environment to protect physical and virtual servers may alternatively activate the agent and make it a managed agent. When used this way, organizations may integrate it with their existing Critical System Protection server and then centrally manage the NetBackup 5220 as part of their broader intrusion prevention scheme.

On the right hand side we see that Symantec introduces WAN optimization into the 5220. In this case, Symantec has partnered to introduce this software to optimize outbound traffic. In its internal testing, Symantec has consistently seen about a 2x performance increase whether replicating to other appliances at other sites or even when replicating to the cloud.

Of the two, replicating to the cloud was a driver behind the introduction of this feature. As NetBackup had already extended its support for cloud providers to include AT&T, Amazon and Rackspace in addition to Nirvanix, more of its customers were looking to leverage this new NetBackup option to store data in the cloud. So by introducing WAN optimization into the 5220 itself, they now get the flexibility to do so.

Yet what I personally found most intriguing about this release is how the NetBackup 5220 is prompting the need for new feature functionality to be added into the NetBackup software itself and then shipped with the NetBackup 5220 even before it ships with NetBackup. In this particular case, the NetBackup 5220 was encountering a specific challenge when it was deployed to backup some VMware environments.

If asked to be an off-host backup in a VMware environment with shared storage, it would want to leverage the VMware API to make a snapshot of the VM so it would not impact the ESX host. However to perform that off-host VM backup, it still required a Windows box somewhere. While this could be the backup server, since the NetBackup 5220 uses Linux, the 5220 used to rely on some external Windows server to perform the backup as VMware's data protection APIs were primarily designed to work in Windows environments.

However in working with VMware, they jointly developed a functional API for Linux. Now the NetBackup 5220 no longer needs either a physical or virtual Windows host to do off-host backups of VMs. It may now perform this backup itself. Symantec refers to this as direct vSphere backups.

Making this particular functionality noteworthy is that it is currently only available on the NetBackup 5220. While Symantec plans to add it to the software version of NetBackup in an upcoming release, the general availability of this feature on the NetBackup 5220 before it ships on the flagship NetBackup software highlights how backup appliances in general and the NetBackup 5220 specifically are poised to offer a more end-to-end solution than what might normally be built by a backup team.

Backup appliances are a hot ticket in customer environments and few appliances are hotter than the NetBackup 5220. But what organizations have to realize is that full extent of the operational savings that can be achieved with a purpose-built backup appliance that offers more than just deduplication or backup.

This release of the NetBackup 5220 exemplifies a new breed of backup appliances that can perform a wider range of tasks. The NetBackup 5220's inclusion of the direct vSphere backup, Critical System Protection and WAN optimization software coupled with the new feature functionality in NetBackup itself that for, right now, can only be found on the NetBackup 5220 indicates the broader potential that NetBackup appliances have to reduce backup complexity and drive down the cost of backup.

The Five Primary Features that SMBs Should Look for in a Backup Solution for their Virtualized Environments: Rethinking Backup Strategies for Virtualization Part II

2012-05-07T10:00:00Z

Fewer resources are available to virtual hosts
VMs use virtual disks
Difficult to detect new VMs
VMs can move around
Granular restores are problematic

These factors give us some indication as to what features organizations should look for when selecting backup solutions to protect their virtualized environments. DCIG has identified five primary features to look for when selecting a backup solution that is designed to protect virtualized environments.

1. VMware integration. Hypervisor integration is the defining factor when selecting a backup solution. Without hypervisor integration the backup software cannot safely and accurately back up virtual machines under the hypervisor's control. Integration also minimizes, or even eliminates, the need for a guest OS based agent within the VMs under management.

There are number of reasons for this. First, properly integrated backup software will be able to look inside VMDK files to see the data within the virtual disk. This allows the software to improve deduplication and do granular restores of the files inside the VMDK without needing to restore the entire VMDK. This means that users can meet much shorter Recovery Time Objectives (RTOs).

Second, the backup software will have the ability to take snapshots of the VM. Snapshots minimize overhead on the physical host and are less intrusive than guest OS based agents. In addition, it assures that the VM's metadata and VMDKs are all in a consistent, safe state.

In VMware these functions are accomplished using VADP (vStorage APIs for Data Protection). VADP allows backup software to leverage the VMware tools within their VMs to support both granular file-level backups and shadow copies. When possible, VADP uses guest OS supported tools such as Microsoft Volume Shadow Copies to improve integration When implemented properly, VMs should require zero downtime for backups.

2. VMware vSphere integration. Integration with VMware's management layer, vSphere, is also critical. Absent the management layer integration, it is difficult to detect and manage the life cycle of a VM. Using this integration, the backup software is informed when a VM is created, modified or removed so new VMs can be automatically included in existing backup schedules and inactive or deleted VMs don't hold up backups.

The software also is notified if a VM moves between physical hosts (i.e. migrates). This is critical to enforce continuity of the backups as it may eliminate the need to do a full backup when the VM or VMDK moves on a physical host or even moves to a new physical host.

Integration also provides a consistent management environment for administrators. vSphere supports snap-ins to add functionality to the vSphere Client. With adequate integration, backups and restores can be completely managed within vSphere.

3. Application integration. Organizations investigating virtualization will likely focus part of their effort on applications that themselves require integration to perform consistent incremental backups.

Two of the most widely used examples of such applications are Microsoft Exchange and SQL Server. Both applications use large data files that are normally opaque to outside applications, complicating incremental backups. A properly integrated backup software solution will include integration with the applications an organization is using.

This should include the ability to granularly recover tables and/or email messages. If the backup application is integrated with the hypervisor as described in 1 above, then integration with the Volume Shadow Software Copy (vss writer) from Microsoft enables consistent backups for Exchange and SQL Server without an additional agent in the guest OS.

4. Physical host recovery. An often neglected scenario in virtualized environments is the recovery of an entire physical server. Just as in the recovery of a virtual host, the physical host should be returned to a full, consistent state during a disaster recovery scenario.

In virtualized environments this becomes a two-step process. First the physical host is recovered including any hypervisor and management software. This is followed by the recovery of each VM on the physical host. This means that backup solutions must support both physical server backup and restore and integration with the hypervisor for backing up and restoring the virtual environment through integration with both the hypervisor and management layer.

Furthermore, there will almost always continue to be servers in the IT environment that are not virtualized. The backup solution should be able to provide data protection to both those physical servers and the servers that are virtualized.

5. Physical and virtual host replication. One of the strengths of virtualized environments is the ability to quickly create new virtual machines. With the addition of backup software, your environment will gain the ability to replicate point-in-time snapshots of virtual machines. Many administrators will associate this ability with disaster recovery. Other example use cases include creating offsite failover environments, testing and speeding deployments of additional hosts.

Server virtualization fundamentally changes how backup needs to be done. Understanding what those challenges are and implementing a complete backup solution that addresses them is key to ensuring that all of your data is protected, whether it is on virtual servers, physical servers, or in applications.

In Part I of this series, I discussed the five major ways that server virtualization negatively impacts backup.

Fusion-io's Take on EMC's VFCache (Formerly Known as 'Project Lightning'); Interview with Fusion-io CMO Rick White Part V

2012-05-04T12:30:00Z

EMC's VFCache announcement caused a lot of the buzz in the storage industry a few months ago as it was seen by some to be done in direct response to Fusion-io's very disruptive ioMemory architecture. Today in the conclusion of my interview series with Fusion-io's CMO Rick White, he provides his take on EMC's recent VFcache announcement and how he sees this impacting both Fusion-io and EMC. (Editor's Note: This interview with Rick was conducted when EMC's VFCache was still known as "Project Lightning.")

Jerome: There have been a lot of rumblings coming out of EMC about its "Project Lightning" and how it is a Fusion-io killer. How does Fusion-io view the potential threat that Project Lightning presents to Fusion-io?

Rick: Today EMC is talking about Project Lightning (formally announced as VFCache on February 6, 2012) which is such a huge shift for them. EMC has traditionally never had a footprint in the server. It is not what it does.

From what I am hearing the overall cost of ownership is not changing much. Hypothetically speaking, say you have a SAN that costs a million dollars. Now you have a new server caching solution, the SAN costs are cut in half.

That sounds pretty cool until you discover the cost for your 10 servers to have this new caching system installed is $50,000 per server so $50,000 times 10 for the caching solution is $500,000. So that cost plus the half a million dollars and suddenly you are back at a million dollars. Nothing has changed. The only changes are how EMC is going to invoice you for it.

I would be surprised if EMC builds a solution that decouples performance and capacity by deploying a scalable solution that lowers overall cost and improves efficiency. This is a fundamental difference we see between our two companies. For us - it is performance plus capacity. EMC is performance times capacity.

It happened to Digital Equipment Corporate (DEC). It happened to all mainframe manufacturers. The client-server environment was tough for them. They were selling a quarter of million dollar proprietary systems and suddenly a competitive solution emerged that had essentially the same performance for $10-15,000 per box based on commodity, off-the-shelf hardware and software components. It was a huge shift then. It will be a huge shift now for anyone in the storage business including EMC. It will be interesting to watch what happens.

Jerome: Can't Fusion-io just go to server manufacturers and beat EMC at its own game?

Rick: Manufacturers are getting closer. Fusion-io has been establishing relationships with worlld's largest server manufacturers for the last couple of years. EMC is the newcomer to this space and is being forced to play catch-up with us.

That is probably why they need to OEM key technology and are looking at acquiring other pieces of technology. The market is moving fast and they just do not have time to do it themselves.

But it is frustrating. Others think flash on PCI-Express is all we do. Somehow they think they are entering 'SSD nirvana' because they have put flash on a PCI-Express card. You cannot put the flash on a PCI-Express card and call it 'good.' All they have done is taken the metal coverings off of flash drives and stuck them on a RAID controller. To be like Fusion-io, you also have to eliminate the large storage protocols and have the CPU interact with flash natively over the PCI-Express bus.

Flash drives have been speaking to the CPU through PCI-Express since they have first launched. They are only two ways to talk to the CPU - system bus (PCI-Express) or memory bus. That's it. There is no other way. Everything, host bus adaptor, RAID controller, graphics card, all communicate with the CPU through PCI-Express.

So just because you put the flash drives on a RAID controller and put them in the PCI-Express slot, it is no different than a RAID controller with eight (8) drives hanging off of it. You are still going to have a ton of context switching, which can cause dramatic and unpredictable swings in latency.

Jerome: So is that all it takes to be like Fusion-io? Lose the storage protocols and interact natively with the flash?

