More blog posts in The Data StackWhere is this place located?
1 2 3 60 Previous Next

The Data Stack

889 Posts

Intel today announced four new channel-ready dual-socket motherboards to support the just released Intel® Xeon® processor E5-2400 product family.

 

The new boards take advantage of core features of the Intel Xeon processor E5 family, such as Intel Integrated I/O, Intel Turbo Boost technology 2.0 and Intel Trusted Execution Technology. They also address a range of common customer scenarios, from small and medium businesses (SMBs) planning to roll out their first servers to larger, budget-minded businesses looking at enterprise, cloud and high performance computing deployments.

 

Today’s announcement underscores Intel’s commitment to provide channel partners with the industry’s most extensive server motherboard product portfolio and offers several powerful, flexible and efficient entry level options for channel partners looking to drive new business.

The new dual-socket motherboard offerings include:

 

  • Intel® Server Board S2400SC:  A cost-effective, value solution for demanding first server environments, this board supports Intel® Server Management and has expanded I/O with 32 total PCIe* lanes, including 28 PCIe Gen3.
  • Intel® Server Board S2400GP: Ideal for mid-sized businesses, the S2400GP includes mainstream 12 DIMM support and flexible I/O with 48 PCIe Gen3 lanes.
  • Intel® Server Board S2400BB: Designed for rack mount environments, the S2400BB features 12 DIMM support on 6 memory channels and mainstream 48 PCIe Gen 3 I/O lanes and also provides great configuration flexibility, including multiple boot options like DOM and mSATA modules. It is very well suited for enterprise and cloud computing deployments.
  • Intel® Server Board S2400LP: A half-width form factor, the S2400LP will appeal to organizations looking for a cost-effective solution for high performance computing (HPC) and high demand cloud deployments.  The board is price and performance optimized with Infiniband* and Dual Gigabit Ethernet capabilities.

 

The new boards also come with a range of innovative Intel software and services, providing the channel with more ways to boost service offerings, grow revenue and enhance their partner position with end customers. The offerings include:

 

  • The Intel Server Continuity Suite, which delivers software for managing both Intel® Rack and Pedestal Server and Intel® Modular Server products. It offers the channel and their SMB customers a low cost, easy to use server management solution that provides real-time, continuous backup, point-and-click systems management and easy to deploy virtualization capabilities.
  • Intel® On-site Repair for Servers, which provides Next-Day onsite repair, is available in all 50 US States and select Canadian cities.
  • Intel® Server Component Extended warranty, which adds two more years to the standard three-year warranty.

 

The new entry level motherboards can be ordered immediately and are expected to ship by the summer. For more information, please go to The Intel Server Edge.

5600 Series.jpgThree Taiwanese companies are building their IT—and their businesses—with the Intel® Xeon® processor 5600 series:

  • Blackmagic Design gets the power of efficient, compact, and high-performance rendering with Intel® Xeon® processor 5600 series.
  • Panasonic Taiwan builds an energy-and cost-efficient enhanced virtualized environment through high-performance servers based on Intel Xeon processors 5600 series.
  • Taiwan Taxi uses a cloud computing system powered by Intel Xeon processor 5600 series  to give passengers and drivers a comfortable and safe riding experience.

Designed for industry-leading performance and maximum energy efficiency, the Intel Xeon processor 5600 series delivers versatile one-way and two-way 64-bit multi-core servers and workstations that are ideal for a wide range of infrastructure, cloud, high-density, and high-performance computing (HPC) applications.


As always, you can find many more success stories like these on the Intel.com Business Success Stories for IT Managers page  or the Business Success Stories for IT Managers channel on iTunes.  And to keep up to date on the latest business success stories, follow ReferenceRoom on Twitter.

By Jim Pappas

 

The SSD Form Factor Working Group has announced its Enterprise SSD Form Factor 1.0 specification defining a new standard connector which for the first time includes PCI Express as a interface to attach 2.5"/3.5” SSDs to computer systems.  Intel was one of five promoter companies, along with more than 50 contributor companies, to define the technology, and write this specification. What really differentiates this announcement from most other standardization efforts is the amount of cooperation across a large number of standards organizations.

