Celerra hammers SPEC CIFS Benchmark again. With one Datamover

The latest Celerra VG8 CIFS Benchmark of 142.9K IOPS puts the Celerra on top of the CIFS pile, beating the former record holder the EMC Celerra NSG-8 using just one Active Datamover as opposed to the two used in the previous benchmark.

That’s hardcore.

So hardcore it’s close to 24K IOPS per processor core.

It's on like Isilon

This post is to point you to this webcast recording of the proposed EMC-Isilon transaction.

Pat provides all the information worth having until the deal closes.

Solving For The Cryptic Conundrum

How do I encrypt and protect sensitive data is certainly a question we get asked; I'm not sure we've got really good answers quite yet.

via storagebod.typepad.com

I read Bod's post having just delivered my Security session in Paris answering that exact question so the initial draft of this was very detailed.

It ended up in the Recycle Bin because it was an incredibly busy week and that’s how I roll.

Summarizing it at 5:00AM on a Friday morning, there isn't a single approach to Encryption that is correct but a lot of them that are incorrect when used on their own. In recent memory the people in the market who said they had a one size fits all solution were vendors who wanted you to put a crypto box in front of everything. I found such devices to be buggy, unstable and far more trouble than they were worth, indeed they were so awful they no longer exist as a market segment.

But lets forget about those monstrosities and break it down. Encryption for data at rest can be deployed at five points.

1. In the Application. Data being created, modified and destroyed but always encrypted.
2. At a Database or File level. Data being encrypted when it’s stored in a logical structure. This goes to to heart of Bod’s NAS question, files on NAS should be secured on a per file basis so the encryption travels as the file does.
3. On the Host. Here’s where encrypted file systems, HBAs and I/O encryption ensure nothing leaves that Host in the clear.
4. In the network. Clear text comes out of the source but cipher text arrives at the destination. Somewhere in between an ASIC in a switch has done the translation.
5. In the storage platform. It’s clear right until it hits something external to the host which reads and writes data to physical media and only then is it encrypted.

Here’s the bad news.  The level of overall protection decreases as you move from 1 to 5, 1 being the most secure, but the level of overall implementation complexity increases as you go from 5 to 1. 5 being the least complex to introduce.

Application level security may require code be written to ensure every operation is encrypted, but every operation will then be encrypted as it occurs. Platform level security could be a checkbox next to the usual host access commands and if you’re using data reduction techniques the encryption can happen after the data has been reduced but before it’s written to disk. But the data is open to being compromised at any level above the platform itself.

Now lets say you have a larger environment and you’ve deployed some or all of the above. You’ll need a Key Management System to generate keys, securely deliver them with as little human interaction as possible, Vault them in case they’re needed later down the line, Expire & Roll them over when required and Monitor & Audit their usage.

The upshot is all of this is it gets as complex as you need it to be. People go looking at encryption with the idea they need to encrypt everything but then back away when they realise how complex things will get.

That’s a sign that not everything needs to be encrypted, only some of it needs to be encrypted. The first step to a successful deployment is to sit down and decide at which of the five levels should the encryption occur considering the level of protection required.

Dawn Of The Dumb

What the Dumb say: VCE has only sold 62 Vblocks.

What the recording says.

MR JOHN CHAMBERS: With 62 enterprise and service provider accounts beginning Vblock implementations or have Vblocks actually in production.

62 Accounts, such as Orange, MTI and Lockheed-Martin.

Not 62 systems.

If this comes up in conversation with someone positioning against Vblock then you can be certain they were either too dumb to check for themselves, all I did was listen to the call, or they’re just lying to you.

A tale of 4 vendors « The NetWorker Blog

Now for the disclosures:

1. EMC bought us coffee.
2. EMC gave us folios with a pad and paper. I took one. The folio will end up in my cupboard with a bunch of other vendor provided folios from over the years.
3. IBM gave us “leftover” neoprene laptop bags from a conference, that had a small pen and pad in it. My boyfriend claimed the neoprene bag.
4. IBM bought us coffee.
5. IBM provided lunch.
6. HDS provided afternoon tea.
7. HDS provided drip-filter coffee. I did not however in any way let the drip filter coffee colour my experience on-site. (Remember, I’m a coffee snob.)
8. NetApp provided beer and wine. I had another engagement to get to that night, and did not partake in any.

via nsrd.info

I love those disclosures. The rest of the post has the same insight too.

Vblock™ Infrastructure Packages

Vblock^TM Infrastructure Packages

With Vblock^TM Infrastructure Packages, the VCE coalition delivers the industry's first completely integrated IT offering that combines best-in-class virtualization, networking, computing, storage, security, and management technologies with end-to-end vendor accountability.

These integrated units of infrastructure enable rapid virtualization deployment, so customers quickly see a return on investment. Vblock Infrastructure Packages offer varying storage capacities and processing/network performance, and support such incremental capabilities as enhanced security and business continuity.

Vblock Infrastructure Packages are jointly tested and supported to deliver the right performance and capacity at the right price. Customers can integrate existing OS, applications, databases, and infrastructure software, using any protocol.

Harness the power of virtualization to place considerable business benefits within reach, including:

Efficiency: Vblock is the only platform built from the most efficient virtualization solution, converged server and network platform, and enterprise storage. Vblock is jointly integrated over years to form the most efficient private cloud architecture and platform that includes enterprise data protection, management and security.

Control: Vblock is the only platform that blends cloud computing with integrated, consistent enterprise security and compliance, comprehensive business continuity and disaster recovery capabilities, performance, consumption, and mobility management, management uniformity and consistency of infrastructure elements, a single services and support model, and finally, IT agility and responsiveness to changing priorities for faster deployment and scalability.

Choice: Vblock is the only integrated solution that allows customers to choose the right market-leading technology for the most efficient IT infrastructure, the right IT consumption model, and the right partner from a rich partner ecosystem.

via www.vce.com

An App layer comes to VBlock in the form of SAP and VMware VDI.

And when you've deployed it, back it up.

EMC's Acquisition Strategy: New Insights from Data Domain

"EMC has a long acquisition history and track record," says Matt Olton, vice president of corporate development at EMC. "We've learned our lessons about what works and what creates more challenges."

A caveat: EMC is "often viewed as a very acquisitive company," Olton says, "but you'll see investments in R&D equivalent to our acquisition spend." Not many tech companies can focus on both internally and externally driven innovation on a large scale, says Olton, an 11-year veteran of the firm who works with a core team of about a dozen members, plus a much larger virtual team that cuts across all business functions.

via www.fool.com

Couple of good points here about M&A in general. I've seen ones that didn't quite work, didn't work at all and ones that worked better than you could have imagined.

When you get more than one of the brilliant ones you know it isn't the luck of the draw.