Rick: That is only the first step. Once you do that, you have to onload to the host CPU. This is similar to RAM. I have not seen a memory DIMM with an embedded CPU. I have not seen a memory DIMM with SRAM as cache either. Most of us expect that, with more RAM, we can get our CPUs to do more work which means our CPU utilization goes up.

This idea that server flash has to use CPU offload and RAM as cache are both concepts inherited from hard disk drives. Hopefully the industry catches on to the fact that to unleash flash's true potential they need to treat it like memory rather than a hard disk drive.

The disk infrastructure was designed for a very slow medium - magnetic disk. Lose the storage protocols. Use the DMA straight to the NAND flash. Let the CPU make calls and access the NAND flash directly like as if it were accessing a disk.

If they do then maybe we will stop hearing competitors say things like, "You use host CPU cycles." Although the simple answer to this is, "Yes, yes we do. Just like your server's RAM does. We are persistent memory, not disk."

Another misnomer is that processing is the bottleneck. It is not. The reason many of today's biggest data centers do scale-out is not to get more processors because customers do not need more CPUs. They need memory. Often it is the easiest way to get the memory they need to keep data hot. It is not like they can go to disk for everything because of latency and what they are doing is not CPU-intensive.

I cannot tell you how many Fusion-io customers use less than 20 percent of their CPUs before adding Fusion-io. We help them improve the efficiency of their servers by allowing each CPU to do more work and increase utilization which ultimately increases the overall work output and productivity.

In Part I of this series, Rick discussed how server-based flash is poised to change the enterprise.

In Part II of this interview series with Fusion-io's CMO Rick White, we will discuss why this decoupling of I/O performance from storage is necessary and why this creates a new tier of memory as opposed to a new tier of storage.

In Part III of this series, Rick explains the new Fusion-io Octal drive, what makes it different from Fusion-io's earlier ioDrives and how Fusion-io is going to market with it.

In Part IV of this interview series, Rick and I discuss why Fusion-io is opening up its virtual storage library (VSL) APIs to developers.

DCIG Delivers Analyst Services that Beat the Competition

2012-05-02T17:00:00Z

In the last few weeks and months DCIG has been doing some introspection as it looks to quantify what it does well. As we have done so, we have talked internally as well as with folks external to DCIG who are sources we trust and who give us candid feedback about what we do and how we can do it better. During this period of time we have found room for improvement but we have also found that of the analyst services DCIG does deliver, it performs them in a manner than it most cases beats the competition.

DCIG's first distinctive offering was its outsourced blogging services introduced in 2007. While a few (very few) analyst firms offer outsourced blogging services, this is still in an area where people tell us that DCIG wins hands down over the competition for the four following reasons:

Quality of content. We maintain a very high quality of writing with almost every piece citing some third party reference and, many times, two or more external pieces of content. In addition, as DCIG does more Buyer's Guides, it has access to more original statistical research as to how different products stack up and which products lead in their respective categories.

Delivery of blogging content. DCIG is the only one that gives each subscribing member to have its own micro-site within DCIG's blogging site. Content is then prepared for that subscriber and posted to its micro-site. The value of this is three-fold.

First, all blog content from each DCIG member is aggregated and displayed on DCIG's frequently visited front page resulting in higher visibility for that content.

Second, each micro-site has its own RSS feed that people may subscribe to via blog readers or rapidly growing iPad apps such as Flipboard.

Third, DCIG's clients may stream content directly from their DCIG micro-site to their own website so they regularly and automatically have fresh content display on their own site.

Transparency. DCIG openly discloses which content it prepares for its clients and which it prepares on its accord to better help readers understand the perspective from which the blog entry was written

Multi-purpose. DCIG prepares every blog entry with the idea that the entry will be referenced frequently over time and may eventually be turned into an Executive White Papers (EWPs). This gives companies who subscribe to DCIG's blogging services the initial value and exposure that they derive from the blog entry. They then receive longer term value from the content in the blog entry by having it formally laid out and repurposed as an executive white paper that is laid out in PDF format and may be used for educational, sales and marketing support.

DCIG's other distinctive offering is its DCIG Buyer's Guide that was DCIG's second notable offering and most successful to date. Since the first DCIG 2010 Midrange Array Buyer's Guide was released, DCIG Buyer's Guides have literally become game-changers in how companies make technology buying decisions.

Three specific items make it unique:

First, no vendor pays to sponsor these Buyer's Guides or to be included in them. Instead all research is independently done by DCIG and only after DCIG completes the research is a Buyer's Guide licensed to an interested party.

Second, DCIG covers all vendors that offer a product in a particular space - sometimes even when they do not respond to the survey that DCIG sends out. However these vendors are only covered assuming DCIG can find sufficient information to reliably complete the survey on their behalf and, even then, DCIG gives them the opportunity to review DCIG's findings and respond to them.

Finally, DCIG ranks and scores the products in the Buyer's Guide using a proven statistical model. Using these scores and rankings users can more easily make apples-to-apples comparisons between similar products.

In looking at the more traditional analyst services that DCIG offers such as its white papers and case studies and comparing them to other analyst firms, we again find that our products are very competitive and arguably better than what others offer. The three most commonly cited reasons that we have heard as to why our clients prefer DCIG over the competition are:

Good value for the money. Our clients tell us that the quality of the content that DCIG delivers is excellent relative to what we charge for them and compares very favorably to what other analyst firms charge for similar services.

Professional layout. Our clients rave about how great DCIG's white papers, case studies and executive white papers look. While they love the content, the appearance of these papers just makes them "pop" making them an immediate hit with their current and prospective customers.

Done right the first time. As DCIG works with its clients to produce various works, they are always pleased that the quality of the work of the first draft at it is almost always right on the money. While there is usually always some editing that has to occur, complete re-writes are few and far between facilitating a faster time to market for each piece of collateral.

Finally, when we looked at where we are leading in the analyst space, DCIG's new Interactive Buyer's Guide (IBG) is setting DCIG apart in ways that other analyst firms will be hard-pressed to follow. This cloud-based research-as-a-service offering has people simply blown away by its power, simplicity and ease-of-use as it gives them point-and-click access to research that used to take them days, weeks or months to create on their own and which no other analyst firm has any type of competitive offering. Further, using the IBG, companies can in 5 minutes or less create a highly credible, citable and professional looking PDF that compares up to five (5) products under evaluation.

At this point, we have every reason to believe this product will be more than highly successful; it will be a game changer. What specifically makes it so notable is that the DCIG IBG transforms DCIG into a software company. Using the original research that DCIG did to prepare its static Buyer's Guides, this research is converted into information that is relevant and within a specific business context without overwhelming an individual with too much information or data.

A period of introspection is always helpful. While it is sometimes painful and a little disheartening to see some shortcomings, it can also be uplifting and encouraging to see where one is doing well. In DCIG's case, we found our list of positives far outweigh our negatives making us very pleased with what we have accomplished to date and even more excited about what the next few years promise to bring to those who take advantage of our services.

Rethinking Backup Strategies for Virtualization Part I: The Five Major Ways Server Virtualization Negatively Impacts Backup

2012-05-02T10:00:00Z

As small and midsize businesses (SMBs) virtualize their servers at an increasing pace, many fail to consider the impact this change has on how they do backups - or that it impacts their backups at all. However since many IT administrators who are responsible for backups in these environments would freely admit to not being backup gurus, here is some insight into how server virtualization changes backup and what SMBs need to know about backup as they implement virtualization in their environment.

In January 2012, IDC found that 25-30% of all servers globally are now virtualized and the number is expected to be nearly 50% by 2012. While possibly shocking to some, these numbers are reasonable because the advantages to virtualization are real.

However, as SMBs virtualize, backup and restore of virtual machines (VMs) is emerging as a major pain point that often hinders their deployment. While virtualization does not "break" the backup process, virtualization may open up a number of gaps in data protection and it can cause backup agents to run so inefficiently that the backup process itself breaks, causing IT managers to re-think their backup strategy and solution.

Five factors that particularly impact the traditional backup process in a negative fashion in a virtualized environment are:

1. Fewer resources are available to virtual hosts. When one implements virtualization they are, by definition, sharing resources on the physical host. However backup software agents that are running on the same physical host are also very resource intensive, especially when following the traditional agent-based approach to backup.

An agent requires significant CPU resources to calculate what files or blocks need to be backed up and to compress data for transmission. Agent-based backups are also disk-intensive because the agent does a full scan of all files to be backed up.

Agent-based backups also require network bandwidth to move the backup to the central backup repository. However backup traffic now competes with the virtualized applications for the limited available network bandwidth, potentially slowing both backup speeds and production applications.

The big takeaway here is that physical resources on hosts that were previously available for use during backups are no longer available. By continuing with agent-based backup in a virtualized environment, each VM's backup is often fighting with backups on other VMs for the same available but now limited physical resources.

2. VMs use virtual disks. To avoid resource contention, some administrators consider backing up directly to the storage volumes where the VM data resides. While this is usually safe for the VM's metadata (configuration files for example,) it is usually not a good idea for the VM's virtual disks (VMDKs.)

Current virtualization technologies commonly create their VMDKs within a larger physical disk pool. These virtual disks are usually then implemented as one or more large files, usually gigabytes in size.

However this presents a problem to standard backup tools. Without knowledge of the internal structure of the VMDK the backup software is forced to store the changes to the file as a whole.

This is extremely inefficient and in some cases may require full backups of each VMDK. The other risk is that if the VM is not powered down or suspended during the backup, the VMDK may not be in a consistent state so the metadata may not match the state of the VMDK.

3. Difficult to detect new VMs. One of the big advantages of virtualization is how easy it is to create new VMs. However without integration between the backup software and the virtual operating system it is difficult to detect when a VM is created. Backup administrators then either need to rely on server administrators to install a backup agent on the VM or have some process in place that they can manually use to detect the creation a new VM, otherwise it will go unprotected.

4. VMs can move around (migration). Backup software has historically made the reasonable assumption that applications would not move from one physical server to another. In a virtualized environment however, one of the key benefits is that VMs can move from one physical host to another. This process is called "migration". Unfortunately, migration can lead to VMs not being assigned to any backup agent and thus, not being protected.

5. Granular restores are problematic. The ability to quickly and easily backup an entire VM virtual disk (VMDK) is one of the big attractions of doing VM backups. However it is also one of its largest drawbacks. Most backup software has no visibility into the VMDK because it just looks like a big file, so the best and only restore that most backup software can do is a restore of the entire virtual machine to a specific point in time.

The downfall of this approach is that most restores performed are not restores of entire servers or VMDK files. They are restores of individual file, records or emails contained within the virtual disk. So to do a restore of a file or email, an administrator must first use the backup software to restore the entire VMDK file and then go into the virtual machine itself to restore the needed file or email.