CONNECTOR.jpg

 

In addition to supporting PCI Express, this new specification also supports existing interfaces already widely used in the industry. Representatives from the SATA-IO International Organization, SCSI Trade Association, ANSI T10, PCI SIG and SFF organizations all worked cooperatively to define this specification. Rarely does the industry see such widespread cooperation amongst such organizations. The benefit to end users is the enablement of a single storage interface, which accepts SSD drives with almost any interface, giving users greater choice when configuring their computer environments. It is expected that this work will become the base for the emerging SFF-8639 specification.

 

Jim Pappas is a Director of Technology Initiatives at Intel.

 

Please note: A version of this article originally apeared on The Data Center Journal

 

 

 

Every server in a data center runs on an allotted power cap that is programmed to withstand the peak-hour power consumption level. When an unexpected event causes a power spike, however, data center managers can be faced with serious problems. For example, in the summer of 2011, unusually high temperatures in Texas created havoc in data centers. The increased operation of air conditioning units affected data center servers that were already running close to capacity.

 

Preparedness for unexpected power events requires the ability to rapidly identify the individual servers at risk of power overload or failure. A variety of proactive energy management best practices can not only provide insights into the power patterns leading up to problematic events, but can offer remedial controls that avoid equipment failures and service disruptions.

 

 

Best Practice: Gaining Real-Time Visibility


Dealing with power surges requires a full understanding of your nominal data center power and thermal conditions. Unfortunately, many facilities and IT teams have only minimal monitoring in place, often focusing solely on return air temperature at the air-conditioning units.

 

The first step toward efficient energy management is to take advantage of all the power and thermal data provided by today’s hardware. This includes real-time server inlet temperatures and power consumption data from rack servers, blade servers, and the power-distribution units (PDUs) and uninterrupted power supplies (UPSs) related to those servers. Data center energy monitoring solutions are available for aggregating this hardware data and for providing views of conditions at the individual server or rack level or for user-defined groups of devices.

 

Unlike predictive models that are based on static data sets, real-time energy monitoring solutions can uncover hot spots and computer-area air handler (CRAH) failures early, when proactive actions can be taken.

 

By aggregating server inlet temperatures, an energy monitoring solution can help data center managers create real-time thermal maps of the data center. The solutions can also feed data into logs to be used for trending analysis as well as in-depth airflow studies for improving thermal profiles and for avoiding over- or undercooling. With adequate granularity and accuracy, an energy monitoring solution makes it possible to fine-tune power and cooling systems, instead of necessitating designs to accommodate the worst-case or spike conditions.

 

 

Best Practice: Shifting From Reactive to Proactive Energy Management


Accurate, real-time power and thermal usage data also makes it possible to set thresholds and alerts, and it introduce controls that enforce policies for optimized service and efficiencies. Real-time server data provides immediate feedback about power and thermal conditions that can affect server performance and ultimately end-user services.

 

Proactively identifying hot spots before they reach critical levels allows data center managers to take preventative actions and also creates a foundation for the following:

 

  • Managing and billing for services based on actual energy use
  • Automating actions relating to power management in order to minimize the impact on IT or facilities teams
  • Integrating data center energy management with other data center and facilities management consoles.

 

 

Best Practice: Non-Invasive Monitoring


To avoid affecting the servers and end-user services, data center managers should look for energy management solutions that support agentless operation. Advanced solutions facilitate integration, with full support for Web Services Description Language (WSDL) APIs, and they can coexist with other applications on the designated host server or virtual machine.

 

Today’s regulated data centers also require that an energy management solution offer APIs designed for secure communications with managed nodes.

 

 

Best Practice: Holistic Energy Optimization


Real-time monitoring provides a solid foundation for energy controls, and state-of-the-art energy management systems provide enable dynamic adjustment of the internal power states of data center servers. The control functions support the optimal balance of server performance and power—and keep power under the cap to avoid spikes that would otherwise exceed equipment limits or energy budgets.

 

Intelligent aggregation of data center power and thermal data can be used to drive optimal power management policies across servers and storage area networks. In real-world use cases, intelligent energy management solutions are producing 20–40 percent reductions in energy waste.

 

These increases in efficiency ameliorate the conditions that may lead to power spikes, and they also enable other high-value benefits including prolonged business continuity (by up to 25 percent) when a power outage occurs. Power can also be allocated on a priority basis during an outage, giving maximum protection to business-critical services.

 

Intelligent power management for servers can also dramatically increase rack density without exceeding existing rack-level power caps. Some companies are also using intelligent energy management approaches to introduce power-based metering and energy cost charge-backs to motivate conservation and more fairly assign costs to organizational units.

 

 

Best Practice: Decreasing Data Center Power Without Affecting Performance


A crude energy management solution might mitigate power surges by simply capping the power consumption of individual servers or groups of servers. Because performance is directly tied to power, an intelligent energy management solution dynamically balances power and performance in accordance with the priorities set by the particular business.

 

The features required for fine-tuning power in relation to server performance include real-time monitoring of actual power consumption and the ability to maintain maximum performance by dynamically adjusting the processor operating frequencies. This requires a tightly integrated solution that can interact with the server operating system or hypervisor using threshold alerts.

 

Field tests of state-of-the-art energy management solutions have proven the efficacy of an intelligent approach for lowering server power consumption by as much as 20 percent without reducing performance. At BMW Group,[1] for example, a proof-of-concept exercise determined that an energy management solution could lower consumption by 18 percent and increase server efficiency by approximately 19 percent.

 

Similarly, by adjusting the performance levels, data center managers can more dramatically lower power to mitigate periods of power surges or to adjust server allocations on the basis of workloads and priorities.

 

 

Conclusions


Today, the motivations for avoiding power spikes include improving the reliability of data center services and curbing runaway energy costs. In the future, energy management will likely become more critical with the consumerization of IT, cloud computing and other trends that put increased service—and, correspondingly, energy—demands on the data center.

Bottom line, intelligent energy management is a critical first step to gaining control of the fastest-increasing operating cost for the data center. Plus, it puts a data center on a transition path towards more comprehensive IT asset management. Besides avoiding power spikes, energy management solutions provide in-depth knowledge for data center “right-sizing” and accurate equipment scheduling to meet workload demands.

Power data can also contribute to more-efficient cooling and air-flow designs and to space analysis for site expansion studies. Power is at the heart of optimized resource balancing in the data center; as such, the intelligent monitoring and management of power typically yields significant ROI for best-in-class energy management technology.

[1]White Paper, PoC at BMC, “Preserving Performance While Saving Power Using Intel Intelligent Power Node Manager and Intel Data Center Manager” http://software.intel.com/sites/datacentermanager/whitepaper.php

To find out more, read the entire article at http://www.datacenterjournal.com/facilities/driving-under-the-limit-data-center-practices-that-mitigate-power-spikes/

Used with permission from The Data Center Journal (www.datacenterjournal.com) – EDM2R Enterprises, Inc., Copyright 2012. All rights reserved.

vontobel.jpgTwo financial services companies are using the top-of-the-line Intel® Xeon® processor E7 family to get record-breaking performance and scalability for their mission-critical challenges.


For example, Helvetia Group created standardized and centralized data center model that was more scalable and agile than its existing distributed approach. It's cut average provisioning times in half and increased virtualization from 65 to 85 percent, reducing server racks from 6 to 0.5.


The Vontobel Group needed to boost the performance of the core banking platform on which all its customer and business interactions are based. It migrated from a RISC platform to x86, powered by the Intel Xeon processor E7-4800 and Intel Xeon processor 5600 series. This has boosted application performance by a factor of three while reducing costs and enhancing manageability.


To learn more, download the new Helvetia Group and Vontobel Group business case studies. As always, you can find many more like this one on the Intel.com Business Success Stories for IT Managers page or the Business Success Stories for IT Managers channel on iTunes. And to keep up to date on the latest business success stories, follow ReferenceRoom on Twitter.

Two questions never fail to come up whenever I’m talking about cloud computing:  What are best practices for cloud security and what are you Intel folks doing together with McAfee to address it?    So when we commissioned a study and cloud security survey on IT perspectives on cloud security, I didn’t think that I’d find too many surprises.   Seeing that 87% of companies surveyed said that they had substantial concerns regarding public cloud security certainly didn’t surprise me, but the fact that 69% had similar levels of concern around private clouds did.

 

While security obviously isn’t just a challenge for public clouds, 65% of respondents believed they had a higher number of security breaches in public clouds vs private ones.   I know many of the leading cloud service providers in the industry and they do a very solid job of managing security and continuously enhancing their features.   But regardless of whether their security feature set is superior to the average enterprise, when it comes to purchasing decisions, perception is reality and apparently we need to help build confidence in IT’s use of public cloud services.

 

To address this need, we’ve been working with McAfee to develop combinations of Intel hardware-enabled features that are exposed and management by McAfee tools to enhance the security capability for both public and private clouds.  In fact, we’ve taking on the joint mission to make security in the cloud as equal or better as best-in-class enterprise security.