It is for these reasons that traditional agent-based backup is not the right approach for protecting a virtualized environment. So while the first inclination of many administrators may be to use this approach as it is what they know, it creates backup problems that are, for all practical purposes, unsolvable.

Overcoming the new backup challenges caused by virtualization requires a new approach to backup. This approach requires tight integration with the hypervisor and management layer of the virtualization environment so it can take advantage of the new backup features available in these hypervisors.

But, taking a new approach doesn't eliminate the need for backing up physical servers and applications like exchange and sql-svr. And, most IT environments will have a mix of virtual and physical servers for the foreseeable future. So, just solving the 5 problems identified above is not enough. The new backup strategy must also continue to protect all of the existing physical servers and applications that may not even have virtualization software running on them.

The good news is that there are products on the market today that address these issues and give administrators even better options to backup and recover data than they are accustomed to today.

In the second blog entry in this series we investigate the major features to look for in backup software for virtualized environments.

SMEs Look to Gridstore Scale-out Storage to Address Their 'Bigger Data' Needs without Incurring Big Scale-out Costs

2012-05-01T13:00:00Z

Today many enterprises and cloud storage providers ask, "What scale-out storage solution will enable us to economically and easily house our burgeoning Big Data stores?" However small and midsized enterprises (SMEs) put a slightly different spin on that same question by asking, "What scale-out storage system will enable us to affordably address our 'bigger data' problems?" SMEs are finding an answer to their question in the form of the Gridstore Scale-out Storage platform.

Enterprises and cloud storage providers are rightfully concerned about implementing economical storage solutions in response to the challenges that Big Data presents. Some IT executives attending the 2011 Gartner Data Center conference anecdotally shared that they were seeing unstructured data growth in the range of 400 - 800% annually. This rate of data growth has led to one analyst firm to forecast a 61% compound annual growth rate for storage over the next four (4) years.

To respond to this growth many enterprises and cloud storage providers turn to scale-out network-attached storage (NAS) solutions. Scale-out NAS starts in relatively small configurations, scales to hundreds or thousands of terabytes of storage capacity, facilitates the easy add-on of more capacity and manages all of that capacity centrally and as one logical repository.

These features of scale-out NAS are attracting mid-tier enterprises. Even though they do not necessarily have the same 'Big Data' challenges as large enterprises, they have their own set of 'bigger data' challenges and need affordable storage solutions that can scale to hold tens or even hundreds of TBs of data.

However scale-out NAS solutions targeted for enterprises and cloud storage providers break down in SMEs. To scale to meet the needs of enterprises and cloud storage providers, scale-out NAS solutions are architected to deliver functionality well beyond what mid-tier organizations need. As such, the typical initial investment for an enterprise scale-out NAS solution is quite large - certainly in the tens if not hundreds of thousands of dollars - putting it well beyond most SMEs' budgets.

To understand why that is, it is worth examining why scale-out NAS is so costly. Storage capacity certainly contributes to the cost of enterprise scale-out NAS systems. However other features actually play a much larger role in these costs. These include:

Redundant disk controllers. Storage capacity is fronted by controllers that provide front-end network connectivity as well as CPU and memory. To swiftly handle storage traffic, these disk controllers are typically both powerful and robust making them expensive.

Complex clustering software. Complex clustering software is needed to make all of the controllers function as one logical storage pool. While its complexity is hidden from the users of these systems, this software does require a lot of processing power. This precludes the introduction of more economical hardware for use as disk controllers.

High performance backplane networks. Clustered scale-out storage solutions rely on a high speed backplane network for inter-node traffic. To avoid potential bottlenecks, most costly 10gE, 40gE or even Infiniband networks are utilized.

3-Way Replicas. Like the google file system, clustered scale-out storage most often creates two replicas in addition to the original data. This allows two nodes to fail concurrently without data loss or disruption. However this technique adds the capital cost of 3X the required capacity and, on an operational basis, 3X the data to power, cool and manage.

Up to 50% of IOPS consumed with replicas. Every time a write occurs to one node in the cluster, two more writes occur on two more nodes resulting in 50% of IOPS being utilized to write replicas. To make up for the loss in IOPS, expensive flash disk is often added to boost performance.

So what gets overlooked is that the cost of storage is really NOT the primary cost in these scale-out NAS solutions. Rather it is this cluster model and this architecture that drives up its cost. So if a scale-out NAS provider could successfully decouple the controllers and software from the storage without sacrificing feature functionality or performance, the cost of scale-out NAS should plummet.

That is exactly what Gridstore has done with its Scale-out Storage platform. The Gridstore architecture provides the convenience and desirability of scale-out NAS by creating a virtual storage grid that eliminates the most costly components of cluster based scale-out NAS solutions - their redundant controllers, complex clustering software, backplane networks and 3-way replicas.

Gridstore's virtual storage grid consists of vControllers. This zero-cost vController software resides on clients and in essence provides the same functionality as the clustering software found on enterprise scale-out NAS systems - only without the cost as there are no controllers hosting the clustering software.

By placing the vController software on the clients accessing the Gridstore Storage Nodes, Gridstore distributes the storage processing out to them. This technique eliminates any potential for the scale-out NAS disk controller to become a bottleneck since there is no controller.

Gridstore reads and writes data in parallel to multiple nodes without replicating the data. Data is encoded before leaving the vController and sent in parallel stripes directly to the storage nodes. There are no background replicas so no IOPS are consumed performing this task. Further, the encoding used by Gridstore offers the same level of protection from failed nodes without the overhead and cost of 3-way replicas.

The vController technology has some other benefits as well. The only storage traffic going across the network is when the vController writes or reads data from a Gridstore Storage Node which may eliminate some network traffic and expedite response times.

For example, if an application needs to access data and that data resides in the vController client cache, there is no need to make a trip across the network at all. By moving the storage processing out to the client ensures that processing is done where it is needed without network latency. This enables the vController to make intelligent choices about what data to send and receive before any network traffic occurs.

SMEs do not have the Big Data challenges of enterprises and cloud storage providers but they still have their own set of 'bigger data' challenges that they are trying to solve. As such, theys are looking for a scale-out NAS solution that matches their particular storage requirements and fits within their budget.

The Gridstore Scale-out Storage platform accomplishes that by providing the convenience and flexibility of enterprise scale-out NAS solutions. However since it has been engineered to meet the specific workloads and budgets of mid-tier organizations, it can deliver this functionality at a fraction of the cost of enterprise scale-out NAS solutions. As such, Gridstore Scale-out Storage provides an answer to the 'bigger data' question that many SMEs have without incurring the 'bigger costs' of scale-out NAS that they are looking to avoid.

CommVault Takes a Single Pass at the Big Data Management Problem

2012-04-30T13:15:00Z

It's no secret that 'Big Data' is becoming a 'Big Problem' for organizations from a data and storage management perspective. However what organizations may fail to realize is that the best way to solve their Big Data problems is NOT by mindlessly throwing more resources at them. Rather it is to look at Big Data more strategically and then tackle the data management problems it creates in one fell swoop using software like CommVault® Simpana® and its OnePass technology.

The current and forecasted growth of Big Data in organizations is well documented. New forces such as manual and machine-generated data and lengthening regulatory requirements are only part of what is contributing to organizations having to create and maintain ever larger data stores. Additionally, organizations are pulling in and having to manage data across multiple sources such as scalable file systems, desktops, laptops and public and private clouds, just to name a few, which is resulting in an expanding digital universe that they need to manage ever more efficiently.

If that is not enough, the policies that many organizations have in place are at best poorly administered resulting in them retaining much more data and for longer periods of time than needed. Companies further aggrevate the situation by creating multiple silos of duplicate data through their use of separate archiving and backup software products. Reasons like these are why one analyst firm recently forecast that digital archive capacity would nearly quadruple between now and 2015.

So while it appears data growth is inevitable, organizations can take steps now to control this data growth to limit Big Data's impact on them. Three steps they should consider taking immediately are:

Start to view data and storage management from a strategic perspective in order to reduce silos and duplicate processes
Make hardware and software acquisitions in light of these more strategic objectives
Implement a central data management platform to deliver on them

While most organizations would agree in principle with these three steps, identifying and then implementing the right data management platform to manage their growing data stores may be tricky.

On one end of the spectrum are products that take a federated approach to data management. Vendors provide separate software products to deliver a full complement of data managements features (archive, backup, reporting, search and data movement.) However the vendors only offer "one product" in the sense that they are available from one vendor. Beyond that, they have their own agents, catalogs and data stores so they do not fully address the challenges of managing Big Data.

Conversely, on the other end of the spectrum, are products that only deliver on one or a couple of these features. These then require organizations to acquire multiple products to deliver on the data management features they want. This approach also usually results in them aggravating data management problems by again creating different catalogs, data stores and policy engines.

This is where CommVault Simpana software has and continues to differentiate itself. It delivers the core data management features that companies want in a single product while enabling them to centrally administer this data without the pitfalls that other approaches can create.

Key ways that CommVault software differentiates itself include:

OnePass technology. To archive, backup, report or search data stores, data first has to be scanned. Other software applications may have to complete this scan for each operation - i.e. scan, backup, scan, archive, scan, report. This is especially troublesome in the era of Big Data as each scan could potentially take days.

Simpana 9 eliminates this concern with its OnePass feature that provides a single, consolidated agent that indexes and catalogs file data once. This single catalog is then shared, accessed and used by each of Simpana software's archiving, backup, reporting and search components which eliminates the time and effort needed to manage, move and access data stored for archive and backup processes.

Single data store. It is common for archive software to have its own data store and backup software to have its own data store, sometimes even if both archive and backup software are obtained from the same vendor. Simpana eliminates this redundancy by storing all managed data across backup and archive in a single, scalable, hardware-independent virtual repository called the ContentStore.

Using its shared catalog and single ContentStore, Simpana software both controls and tracks what data resides where. So a file will reside on primary storage and be backed up until the policy to move it to archive storage kicks in where it is retained according to the user's needs. It no longer consumes primary storage or contributes to the time and resources required to protect the production file system and all copies of the file are searchable, whether they were created for either process. Its embedded, global deduplication feature further contributes to reducing the size of data stores by recognizing like chunks of data across different processes and only storing them once.

Single policy engine. Organizations that use and implement data management software typically expect to take on a more proactive role in the management of their data. For example, if they no longer need certain files, they may delete them. However, the gap most data management software leaves is that all the copies of these files that may reside in archives and backups are probably not automatically deleted.

Simpana software closes this data management gap by using a single policy engine that references its catalog to track where all data is located - whether in an archive or in a backup. For example, delete and purge can take place with OnePass technology archive operations such that when a user or application deletes a stub, OnePass can, via policy, remove the file from the archive or keep it for an extended period of time. This allows archived files to be removed from the archive without having to delete an entire job or data set..

Optimized data placement on storage media. Organizations have more storage tiers than ever before from which to choose - cloud, tape and multiple tiers of disk, just to name a few. However getting the right data on the right tier at the right time using multiple data management products and processes is just about impossible.

Simpana 9 again addresses this concern. Using a single product, files in archive, backup and production storage can be managed across multiple tiers of storage including the aforementioned cloud, tape and tiers of disk. By simply setting policies in Simpana software, it can then dynamically and automatically move data to any of these various tiers of storage, still retrievable and accessible at any time.

Throwing more "cheap" storage capacity at the Big Data challenge is really no solution at all if growing data stores are to remain accessible, searchable, understandable and manageable. No matter how "cheap" storage is or becomes, the growth of Big Data is far outpacing the time and resources needed to protect and manage it so eventually the cost of NOT managing Big Data will bite every organization.

The sooner organizations view Big Data strategically, the sooner that they can take the steps necessary to manage it in a cost effective, efficient and timely manner. However this will only occur by putting in place a data management solution that can centrally manage and consolidate their growing file systems with a single integrated tool and a single data repository to complement it. Using CommVault Simpana software with its ContentStore, OnePass technology, embedded deduplication, single policy engine and ability to optimize data placement will enable organizations to do exactly that.

Facebook, SharePoint, Box and Outside In Top List of Supported Products by eDiscovery Software Providers

2012-04-27T10:00:00Z

DCIG expects to unveil its DCIG 2012 Early Case Assessment (ECA) Buyer's Guide in Q2CY12. As prior Buyer's Guides have done, it puts at the fingertips of organizations a Buyer's Guide that provides them with a comprehensive list of ECA software that can assist them in this all-important buying decision while removing much of the mystery around how ECA are configured and which ones are suitable for which purposes.

This DCIG 2012 Early Case Assessment Buyer's Guide accomplishes the following objectives:

Provides an objective, third party evaluation of ECA software products and scores their features from an end user's viewpoint
Includes recommendations on how to best use this Buyer's Guide
Scores and ranks the features on each product based upon the criteria that matter most to end users so they can quickly know which product are the most appropriate for them to use and under what conditions
Provides data sheets for 29 products from 24 different software providers so end users can do quick comparisons of the features that are supported and not supported by each product
Provides insight into which features in the product will result in improved identification and evaluation
Provide insights into what features the product offers to optimize their operating environment
Gives any organization the ability to request competitive bids from different providers of software that are "apples-to-apples" comparisons

As an added benefit this blog provides a sneak peek into the results of the software provider survey and assessment. Using DCIG's new online survey system we have identified key products supported and used by software providers.

It has always been smart to think before you speak, but social media systems require us to think before write. In fact, some say that adult career aspirations can be made or broken based on what a teenager or college student writes on their Facebook or Twitter account. The aspirations can be halted because of the increased scrutiny by civil, criminal, organizational and corporate investigations in to what is being written.

Increased investigation has led to an increase in eDiscovery support for social media by software providers. DCIG research indicates 40% of the surveyed software providers for eDiscovery/ECA products support Twitter and Facebook. Software providers who do not have product support, offer services to identify, preserve and collect from social media.

Figure 1: Search and identification of ESI from social media sources

However, investigations for civil and criminal do not stop at public facing social media accounts. Our judicial circuits are requesting access to personal cloud file sharing accounts. Cloud file sharing accounts extend beyond those provided by an employer to personal cloud file sharing accounts.

In response to this changing environment, software providers have expanded their product capability to support cloud file shares. DCIG research indicates Box is the highest priority when it comes to eDiscovery/ECA investigation support.

Figure 2: Search and identification of ESI from public cloud file shares

DCIG research and upcoming Buyer's Guide for ECA extends deeper into software provider capabilities related to search, management, operating environment, user interface and their end users support. eDiscovery buyers can be assured that DCIG evaluated enterprise criteria as well.

Software providers act according to a changing landscape in enterprise collaboration. They have voted with their product support by placing Microsoft SharePoint on equal footing with EMC/Documentum in terms of ECA support.

Figure 3: Search and identification of ESI from Content Management Systems

In addition to supporting commercial software, several software providers indicated support for two Apache projects:

Apache Chemistry - Apache Chemistry provides open source implementations of the Content Management Interoperability Services (CMIS) specification.
Apache Tika - toolkit detects and extracts metadata and structured text content from various documents using existing parser libraries.

For example, when software providers were how they supported different file types, e.g. txt, xls, mp3, rtf, epub, etc, many responded "with third party tools." Supporting a third party product for various document types enables a software developer to focus on the eDiscovery and Early Case Assessment workflows.

Figure 4: Search and identification of file types

The upcoming DCIG Buyer's Guide for Early Case Assessment software will be groundbreaking. Some buyers and sellers may not agree with DCIG's weighting and rankings. However, everyone will agree having over 300 features of 29 software products identified as supported and NOT supported will be very beneficial.

The Long Term Viability of Virtualization Only Backup Software; Interview with Quest Software SVP Walter Angerer Part IV

2012-04-26T10:00:00Z

As organizations virtualize more of their infrastructure, many face the question, "Use separate physical and virtual backup software products to protect these respective environments or consolidate on one backup platform?" Adding to the difficulty in making this decision is that virtualization-only backup software tends to release new features very quickly to keep up with user demands while having no roadmap to take on the protection of physical environments. Today, I continue my interview with Quest Software's Senior VP of Data Protection Walter Angerer, as we discuss the long term viability of virtualization only backup software.

Jerome: Within the broader server virtualization market, VMware backup clearly is the focus of most backup software products today, and with vRanger, Quest Software was at the front end of protecting that environment. Can you talk a little about what drove the creation of this market, its growth, and whether or not virtualization-only backup software can survive long term, and under what circumstances?

Walter: As an end-user, when you're dealing with a virtual environment, you have to ask much different questions about backup.

Can I afford to load a backup agent on each one of the guest operating systems?
Can I afford the overhead on each host?
Do I have time to maintain the agents on each host?
How do I easily detect and then protect new virtual machines (VMS) as they are created?

As we've discussed, there is so much change and agility in virtual environments that legacy physical backup software products have traditionally not been capable of keeping up. That's created an opportunity for products like Quest vRanger, which offer a completely different approach to backup, one designed specifically for the virtualized environment.

For instance, vRanger was well ahead of other leading backup software solutions in addressing the need to dynamically discover VMs. That VM-centric approach has enabled vRanger to gain the type of market traction it now has, with more than 40,000 customers across the globe.

One of the unique aspects of the VMware backup market is the behavior of end users. Usually, when a new operating system or application comes out, there is a time delay of about 3 to 6 months, sometimes even a year, before those new backup capabilities are taken advantage of by backup software and fully utilized by end users.

But in virtualized environments, we see a different type of behavior. As soon as new capabilities come out, users are very fast to adopt them. So we've made it a priority at Quest to ensure that we are agile when it comes to responding to these user demands, and that's why we're constantly introducing new features into products like vRanger and NetVault Backup in order to continually enrich the VMware backup experience.

As it pertains to the limitations of traditional backup solutions in VMware environments, more of today's legacy backup software applications are now providing some level of virtualization support, with some even becoming solely targeted at virtualized environments, and VMware vSphere is regularly offering new capabilities in order to help users overcome some of the limitations of physical backup.

Even with this evolution taking place, we're still seeing significant interest from the market in virtualization-specific backup solutions like vRanger. Customers still see virtualization-only backup products as the best way to preserve their agility, so that they can quickly move to the latest version of VMware while getting the functionality they need to protect the critical applications in their virtualized environment.

Now, the question many are asking is whether or not today's leading virtualization-specific backup tools can survive in the long run? I believe the answer is yes, but I believe they're going to have to evolve in order to do so.

Specifically, I believe customers will want - and need - their virtual backup and recovery tools to also provide at least some level of physical backup support as well. By no means will they want - or need - a litany of full-featured physical backup capabilities such that it would make managing and upgrading the product more complex, but they will want that ability to deploy best-of-breed virtual backup solutions that can also provide coverage for their physical environments as well.

At the end of the day, the challenge for all backup software products, regardless of environment, is to be nimble and agile enough to deliver the new capabilities users want, as quickly as they want them.

Jerome: So it sounds like you expect the market for virtualization-only backup will continue to grow, while the need for the protection of physical servers will continue to persist for the foreseeable future?

Walter: We believe the need for physical server protection isn't going away. Not anytime soon, and maybe not ever. Especially when you're talking about enterprise organizations, I don't see them reaching a point where their environment is 100% virtualized any time soon.

I think of it as similar to the discussion around tape. People have been saying for the last 8 to 10 years that tape is dead, and clearly, it's still around, and it's still viable. So we're not buying into the notion that physical backup is dead, or will be any time soon.

What I do anticipate happening is that as organizations continue to virtualize their production environments, virtual backup software will become more sophisticated, while at the same time physical backup software will actually become less sophisticated.

When we talk about customer needs, you often hear people talking about physical or virtual, when they really should be talking about physical and virtual.

In Part I of this interview series Walter and I discuss how backup is changing and examine the quantum leaps forward that have occurred in how backup and recovery are done.

In Part II of this interview series, Walter and I will explore how backup software needs to evolve to address new requirements to manage recovery as well as the new challenges that Big Data is placing on data protection and recovery.

In Part III of this interview series, we look at how backup software is evolving in light of the new challenges that server virtualization creates, in order to become smarter, more agile and do a lot more than backup.

In Part V of this interview series, we explore how array-based snapshots are impacting backup in enterprise virtualized environments.

Fusion-io SDK Kit Unleashes Next Gen Properties of Flash; Interview with Fusion-io's Brent Compton Part I

2012-04-25T10:00:00Z

Last week developers of enterprise applications got some new toys to play with in the storage memory realm. The newly released ioMemory SDK will grant developers the ability to better utilize the potential of Fusion-io's line of enterprise flash memory storage. Fusion-io expects the SDK will simplify code bases while providing a sizable performance boost.

We begin our discussion with Brent Compton, Senior Director of Product Management with Fusion-io. The first entry in the series will focus on the need for the new SDK and begin to discuss some the functionality developers should expect.

Ben: Brent, I'm looking forward to this interview because I get to wear both my administrator hat and my developer hat! To start off with, can you please tell me a little about what you folks have been doing up to this latest announcement?