 

As an example of some of the capability we’re jointly enabling, we want to enable secure, trusted server pools and allow policies and access tools to recognize when those servers have been secured.   At Intel, we’ve enabled Trusted Execution Technology (TXT) in our latest Xeon E5-based platforms.    This allows virtual environments to boot with hardware-enhanced security features.   We’ve worked with Trapezoid Digital Security to demonstrate how TXT can be combined with McAfee’s e-Policy Orchestrator to demonstrate how to manage permissions based on whether a server has an established hardware root of trust.    This is just one of the elements that we’re highlighting in our joint McAfee and Intel security briefing today.   You can see some of the other solutions and highlights at www.intel.com/cloudsecurity.

 

Want to hear more or see how some of your peers are addressing cloud security?  Then join me at Forecast 2012 – a unique event led by the Open Data Center Alliance (a group of over 300 datacenter and IT professionals) – where both your peers and solutions providers will share their latest thinking on cloud security and best practices.

By: Jason Blosil, Product Marketing Manager, NetApp

 

Jason Blosil has over 15 years of industry experience in finance, marketing, and product management. He is employed at NetApp as a product marketing manager in the core software group and volunteers as the chair of SNIA’s Ethernet Storage Forum (ESF).

 

 

 

Ethernet network technology originated in the 80’s, back when I was sporting a Members Only jacket and a feathered haircut. Since that time, Ethernet has evolved into the de facto standard for Local Area Networks (LAN) and is now establishing a stronger position in the data center. Ethernet is evolving, but has never really gone “out of style.” (My Members Only jacket, on the other hand, has long ago made it to the Goodwill bin).

 

The evolution of Ethernet now includes support for multiple traffic types, such as voice, video, file data, and block data. Ethernet based storage networks, supporting iSCSI and NAS traffic, enjoy increased adoption in data centers, especially for use with highly virtualized server environments. In terms of market share, traditional Fibre Channel networks still represent the largest market for storage area networks (SAN). However, IP storage networks as a whole are growing at a much faster clip at the expense of traditional Fibre Channel networks.  Rather than continue to maintain diverse technologies in the data center, organizations are looking for more efficient ways to manage their sprawling data center infrastructures, and new technologies are needed to make the transition.

 

 

The introduction of Fibre Channel over Ethernet presents an opportunity to consolidate Ethernet and Fibre Channel data center networks onto a single shared 10Gigabit Ethernet (10GbE) infrastructure, delivering increased efficiency and performance, as well as simplified management and lower overall cost. Most implementations of FCoE require dedicated HBAs or Converged Network Adapters (CNA) that run the FCoE protocol stack on an embedded processor. Another approach, however, is to move the FCoE stack onto the server CPU using a native software initiator integrated into the operating system.

 

Open Fiber Chanel over Ethernet Solution Stack Diagram

Overview of Open FCoE Initiator Solution with Intel 10GbE CNA

 


 

Intel, a leader in Ethernet networking devices, is pioneering the use of native initiators for FCoE at the host with Open FCoE. Open FCoE follows the same model as iSCSI software initiators, using standard data center bridging (DCB) enabled 10GbE adapters and CNAs to transport the FCoE protocol generated by a software driver integrated in the operating system or hypervisor and running on the host CPU. Intel is making the bet that the adoption of FCoE will dramatically increase with this design approach, just as it did with iSCSI. This design promises to deliver substantial reductions in cost while also simplifying the management and configuration of FCoE deployments.

 

NetApp and Intel are working closely together to drive 10GbE and FCoE adoption to market with solutions like Open FCoE and Ethernet storage. Our partnership with Intel benefits from years of development, research, and market leadership. NetApp has been shipping 10GbE storage systems since 2006, and was the first to offer FCoE storage in 2009. In 2010, we were the first to introduce Unified Connect, which includes support for FCoE and IP protocols (iSCSI, NFS, CIFS) over a shared 10GbE wire making it possible to deploy a converged Ethernet network, end to end, from server to switch to storage. No other vendor can make that claim.

 

Converged data center networking is a reality with many options available in the market. For many, network convergence is still very new, and strong technology partnerships will help eliminate risks and enable successful technology transitions. So get ready. The transition is coming. And we’ll let time tell if IT trends such as the adoption of Open FCoE will be as interesting to observe as fashion trends. Yeah.