Brent: In short, Fusion-io has pioneered a next generation flash memory storage platform for enterprise data centers. Our flagship product, ioMemory, is a hardware-software combination which provides enterprise grade high performance flash memory for enterprise apps.

Last week we announced our ioMemory software development kit (SDK), which will enable applications to run natively on flash, or natively on ioMemory, for the first time.

You may have read academic white papers over the last couple of years talking about providing native access to this flash memory tier. As far as we're aware, we'll be the first ones to offer that through this software development kit. Before we get into what will be provided to developers, let me give some brief history for context.

As you are aware, around 1956 IBM defined a half century of I/O with a single word, seek, when they invented the disk drive. To exploit this new hardware innovation, they also gave developers a primitive to access data randomly.

Random access to data transformed software development, which before had been working with sequential access devices. In the half century that followed, virtually all operating systems, databases, and applications have been playing to that tune. In other words, they have been built to work with. and more recently, sometimes to work around, that rotational latency.

When flash memory first came on to the scene as an enterprise grade device in 2007 or so, it was disguised to look like a disk.

This was an important first step. As enterprises learned to trust the medium and learned where to use it, it was important that it be offered transparently and easy to integrate. So the industry disguised flash memory to look like a disk for ease of adoption.

Now that's where Fusion-io's path diverges. Unlike the other vendors who are classically described as "SSD vendors," we've always described our media as ioMemory. From the beginning we chose a fundamentally different architectural path, looking forward to the day when this would be a new tier, a hybrid of memory and storage.

And yes, while the important first stage of adoption was to disguise it to look like a disk, it's now mainstream and obviously a great deal of market enthusiasm surrounds the adoption of flash memory and flash solutions in general. With flash memory deployments now commonplace, it's time for us to crack open and exploit some of the native underlying properties of flash which have been effectively hidden to date.

Returning to the comparison with the disk drive where we began, the parallel we like to use with the new ioMemory SDK is that when application I/O converted from sequential access tape to random access disk, a couple of new programming primitives were exposed to allow developers to exploit that hardware innovation. Likewise, to tap into the native properties of flash memory hardware/software innovation, a new set of primitives, or APIs, need to be exposed to developers for them to harness and exploit those native characteristics.

Ben: Let's start talking about that. What functionality should developers expect from the new SDK?

Brent: There are four key capabilities that developers will be provided. The first capability will be direct-access I/O. Direct-access I/O enables developers to bypass file systems the kernel block layer, and other I/O layers tuned over decades for disk drives. Application I/O is plumbed directly through to the ioMemory device.

The directKey-Value Store API is an example of APIs found within the direct-access I/O family. One of the native characteristics of the ioMemory flash translation layer is that it is natively a key value store. Everything that it stores inside of its log append structure are a key value pair. It stores a logical block address together with the associated data with every single write.

As you're aware, the world is abuzz with activity right now in the whole unstructured data, NoSQL, key value store solution space. All kinds of vendors new and old are building solutions for that market. We are already working with a number of them.

Minimally, we enable them to shorten the code path when performing key-value store I/O operations by eliminating duplicate logic in their code and in the ioMemory software layer. Maximally, we actually reduce their code because we're doing some of the low-level heavy lifting for key value store implemented natively on flash, exporting to them a key value store API interface.

Using this directKey-Value Store API, they can effectively pass in the key and the value, and we take over from there providing the hashing, collision management, and native storage and retrieval of key-value pairs. So it offloads a lot of complexity from their code so they can focus on their value add without doing some of the native stuff which we can do better, faster, cheaper, being closest to the hardware.

In Part 2 of this interview series Brent will continue to discuss the primitives that developers will have access to including atomic multi-block writes. We also discuss how familiar the API will be to developers.

Oracle DBAs Get Full Control of Their Oracle Environment with New EMC Data Domain Boost - Oracle RMAN Integration

2012-04-24T15:00:00Z

Using EMC Data Domain systems to deduplicate Oracle database backups has been one of the most successful use cases for Data Domain systems to date. Today EMC provides the solution that many organizations are looking for to better control and manage their Oracle databases by integrating DD Boost with Oracle's native Recovery Manager (RMAN) utility. DD Boost software provides advanced integration between EMC Data Domain deduplication storage systems and applications for faster, more efficient backup and recovery.

Oracle DBAs often assume the responsibility for performing Oracle backups using the native Oracle RMAN backup utility as opposed to relying on the organization's enterprise backup software. While this approach gives Oracle DBAs a high level of assurance that their Oracle databases are backed up, it does create a number of inefficiencies in the management of the Oracle backups.

Backup administrators usually have to still backup the Oracle databases with the enterprise backup software so the Oracle backups may be managed along with the rest of the organization's backup data. This creates a ripple effect through the organization resulting in islands of storage, inefficient processes and unnecessary dependencies in the management of Oracle database backups and recoveries.

These storage islands and inefficient backup processes are what the new DD Boost integration with Oracle RMAN addresses.

Source: EMC

While Oracle RMAN could already backup directly to Data Domain systems using CIFS or NFS protocols, using DD Boost as the transport protocol in lieu of these protocols results in backups that are up to 50% faster.

Two factors contribute to these improvements in backup performance. First, CIFS and NFS are "chatty" protocols by nature. As such, they are not as efficient in sending and receiving Oracle backup data as DD Boost.

Second, DD Boost distributes parts of the deduplication process from the Data Domain system to the Oracle server . This reduces the amount of data that the Oracle server has to send during backups, which in turn reduces the LAN bandwidth required and the impact that backup has on the Oracle server itself.

Using DD Boost for RMAN, Oracle DBAs can control replication between Data Domain systems with full RMAN catalog consistency. In this way, RMAN is fully aware of both the local and remote database backup copies, which gives DBAs confidence that their Oracle backups are safely offsite should a disaster occur.

Source: EMC

Knowing exactly where the Oracle backups are and having complete control over them all of the time also removes their dependency on backup administrators. Using DD Boost, DBAs no longer have to wait for backup administrators to do a recovery. Now they can initiate a recovery from the local or DR site whenever they want.

Finally, Oracle DBAs get the autonomy that many need to support their Oracle environment. Oracle databases are typically subject to a different set of rules than other organizational data in terms of how they are managed and viewed. So by bringing Oracle backup and DR management fully under the control of Oracle RMAN using DD Boost, Oracle DBAs get the controls and tools at their disposal that they really need to deliver on the higher standards by which they are measured.

The integration between DD Boost and Oracle RMAN breaks through some long standing barriers that many enterprise organizations have dealt with for years. But the value this integration provides goes beyond just freeing Oracle DBAs to have more control over their environment, consolidating backup data stores and speeding up the backup and recovery of Oracle databases. By DD Boost integrating directly with Oracle RMAN, organizations may take advantage of DD Boost without needing to introduce more dependencies and new backup software into their environment.

Why VPNs and RSA Key ID Security Break Down When Authenticating Headless Devices; Interview with BlackRidge Technology CTO John Hayes, Part II

2012-04-23T10:00:00Z

The world of machine-based data collection is creating an entirely new type of security problem: authenticating machines that have no formal user identity associated with them. Traditional VPNs break down in these environments while RSA Key IDs have no answer. Today BlackRidge Technology CTO John Hayes and I continue our discussion as we examine the limitations of these traditional approaches to security for headless devices and how its new BlackRidge Eclipse™ solution addresses them.

Ben: How does Eclipse identify which machines have access and which do not?

John: There are two main components to BlackRidge Eclipse. There is an Eclipse client which inserts identity and there is the Eclipse Gateway which is policy enforcement.

The client can be implemented in one of two ways. It can load a driver onto your laptop or desktop. Or, on machines that it does not yet support, legacy devices, and machines that, because of compliance or regulatory reasons you are not allowed to let software on it, it has what is called a client concentrator. Client concentrators insert identity directly on the wire on the behalf of the machines and devices connected to it.

Ben: So with the Client concentrator you can attach identity to "headless" devices like industrial controls, correct?

John: Absolutely. Machine to machine is very important to us and introduces another interesting concept.

When most people think of identity, they think of identity in terms of user identity. In industrial control and automation (machine to machine,) there is no concept of a "user."

You have a machine talking to another machine. So it really becomes machine identity and not user identity. We support both.

Ben: I also want to be clear for folks that this is not a VPN derivative, correct? This is a completely new concept.

John: You bring up a good point. We do get asked about VPNs. People say that VPNs have identity and that's true. But the identity only lasts as long as the VPN lasts.

So I might have an identity of the client, and you go through the VPN termination point, and once you exit the VPN termination point you no longer have that identity and are left with addresses again.

Using BlackRidge you insert the identity so even though you may go through the Eclipse policy enforcement point the identity is still there. I can actually have nested layers of policy enforcement points that are all able to determine the identity of the requester.

Ben: Let's get a little more technical for a moment. If this is not a VPN derivative, how does Eclipse work?

John: BlackRidge Eclipse is built using our patented Transport Access Control (TAC) technology. TAC operates technically by generating single use identity tokens and these tokens are inserted into TCP sessions starting with the very first packet. We are actually overlaying the TCP SYN and ACK fields.

The token is a cryptographic hash of keying materials associated with the identity and various clocking material. This allows us to be the policy enforcement point for a Eclipse gateway, pull out this identity token, resolve it back to an identity and then apply a policy.

One of the areas we are working on is scalability. We went from a very low number to 10,000 identities and we can scale up into the millions of identities.

But in order for that to happen, we needed to resolve statistical collisions within the namespace of the tokens. It is very possible that over time to get different identities that will show up and, for a period of time because the tokens are constantly changing, the tokens may end up being the same tokens.

We needed a way of resolving these tokens. Not only do we resolve the tokens, we have actually filed a number of patents in this area, and can resolve them at very high levels.

But as the number of identities increases, if you look at it from a statistical point of view, the probably of guessing should become easier to guess. So what we have done is actually have limits to say, "OK, here's your threshold."

We are going to make sure that the probability of somebody attacking this in a brute force fashion, regardless of the number of identities in here, is a probability threshold that they are going to have to meet. So that even though if I go from 1,000 to 10,000 to 100,000 identities, that changes the absolute probability within a given space.

This is a completely deterministic system and you can set thresholds. Right now the default threshold is at least a one in a million chance of guessing or higher.

What that means is that if you have a large number of identities in there, that threshold is not decreased. This is one of the areas we are extremely proud about and have been really working and the math folks have been having a lot of fun with as well.

Ben: I can imagine! Another question I get asked is "How is this different than using an RSA key?"

John: There are a lot of similarities and differences. At the highest level, what is implemented in the RSA key is essentially a one-time password that rotates every 30 seconds and requires synchronization between the RSA key that you have in your hand and some central server.

RSA keys are implemented as basically a password mechanism. You get a new key, the equivalent RSA key for us, is our token.

With BlackRidge, you end up with a key as frequently as you want. When you generate TCP sessions, there may be tens or hundreds or thousands of them every single second. And we continue to generate the new keys.

The other thing in the RSA case is the user generally has to go type it in, or cut and paste it, or do whatever you have to go do that. With BlackRidge, it's completely transparent. The user does not see it happening and you get the security without having to go through that.

The final thing is, the RSA keys as implemented today are all implemented and interpreted at the application layer. Meaning I have to establish the TCP session and then I am prompted for my user name and RSA key. This leaves open the possibility of compromising the application before or during authentication.

With BlackRidge, we intercept before you even establish the TCP session, so you do not expose the existence of your server or applications.

It also works very well for headless devices. Earlier you mentioned machine to machine. I do not know how to implement RSA keys in a machine to machine situation where you do not have the user.

In Part I of this executive interview series we examined the three practical use cases for network layer identification.

In Part III of this interview series I will discuss the management of Eclipse and how BlackRidge continues to find new use cases for this product.

CDP Finding a New Home in the Next Frontier of Data Protection: Managed Service Providers and Social Media

2012-04-20T10:00:00Z

Ever since continuous data protection (CDP) was introduced nearly a decade ago, it has largely been a technology looking for a problem to solve. However in the last few years it is finding a home in the most unlikely of places - social media websites. But maybe what is most interesting is that little known R1Soft CDP has emerged as the early and widely recognized leader in this space.

The growing role that CDP is playing in protecting social media websites first came to my attention late last year. I was attending some conference in Silicon Valley and while there had the opportunity to talk to a number of system administrators who worked for various hosting providers.

Now if there is any place where geeks and business owners successfully co-exist, it is within the halls of today's managed service providers as their system administrators and architects are in many respects today's modern-day cowboys. What they may lack in discipline and couth they make up in savvy and an uncanny knack of how to milk the most out of systems that most other companies would have mothballed years ago.

Yet one particular thorny problem that many of these individuals were encountering and unable to easily and economically resolve was protecting their social media websites. While websites are often viewed as static and unchanging, many of the client websites for which they are responsible for protecting are social media sites that are often constantly changing and being updated.

Aggravating the problem, many of these websites are:

Running as either physical or virtual machines on Red Hat Linux or Windows servers
Collecting reader comments and feedback that could not be reproduced
Websites hosted for a fixed monthly fee

Protecting the reader comments and feedback was specifically becoming a priority for the MSP's clients. Aside from it being impossible to recreate the comments left by the readers on these sites, a growing amount of corporate intellectual property now resided in these reader comments in the form of suggested product enhancements, workarounds, and new use cases for the products.

The trouble these system administrators encountered as they looked for a solution were on multiple fronts.

Few CDP technology options with support for both Windows and Linux. The number of data protection solutions that protect both Windows and Linux and offer CDP functionality is limited.

Affordable. Managed service providers are under constant pressure to offer more services at ever lower costs so a backup solution, no matter how good it is, is not an option.

Quick recoveries. Websites are expected to be up 24x7 so in addition to constantly protecting the environment, the CDP solution had to enable the MSPs to recover just as quickly.

Protect both physical and virtual environments. This is maybe what surprised me the most. One would think that hosting providers would be at the forefront of adopting and delivering virtualization in their environment. While they certainly offer and support it, the amount of their environments that is virtualized is less than one would think. I expected somewhere from 70 - 80% but many are in the 50% or less virtualized range with some only having 20 - 30% of their servers virtualized.

No SANs or NAS. Despite the buzz you hear about networked storage environments, many of these managed service providers still run physical servers with internal direct attached storage so they do not have access to any of the advanced software feature functionality found on high end storage systems.

It is in this space why CDP software and R1Soft CDP in particular is finding a new home. CDP software enables these service providers to provide the constant data protection that their customers want and keep the same low cost infrastructure they have in place now.

R1Soft CDP is having particular success in this space. The reasons that systems administrators at these hosting providers constantly and consistently cite for choosing R1Soft are:

Protects a large number of servers (I have talked to R1Soft customers using a single R1Soft CDP server to protect over 100 servers)
Is the only data protection provider of which I am aware that offers a snapshot plug-in for Red Hat Linux that has functionality similar to Red Hat Linux
Bare metal restore capabilities
An affordable starting price point (starts in the neighborhood of $15K)

CDP has long been a solution looking for the right venue in which to get a footing. In managed service providers, it finally seems to have found a match. These are cost-conscious organizations that need data protection software that gives them the ability to constantly protect their data and then quickly recover it. Equally important, they can achieve this ideal without first needing to put in place a costly hardware infrastructure.

This is really what makes rise of R1Soft CDP among managed service providers all the more impressive. There are numerous data protection providers in the market today but R1Soft CDP has carved out a nice niche for itself by providing the specific technical features that they need at a price point that matches their budget.

SMB Requirements of an All-in-One Storage Solution to Meet Their Immediate and Long Term Big Data Needs

2012-04-19T18:30:00Z

It seems there is no shortage of storage appliances on the market today from which small and midsize businesses (SMBs) may choose to meet their varied data storage needs. However, SMBs looking for an all-in-one storage appliance that can address both their current storage demands and position them to meet the unpredictable requirements of Big Data may wonder what such a solution even looks like or if it even exists. Today I quantify what features such an all-in-one storage appliance should ideally possess and where to look to find such a solution.

When it comes to buying storage, SMBs constantly grapple with how best to do so. The last thing they want to do is buy a solution that only meets today's storage requirements of today. However the future of Big Data makes predicting the future so unpredictable that they many settle for what the storage market has to offer and then pray they do not need to make a painful course correction in a few years.

Further complicating the situation, they want to also keep their environment as simple to manage as possible and spend as little money as possible to do so. In short, they want an all-in-one storage appliance that allows them to have their proverbial cake and eat it too.

The best place to look to determine the feature requirements of an all-in-one storage appliance is at enterprise storage environments. Enterprises normally separately acquire and then assemble the hardware and software that they need to meet their existing and anticipated storage requirements.

So by SMBs understanding what these features are, it goes a long way towards quantifying what features they need an all-in-one storage appliance to provide. These features include:

High performance storage. These storage systems support online storage (minimally in the form of SATA disk drives) which is primarily designed to support an enterprise's production applications that require higher levels of availability and performance. However these higher levels of availability and performance typically translate into higher prices for this tier of storage.

Archival storage systems. These storage systems start small and then easily and economically scale into the hundreds of terabytes. Archival systems prominently feature ease of management, ease of scalability and cost-effective storage capacity - both in terms of up-front capital costs and ongoing operational costs - and may consist of either online or nearline storage.

Plug and play networked storage. Networked storage systems that do file sharing are as ubiquitous in enterprises as they are in SMBs As such, any storage system needs to seamlessly plug into an existing network infrastructure with either a 1 Gb or 10 Gb Ethernet connection, support the CIFS/SMB and/or NFS file sharing protocols and appear as a shared folder to network users. Further, integration with Active Directory (AD) is often a prerequisite to ensure secure user access to the data stored on these systems.

Offline storage. Offline storage in the form of removable media (disk or tape) still plays a large role in enterprise organizations. Offline media provides significant savings over online storage solutions by reducing an organization's ongoing power and cooling costs.

Offsite storage. Storing data in the cloud is on the radar screen of most enterprise organizations and already in production in some. This gives them a practical method to store immense amounts of data offsite easily and economically.

Data management software. Having all of these types of storage systems and tiers of storage capacity is great. But enterprises still need software to automate the movement and placement of data on these different tiers of storage based on pre-existing or defined policies.

In this role it must support the creation of policies that establish the business value of the different types of data as well as classifies the underlying tiers of storage on which data is placed. The software will rely on these policies to classify data and then place it accordingly on the appropriate tier of storage.

As part of this, it will also need the inherent ability to distinguish between the different tiers of storage capacity under its management. In this way, it can determine on what storage tier to place data, how long to keep it there and when and under what conditions it should be moved and when it should be moved onto a specific storage tier.

Finally, this software also needs to protect the data by ensuring multiple copies (at least two) exist and that it is secure from unauthorized access or deletion. Further, it needs to natively include archiving features so as production data ages, it can be archived off of online storage to more cost effective storage nearline, offline and offsite storage tiers. This process of actively archiving data also serves to minimize the amount of data backed up as well as reduce the length of backup windows.

This list of requirements presents a lengthy and formidable challenge for any purpose-built storage appliance to satisfy if it is to meet all of an SMB's current and future storage needs. However benchmarking existing storage appliances against this list of requirements reveals that the Imation InfiniVault provides such functionality.

The Imation InfiniVault is, to the best of DCIG's knowledge, the only storage appliance that offers this comprehensive mix of enterprise hardware and software features. But maybe what is equally as important to SMBs is that the Infinivault's features may be managed by their existing IT staff, it includes all of the licenses that they need to get started and it should fit within their current budget.

SMBs have no shortage of storage appliances on the market from which to choose. But those who look critically at what these storage appliances have to offer and how well they align with their immediate and long term storage needs will find the Imation InfiniVault on their short list of products.

Don't Blink - You Could Miss the Failover; Interview with GreenBytes CEO Petrocelli Part IV

2012-04-18T13:45:00Z

In this fourth and final part of our interview series with GreenBytes CEO Bob Petrocelli, we hear about a three-second failover between canisters used in Solidarity, a solid-state storage array solution. If you're not looking, says Petrocelli, you could miss the failover.

Ben: So, since most of your stack is software, it's really not too big of a problem to be doing software updates on it. But I know you can run into a bit of an issue if there's ever a bug with the ASICS [application-specific integrated circuits]. Have you guys experienced any of that yet?

Bob: Firmware updates for sure. It's actually a lot easier to do on an HA [high-availability] box, because you can run on one canister and then do an update on the other canister. And then basically do a failover.

In fact, what Is interesting, I willl share a bit of info that we did when we were testing the failover benchmark. The standard HA box, which has magnetic drives in it, has 10-gig iSCSI failover of about 20 seconds, which is about par for the course. It isn't bad; that's good.

Ben: I laugh 'cause it's pretty decent.

Bob: Yeah, that's decent.

This unit, I was running an ESX server just earlier in the week. They had four VMs [virtual machines] running Iometer full tilt on a box. And they were running the way a customer would run it, which is the NFS [network file system], virtual disk provisioned against that, and Iometer against that. Some fancy pants going around VMware.

And I get failover between the canisters in three seconds. I could not even get my performance graph back up on the other canister quick enough.