Dream_Works_Intel_Kun_Fu_Panda_Ad.png

 

 

I'm a lover of quality animation, so I was excited to have a chance to have Derek Chan, head of technology for global operations for DreamWorks on Chip Chat talking about how the technologists at DreamWorks are using cutting edge technology to provide a world where the only thing holding back animators is the limits of their imaginations.

 

Our talk discussed the history of computing use within the animation industry and how new generations of server performance such as Intel's recent launch of the Xeon E5 family of processors directly translate to new levels of animation brilliance on the screen. He also discussed the intersect between Moore's Law and Shrek's Law...something everyone should hear about.

 

Enjoy the episode and remember to follow @IntelITS for more!
For more check out Intel Chip Chat on Intel.com, iTunes, and SoundCloud.

iStream.jpgDownload Now

 

As a leader in multi-platform managed broadcast solutions, iStreamPlanet helps companies turn digital content into sustainable revenue streams. Working with cloud innovator Switch Communications, iStreamPlanet deploys a robust infrastructure-as-a-service (IaaS) cloud that uses Intel technologies as the foundation of its server, network, and storage solutions. iStreamPlanet executives say the Intel® Xeon® processor E5 family will help them give their customers a strategic advantage and deliver more compelling media experiences to more consumers at a lower cost.


“Out of the gate, we saw a 20 percent improvement in how quickly we can digitize content for distribution,” explained Mio Babic CEO of iStreamPlanet. “We’re talking about thousands and thousands of hours of content, so to digitize it 20 percent faster or with 20 percent less resources translates to significant savings.”


To learn more, download the new iStream Planet business success story. As always, you can find many more like this one on the Intel.com Business Success Stories for IT Managers page or the Business Success Stories for IT Managers channel on iTunes.  And to keep up to date on the latest business success stories, follow ReferenceRoom on Twitter.

5600 Series.jpgDesigned for industry-leading performance and maximum energy efficiency, the Intel® Xeon® processor 5600 series delivers versatile one-way and two-way, 64-bit, multi-core servers and workstations that are ideal for a wide range of infrastructure, cloud, high-density, and high-performance computing (HPC) applications. Learn how four companies are putting it to work in these new business success stories:

  • Healthy Outcomes for Cerner: RISC migration to Intel Xeon processors 5600 and 7500 series improves up time, performance, and savings for Cerner's mission-critical healthcare applications.
  • Mindspeed Technologies Moves to a Platform for Growth: Standardizing on Intel Xeon processors 5600 series helps Mindspeed Technologies consolidate, reduce costs, and support continued business expansion.
  • Versant Boosts Performance: A high-performance database developer completes tests around 80 percent faster with standardized IT based on Intel Xeon processors 5600 series.
  • Virtual World Comes to Life Quicker for Virtalis: A leading virtual reality company delivers a high-performance solution based on Intel Xeon processor 5680, reducing lead times on customized workstations by approximately 25 percent.

As always, you can find many more business success stories like these on the Intel.com Business Success Stories for IT Managers page or the Business Success Stories for IT Managers channel on iTunes. And to keep up to date on the latest business success stories, follow ReferenceRoom on Twitter.

I get questions occasionally from customers.

 

One recently was, ‘Can Intel Xeon Processors handle a 20TB Oracle database?’

 

We get this question occasionally and the question doesn’t make any sense to me.  I understand the basis of the question; the customer is concerned that Xeon can tackle a very large database.   Is the question really, ‘Can Xeon read in a lot of data and processes it efficiently and quickly?’  We can easily show that the Xeon E7 family of processors can do this faster in benchmark tests than most proprietary RISC processors.

 

xeone7_tpch_1kGB.jpg

Higher is better

 

 

Where the question falls apart is in the premise, can a 64-bit Xeon address 20TB?  If a 64-bit RISC processor can address 20TB, then a 64-bit Xeon will as well.  No database is going to be read 20TB of data at a time and besides, an Oracle database is going to have a lot of space that is either empty or not used.  (For instance is there really 20TB of data or is it really 12TB or less?)  But the concern of the customer usually goes deeper.  So let’s break this issue down.

 

What is the number of users?  This is a useful question.  For instance is it a data warehouse with only a handful of users?  Or is it a highly transactional database with thousands of users?  In either scenario Xeon is great.  (In 2008 and 2009 I was a DBA for Oracle on a benchmark they were running of a 10TB medical database with between 10 and 20 thousand of users.  The Xeon processors for this benchmark were a number of generations ago.)