So when you're dealing with such fast response times through the entire I/O [input/output] chain, I'm not sure that you would even notice that. Because not only was I--the failover happened so quickly--but I kind of forgot that my VMs were also running off the same box.

And I was remote desktoping in and I was still interacting with them. So there was no interruption of service.

I think if I had a 20-second time, I might have noticed. But there was no interruption of service. The Iometer paused for about, again, three seconds before it continued.

So we are pretty optimistic that the user experience, as we start to drop these in for the things people like to do first, is going to be favorable because, of course, they are going to want to fail it. When they see it fail over ... they're going to miss it if they turn around.

Ben: What kind of rack real estate should users expect?

Bob: We are currently shipping a 3U unit with 16 drives. In this particular unit, all of the drives are three-and-a-half inch. The RAM-based drive has to be that big because it has got a lot stuffed in it.

The SSDs [solid-state drives] are interesting because they're actually dual controllers that use dual SandForce 1550s, which are a well-proven controller. And then they have logic in them to make them SAS-2 [Serial Attached SCSI-2]. So ... SAS-1 controllers and double the bandwidth, and they present a SAS-2 interface.

You are going to see a shift over the next year or two to more inexpensive flash technologies. That will lead--once people start to figure this out--to more intelligent up-front I/O that has much bigger caches to absorb the writes. And then, frankly, much cheaper solid-state drives. ... They are not consumer.

By cheaper I do not mean cheap; I mean less expensive [drives] that are designed to absorb a lot of reads. They write fine, they just do not have a big write duty cycle and that is what we are aiming at.
We think it is a game changer, frankly, because the cost of magnetic drives has gone up and their availability turning to a spot market. When we build magnetic systems, we basically buy them on the spot market and then charge our customers on a per-drive basis. It makes a lot of sense to do what we are doing.

Ben: Because that is a 3U unit with two canisters, are you looking at a larger model that can handle more? I know that is a lot of IOPS [Input/Output Operations Per Second] for a medium-sized company. But when it comes to an enterprise--

Bob: There are two expansion strategies. One is a JBOD [Just a Bunch Of Disks] that plugs right into it. That doubles your I/O. That'll be announced shortly after the base product is announced.
We are just qualifying that hardware now. Basically, it brings a second canister that is fully active; because right now that canister is more of a supporting role.

The second one is a 4U model, which is 24 drives. I expect that model to be available in the late spring-summer timeframe. It just started going through mechanical engineering with our hardware partner a few weeks ago. They Are definitely bigger.

Ben: That was my main question, was where you saw that double-headed piece moving?

Bob: When you think about, what Is the difference whether it Is in a canister or in a 1U or 2U head? It's identical whether the connections are in a midplane or external--it's the same software. So it Is really a question of market demand and where we can play.

In the Part I of this series, GreenBytes CEO Bob Petrocellis gives us some background on how forays into SSD and the replacement of magnetic drives led to the development of Solidarity, a solution that's got people talking.

In Part II of this series, GreenBytes CEO Bob Petrocellis discusses the architecture of Solidarity and what differentiates it from competitive SSD solutions.

In Part III of this interview series, GreenBytes CEO Petrocellis shares what he refers to as some of the "dirty little secrets" about some hardware that was cleverly repurposed to give Solidarity an edge in compression.

HP Storage and Server Integration with Microsoft System Center 2012 Gives New Visibility into Today's Private Clouds

2012-04-17T17:00:00Z

New found agility, reduced CAPEX and OPEX and centralized IT infrastructure management are driving the adoption of private clouds. But as organizations enter them their dark side of management complexities becomes more plainly seen. This is where HP's heightened integration with Microsoft Systems Center 2012 with its Virtual Machine Manager component comes into play as it enables organizations to transform private cloud infrastructures from being dark and unmanageable into ones that they are easily visualized and controlled.

Organizations are adopting virtualization and private cloud infrastructures for three simple reasons.

Centralized IT infrastructure management. Virtualization breaks the 1:1 relationship between applications and backend servers and storage. This facilitates the consolidation of this hardware into one location so it may be centrally managed with a better grasp of what applications are in use.
Increased agility. Private clouds provide new freedom to move applications to the most appropriate server or storage hardware to optimize available capacity and resources which is now possible since they are all in one location
Reduced CAPEX/OPEX. Being able to use the same server and storage hardware to host multiple applications lowers the upfront capital expenditures (CAPEX) on these items as well as ongoing operating expenditures (OPEX) such as power and cooling.

But as they reap the benefits of private clouds, organizations are also seeing their darker sides. For example, private cloud components (applications, operating systems, and server and storage hardware) each have their own interface that requires administrators to possess a sophisticated set of technical skills to manage them. Some organizations are also then building their own private clouds using components from various vendors adding to the complexity of private cloud management.

Organizations will minimally need an administrator that has moderate to high levels of technical expertise that is typically well beyond what most average IT managers possess. So assuming an organization can even find such an individual with this expertise, this person will not come cheap and may be difficult to retain.

Those organizations that go down the path of building their own private cloud using solutions from various vendors face an even bigger challenge. In addition to the need to hire a highly skilled person to manage their private cloud, they have also created a cloud without any centralized software to manage it.

These drawbacks of managing private clouds are why organizations are re-evaluating the best way to go forward with private clouds. This is why private clouds that consist of components that integrate with a comprehensive management platform are emerging as the best way to move forward with private clouds right now.

Resolving this complexity explains some of the genesis behind HP announcing a tightly integrated management offering with Microsoft Systems Center 2012. Microsoft System Center Virtual Machine Manager (MSCVMM) already does in-depth monitoring, management and visualization of private cloud infrastructures through its integration with common operating systems like Windows, Sun Solaris and various Linux/UNIX distributions as well as the three leading hypervisor platforms: Microsoft Hyper-V, Citrix XenServer and VMware vSphere.

However as private cloud adoption expands in enterprise organizations, the need for management integration of server and storage hardware with System Center 2012 in these private clouds has become more acute. This is why today we see how the tight management integration from server and storage hardware providers like HP enables a more holistic and simpler approach to private cloud management.

Making this integration particularly desirable from a SAN management perspective is that organizations may now use System Center 2012 as their primary portal to visualize and manage their SAN infrastructure. In this way organizations can use System Center's wizards to centrally provision storage, re-allocate storage, monitor alerts and even place guest OSes on the most appropriate hardware to optimize available resources.

Equally notable is the caliber of HP server and storage hardware that MSCVMM can now manage. The ProLiant Gen8 servers and HP 3PAR Storage are HP's enterprise class hardware offerings. So by adding support for these HP offerings, MSCVMM expands its appeal as an enterprise virtualization infrastructure management solution.

But possibly what makes HP's storage management integration with System Center 2012 the most appealing is that it minimizes or even eliminates the need for organizations to hire SAN specialists to manage their private clouds. Now they can more confidently move ahead with a private cloud deployment without wondering how they are going to support it.

HP VirtualSystem VS3 for Microsoft automates the management of HP ProLiant Gen8 servers and HP 3PAR Storage as it comes pre-tested, pre-configured and ready to run with Microsoft Hyper-V and System Center 2012. This tighter integration now facilitates faster provisioning of new VMs on the HP ProLiant Gen8 server side. On HP 3PAR Storage, administrators may now:

Consolidate event and alert management within the System Center 2012 Operations Manager console
Centrally discover and then manage HP 3PAR Virtual Volumes and Snapshots
Configure Live Migration and automate failover between different data centers

Private clouds are rapidly changing how organizations deploy applications but a similar transformation in how private cloud infrastructures are managed also needs to occur. This in large part explains why alliances and integration between providers like HP and Microsoft are deepening.

Organizations and vendors alike are coming to the realization that centralized visualization, change management and centralized monitoring, reporting and management of private cloud infrastructures can no longer be afterthoughts if private clouds are to realize their full potential. Using the high levels of integration that is now available between HP servers and storage and Microsoft System Center 2012, organizations do more than adopt a private cloud. They get a solution that delivers the functionality they need, the levels of visibility and control they want and the automation to manage it.

An In-Depth Explanation of Why Data Ownership Issues Persist in Microsoft SharePoint and How to Resolve Them

2012-04-16T10:00:00Z

The move from NAS to Microsoft SharePoint is in full swing in many organizations as they look to leverage SharePoint to better track and manage their various documents. Yet what they are discovering is that the same fundamental questions that they had regarding file ownership and usage in NAS environments persist even after SharePoint is implemented. This is prompting organizations to once again turn to Symantec Data Insight to understand data usage and ownership in their SharePoint environments.

The number of organizations who are looking to adopt Microsoft SharePoint is, in a word, overwhelming. A 2010 survey found that 90% of the respondents already use SharePoint. It also found that the adoption rate of SharePoint is expected to reach 97% in organizations in the next few years.

This rapid adoption is driven in large part by the belief that SharePoint will solve many of the issues that file shares or NAS cannot address. In this respect, SharePoint certainly addresses some of them.

Security and policy based auditing, document check-in and check-out, and document version history are just a few of the new options that SharePoint brings to the table that NAS does not support. However one data management challenge of NAS that SharePoint does not resolve - and which many may incorrectly assume it does - is that of data ownership.

Part of the reason that SharePoint fails to fully resolve this issue of data ownership is that, like NAS, it takes the same approach to assigning file ownership. In other words, both NAS and SharePoint infer data ownership based on who originally created the data. While this sounds good in theory, in practice it is a flawed approach as it only works well in relatively small organizations (as small as 10 users or less!)

This approach does not take into account that users are the most fluid and rapidly changing aspect of any organization. As such, the individual who initially created the data may change departments, leave the company or eventually no longer need access to the data that he or she created. Unfortunately the methodology employed by both NAS and SharePoint assume the same owner for in perpetuity.

A better way - and the one employed by Symantec Data Insight - is to infer data ownership based upon who is currently and most frequently accessing the data. This more sophisticated technique takes into account how organizations evolve over time and that the individual or individuals who need to access the data also may need to change using real-time measurements of data access and usage to arrive at who should own the data.

In making a determination as to data ownership within SharePoint, Data Insight uses its SharePoint integration to audit how frequently data is accessed and by whom. It then calculates ownership based upon activity level.

Once a determination is made, organizations have two options to assign data ownership. Ownership may be assigned automatically based upon Data Insight's calculations. However many organizations use Data Insight to first identify the top three to five users of the data. They may then use that information to tag who they want to be data's custodian in addition to letting Data Insight automatically infer ownership.

Many organizations are rightfully moving from NAS to SharePoint to take advantage of SharePoint's advanced auditing and policy-based data management features. However SharePoint and NAS still are much more alike than different when it comes to establishing and determining data ownership. As such, the issue of establishing and maintaining data ownership persists in SharePoint environments.

This is why Data Insight's support and integration with SharePoint remains both relevant and necessary. It gives organizations the insight they need into who owns what data in their SharePoint environment as well as the reports they need to understand how it is being used and accessed. Using it, they are empowered to manage their SharePoint data in a manner that is as dynamic as the users who access it.

In the next part in this blog series on Data Insight, I take a look at its integration with Enterprise Vault and why this integration has become a necessity for effective data management.

Austin Convention Center Adds Tablets to Tool Belts on the Exhibit Floor

2012-04-13T10:00:00Z

In this interview series with Austin Convention Center Database Administrator Jeff Moore, we are uncovering decision criteria for Apple iPad adoption and Mobile-first application development.

Part 5 of this interview covers Mr. Moore's views on with cloud applications impact on desktop users, tool belts with tablets and how the iPad helped the Austin Convention Center with their Gold LEED certification.

Joshua: Has there been much of a change there in terms of the way the traditional desktop version users are maybe gravitating to the iPad version?

Jeff: Well the desktop users in exhibitor services, it's kind of divided up. We have the exhibit services employees that use the desktop application. And then the orders were processed by people in maintenance crew, the crews didn't have usable access to the desktop application. All those team members would receive paper.

The only kind of dual purpose in terms of employees that have used both the desktop and the iPad version, would at this point be exhibitor services.

The beauty of FileMaker Go is that you can take a FileMaker Pro application and you can point FileMaker Go to that application. In most ways it will just work. So you don't even need to do any redevelopment. But what we agreed to step back, and then asked:

What is it we're trying to do?
How do we expect this to work on an iPad compared with other applications that I use on an iPad?"

And so we came up with a group of standards for our user interface with iPad based applications. So, the way they use it on their iPad is more iOS like than the way that they use it on their desktop, which is more Windows like.

And we do use similar terms, similar types of buttons on some screens. The header is usually the same. So while the buttons are more iOS like on the iPad, our utility services manager header, it's the same exact thing that they see when they're on their desktop, they see on their iOS device. So there's a bit of familiarity in application for team members.

I think they've really enjoyed using the technology, for the most part. Like I said, there are always those people who they're looking at the risk side of adopting new processes and technologies. But by and large the people that we ally ourselves with are the ones that are excited about the improvements to customers and team members, and that can give you necessary feedback

In fact, the supervisors within maintenance, those team members were out there with a pen and paper, sometimes writing things on their hands, radioing things back and forth between exhibitor services. Sometimes they found themselves at a high tech event and writing on their hand.

Now they feel great because they are thinking and saying "now we get to use the high tech tools and we get to help set up this high tech event using high tech tools."

We trust them to use the new tools- no questions asked. Their managers have communicated that the teams get the job done more efficiently because they're trusted and excited about using the same technology available to those attending the event.

Joshua: That is a great reflection on Austin and our culture of being open to new technologies, speaking of Austin, what was the LEEDs form you wanted to talk about?

Jeff: Thank you for reminding me. We have just recently obtained our Gold LEED certification as a facility. The team is really proud of that. In order to get that sort of certification, building must undergo an evaluation period of a year. We must accumulate a lot of data and it must be evaluated.

This is where FileMaker has been a big help. We had a purchasing application that we've used for a while. When I started to work here three years ago, we took it to the next level by adding a request piece on it. Basically, there is a portal where team members can make purchase requests. And then the purchase requests are translated into an order by the buyers.

And then that order gets fulfilled -- then I created a module on the back end of the process where the employees down on the dock and they're checking in the products. We ordered this many, this is how many were received, etc. So we have a creation to cremation tracking system.

This system had been built shortly before we realized that LEED certification required us to gather a little more information about sustainable products that we're purchasing, or whether our products just aren't sustainable at all, and what percentage of them are.

So we were able to use FileMaker for the application initially. Based on those early requirements, we started to evolve the application to meet LEED specific requirements.

For example, instead of requesting a product only, now we request a chair, but we go through and categorize the purchase in a three tiered method. We store the sustainability metadata with the order, and then we built in reports for our sustainable employee that was supporting our LEED certification effort.

We extended the LEED certification application to the iPad. Again, we used FileMaker and FileMaker Go to develop a facilities audit. So the employee that would perform the audit would take their iPad around the facility at set intervals. They would gather information about the facility. And they'd do it on the iPad using FileMaker Go. All the collected data goes in to the main system and used as part of our LEED evaluation.

In this blog, Mr. Moore shared his experience with cloud applications impact on desktop users, tool belts with tablets and how the iPad helped the Austin Convention Center with their Gold LEED certification.

Part 1 - Austin Convention Center chooses iPads over Android and Considers Cloud Storage for File Synch and Share

Part 2 - Austin Convention Center considers New iPad for Camera to Support Facility Incident Application

Part 3 - Austin Convention Center Ditches Laptops and FTP for iPads and Cloud Application Storage

Part 4 - Austin Convention Center Embraces Cloud Application Storage

Solidarity's Dirty Little Secrets; Interview with GreenBytes CEO Bob Petrocelli Part III

2012-04-12T10:00:00Z

In this third part of our interview series with GreenBytes CEO Bob Petrocelli, we learn about some of the advantages of using solid-state drive (SSD) technology and how Solidarity's use of SSD differs from others' implementations of it. As well, Petrocelli divulges what he calls a "dirty little secret" about some hardware that was cleverly repurposed to give Solidarity an edge in compression.

Ben: So, what makes Solidarity different from other SSD solutions?

Bob: I talked about the RAM SSD. You get them for free. Our deduplication engine is capable of deduplicating 100,000 blocks per second. So the deduplication engine is not a bottleneck in this case as we're using relatively inexpensive flash and fronting it with good optimization technology.

This is where our difference starts to emerge when you start factoring even modest effects of optimization. What we see with VMs and deduplication is that you do not have to worry about having to license all of these storage add-ons on the front end. Basically, the more VMs you have which means more copies of the base operating system which may achieve up to a 92 percent data reduction on that front.

Then compression is also extremely effective. It's hard to gauge it exactly and we take a very conservative path. But if you are overall running a large number of virtual machines and their client loads against this unit, you're probably going to see a five-times data reduction, which is very modest. You're probably going to do better than that.

The advantage of being all solid state is that we tend to measure our IOPS [input/output operations per second] in 32K chunks and you have to look at real-world IO sizes. We're seeing 32K IOs in a range of 30,000 reads and writes simultaneously.

What's nice about having a box like this is you don't have to worry about the quality of service and provisioning for all these edge cases that you have with magnetic disks. So you can basically put the box up there, plug it into your switch, and then figure out what workload you want to throw at it. It's able to absorb high-random-write workload and high-random-read workload about equally because of the RAM front end.

Ben: You've got hardware compression engine. Are you using that compression engine for both the reads and the writes?

Bob: Yes, of course. You get the advantage of having three times the effective capacity as well.

Ben: That's the beauty of a system like this, is that you've got such an amount of caching in an area like VDI were you do have a lot of redundancy and such. You can really have some pretty significant IOPS on reads.

Bob: What's interesting with VDI is a lot of people have said VDI has turned the read-write equation on its head, where they say it's 70 percent write, 30 percent read.

But that's really an artifact of thin clones. If you don't use thin clones and you just use ordinary fat clones--like just regular images--it actually becomes more of a 50/50 load.

It actually improves the balance over your network to not use thin clones. They've done a lot of measurements and found that thin clones are impairing the balancing of the IO over the network because they cause a lot of data unpacking to occur when you access them.

We think that a unit like Solidarity is able to allow you to run out of storage space per desktop for user space before you run out of IO. So you're really limited only by how much user space you want to give per desktop before you have to add more units onto your switch. That's an alternative mindset from just having to add more spindles.

We're pretty excited about it because one could have a unit like this with 60 terabytes and effectively host 6,000 to 7,000 VDIs, maybe more, including the user space. You end up with a cost of maybe of $150,000 for all that storage. That's a pretty good deal.

Ben: You said that you are mostly dealing with 32K read blocks. After you compress and deduplicate the data within that block, that block size could be a few bytes, anywhere up to still being 32K, right?

Bob: Yes. We actually have a variable block that we write. So we only write a block that's big enough to hold the data. If it compresses down to 8K, then we write an 8K block. We write the nearest power anyways; we don't write some crazy number. We write the nearest power that the block will fit in. And if the block is a whole, if it compressed to basically nothing or deduplicated away, then it's only the block pointer that gets put down on the disk.

Ben: So you don't combine blocks within a flash RAM--with an SSD block, then?

Bob: There is a notion of combining, but it's to really combine for IO purposes. It is IO coalescing that happens during a transaction. So when a transaction gets put in this IO strategy that is determined.

You might take a whole bunch of 32K blocks and write them as a much larger IO because it's more efficient. But they still have their separate pointers to fit the excess access space otherwise you could not deduplicate them.

Ben: Understood. So you've actually got two blades being inserted into a larger appliance, is that the case?

Bob: Yes. Those are the high-availability controllers. And those are hot swap.

Ben: The power supplies are on the larger appliance, is that the case?

Bob: Yes. There's actually two chassis: an A chassis and a larger B chassis. ... Both of them have the power supplies in the appliance that swap separately. They also both have hot swap PCIE [peripheral component interconnect express] trays for the compression accelerator cards, which look like little grates that look like cooling grates. There are actually covers for the PCIE trays. So each canister needs its own accelerator card.

Ben: The GZIP ASICs [application-specific integrated circuits] are custom. Do you guys foresee any supply chain issues with using custom ASICs?

Bob: The thing about the GZIP ASICs is they were not designed for us. The dirty little secret is we're buying them because they were designed for the web server market. They were designed to compress web traffic. We repurposed them and put a driver together to use for storage.

There are about three companies that make very similar cards that have similar performance attributes. We actually have a dual source on those. A couple of the companies are very healthy. So this size model has a canister-based design. A little bit later in the year we are going to introduce a dual-headed design for larger deployments.

In the Part I of this series, GreenBytes CEO Bob Petrocellis gives us some background on how forays into SSD and the replacement of magnetic drives led to the development of Solidarity, a solution that's got people talking.

In Part II of this series, GreenBytes CEO Bob Petrocellis discusses the architecture of Solidarity and what differentiates it from competitive SSD solutions.

In Part IV of this interview series, GreenBytes CEO Bob Petrocelli talks about Solidarity's failover response, including a failover response time of merely three seconds between canisters measured during testing.