 

Another question that is maybe being asked is: ‘What is the largest data file I can create for my 20TB database?’  What I’ve found behind this question is a concern regarding the manageability of the database given the number of datafiles that would need to be created to get to 20TB.  (For that benchmark 3 years ago it took me all weekend to build a 10TB database with 1GB datafiles.  I had them spread out but there were an awful lot of them.  Today, with much faster I/O creating a 20TB database will be much faster.)

 

Another concern being raised by the original question would be memory addressability.  For large databases the thinking is that the datasets being processed in memory are very large.  Can Xeon address as much memory as a proprietary RISC processor?  In other words, can Xeon scale up?  Do the platforms sporting a Xeon e7 processor have the memory capacity as servers with a proprietary RISC processor?  We can easily demonstrate that Xeon will fill the bill by platform diversity from various vendords that can support 2TB to 6TB of RAM.

 

Another concern raised by the question might be on concurrent processing.  With a 20TB database a lot of the processing may utilize Oracle’s parallel query function.  The Xeon E7 family with its multiple core and hyper-threading technologies can easily handle significant parallel processing.  For example, I started running Oracle Parallel Query Option, PQO, in 1996 when the feature first came out and I was using a 24 processor Sequent server utilizing Pentium processors.

 

I imagine there are additional ways to break this question down but overall the question: "Can the Xeon E7 processor run a 20TB database?" deserves an answer that addresses the real issues.   The simple answer is a resounding YES!

Please note: A verision of this blog appeared on InformationWeek.com in the Cloud Section as an Intel sponsored post.

 

 

 

 

Before we jump into discussing cloud security frameworks, I’d like to thank all who responded to my first blog on InformationWeek.com through Twitteror LinkedIn. It’s rewarding to know that you found my initial blog on cloud security frameworksworthy of comment. I hope you continue to find my ideas interesting.

 

Now let’s consider today’s topic. While attending the University of Southern California, I was introduced to the concept of systems engineering and management. The premise of this discipline is disarmingly simple. First, the boundaries of any system are defined—sometimes erroneously—by the collective perspective of those participating in the effort. Second, the more complex the effort, the greater the interactions and the more difficult the solution. Finally, if you try to focus on a single technology or business component of that system to the exclusion of others, the success and effectiveness of the effort will likely suffer.

 

In theory, this approach makes sense. But from a more realistic perspective, business, technologists and technology vendors often decide to focus on a single element of a solution and—perhaps intentionally—ignore or overlook proposing solutions from an end-to-end perspective.

 

I wrote about the potential impact of this approach in a blog titled Cloud Lessons and LeMans. The key takeaway was that to build a workable cloud solution framework, you must understand and react to considerations larger than IT and the data center. In many respects, cloud security requires exactly the same considerations.

 

Organizational Behavior

 

A typical IT organization has a stratification of skills, responsibilities, and associated budgets. These are generally structured along platform, operations, and increasingly, lines of business.

 

Stratification is an inherent byproduct of organizational dynamics and how the success of each group is measured (and, in turn, compensated). In this environment, each group becomes detached from the needs of other groups and tends to define trust and risk based on their needs.

 

The cloud is a community of players made up of many diverse groups.  These can include cloud service providers, telco service providers, and perhaps thousands of end users running any number of platforms. If you look at it this way, you begin to understand that the business problems associated with cloud security are significantly harder to resolve than the technical challenges.

 

Are Security Breaches Linear?

 

So let’s say security breaches are linear in nature (subject to discussion). How does a typical organization defend itself?  In a blog written by Billy Cox that discusses security air gapsto separate systems, one might envision this defense as a string of very strong fortifications, erected around your platforms or line of business units, which are purpose-built to keep the bad guys out. I like to call this approach the Fort Knox Syndrome. (While I wish I could claim this term as my own, that honor goes to Ed Gerck, PhD, in a paper titled End-To-End IT Security that was originally published in 2002 and later republished in 2009 by Network Middleware Applications (NMA), Inc.)

 

Otherwise known as the United States Bullion Depository, Fort Knox is a fortified vault in Kentucky that can hold 4,577 metric tons (147.2 million oz. troy) of gold bullion. As you might imagine security in and around the building and its grounds is impressive.

 

Given the stratification of skills, responsibilities, and budgets described earlier, it shouldn’t come as a great surprise that for most organizations, security means building the equivalent of a Fort Knox-type fortification around their platforms and, by default, their application portfolio.

 

Figure 1 shows how this might look at a platform level.

 

Fort Knox Syndrome.jpg

Figure 1. Typical Enterprise Security Platform

 

 

Although the slide is a bit busy, it shows how the Fort Knox Syndrome works in many enterprises today. Each component is protected by its own firewall (represented by the red line surrounding each of the blue ovals). Within each component of the framework, nobody is really concerned about how their firewall impacts any other component of the system. This acknowledges some of the group-based detachment I mentioned earlier. Each component of the model demands some level of security compliance and ultimately has the right to determine who will—or will not—play within their domain.

 

The small cylinders in the figure—which represent identity, policy, and compliance—are the enforcers. Think of the identity cylinder as a simple device authentication capability. The policy cylinder represents a set of rules defining who can have access, the conditions, and under what criteria a device or its user is granted access. The compliance cylinder enforces policies such as maintenance of patch levels, firewall uptime, anti-virus definitions, and configuration vulnerability throughout the infrastructure. In a centralized IT shop today, it’s likely the data center component of this framework drives compliance of the associated elements.

 

But even with this simple model, problems are plentiful. When was the last time your organization experienced some type of security glitch when one component was updated and perhaps not fully tested against the umbrella security framework? I think it’s safe to conclude that the more federated your framework becomes (via a cloud ecosystem), the more the problems the Fort Knox model generates.

 

Please join me as I explore the topic of cloud security across upcoming blogs. For now, and reserving the right to add or modify these topics as we move forward, here are the areas I’ll address in the coming months:

 

  1. Current state security
  2. Security as a factor of cost
  3. Business issues surrounding security
  4. Evaluating new-world security model Investments
  5. Security, data architecture, and big data
  6. Security in Depth (E2E Frameworks)

 

I’m interested in your feedback on today’s blog in general and, specifically, how your enterprise is approaching E2E security and E2E cloud security. Do you consider the two topics as separate but equal or as one and the same discussion?

RTT.jpgDownload Now

 

South Africa’s RTT provides logistics services to clients in industries that demand highly specialized supply-chain solutions including pharmaceuticals and consumer packaged goods. Every day, the company delivers more than 70,000 shipments—over one million kilograms of freight.

 

With new facilities and expanding branches, RTT has a growing customer base that demands the most advanced technology.  It developed a proprietary logistics system to support its mission-critical requirements, based on HP ProLiant* DL980 G7 servers with the Intel® Xeon® processor E7 family. The new system has cut RTT’s hardware costs by 25% and improved performance.

 

“We’re able to grow quickly into new regions because we have the underlying technology infrastructure to support this growth,” says Hemal Kalianji, RTT's CIO. “We are constantly on a drive to improve our systems to be leading edge and maintain our competitive position.”

 

For all the details, download our new RTT business success story. As always, you can find many more like this on the Intel.com Business Success Stories for IT Managers page or the Business Success Stories for IT Managers channel on iTunes. And to keep up to date on the latest business success stories, follow ReferenceRoom on Twitter.

 

*Other names and brands may be claimed as the property of others.

Radvision.jpgThe Intel® Xeon® processor E5 family makes IT more efficient, productive, and secure for enterprises of all types and sizes. Download these new real-life business success stories to see how it can help you meet your toughest IT challenges:

You can find more stories like these here. As always, there are many more business success stories on the Intel.com Business Success Stories for IT Managers page and the Business Success Stories for IT Managers channel on iTunes. And to keep up to date on the latest business success stories, follow ReferenceRoom on Twitter.

Download

 

Better Security.jpgTo learn more about today’s most important security strategies, download “Better Security Drives Innovation,” a new white paper that explores:

  • The high-level evolutions enterprises and their security officers face.
  • Key considerations including people, devices, and data rating.
  • Scenarios following the information lifecycle to implement security policies in the organization.
  • Technologies to better secure the information technology system.
  • Changes in the global environment.
  • Indications, tricks, recommendations, techniques, and useful technologies.
  • How we can move from building firewalls to instilling security behaviors into each employee.

 

Download it here.  And to learn about more enterprise IT solutions, visit the Intel.com IT Center.

1 2 3 60 Previous Next

Filter Blog

By author:
By date:
By tag: