Skip navigation

The Data Stack

September 11, 2009 Previous day Next day

Cryptography, encryption, identity theft, rootkit, malware - none of this sounds familiar? You're not alone. These are words that identifies with managing, communicating, and protecting information and data in business environment and in our personal life.  Rootkit and malware are nasty software that get below the hypervisor and OS to infect your computer system. Cryptography is the science of secret codes, transforming data from ordinary readable form into unintelligible gibberish in order to provide confidentiality, integrity and authentication for data protection, end to end protection, and access control. The challenge is that historically, cryptography has been complex and computation costly.


Why is cryptography hot in the marketplace today, especially in the enterprise? For starters, over 90 million consumers have been notified of potential security breaches regarding personal information since 2005 per privacyrights website. The rate is accelerating and the attacks are more complex and harder to detect. There is a shift from attacks that infects millions of computers to one which targets a few banks/government agencies with sensitive financial and personally identifiable information. In the highly virtualized environment of computing today, several virtual machines share the same hardware resources. The hardware resources needs more secure protection as there are more eggs in one basket. Encryption provides the defense in depth that even if the systems are compromised, information is lost, it is still possible to make the information unusable through symmetric, asymmetric, and hash crypto schemes. Encryption also provides data protection increasingly important due to HIPPA (health), SOX (US companies), and PCI (payment card industry) regulation compliance


Asymmetric cryptography involving a public and private key, symmetric cryptography with just one key, and hashes are all cryptography types. Advanced Encryption Standard (AES) is a type of symmetric cryptography that has been adopted by the US government as well as other governments in the world.  Three main enterprise AES usage models include secure transactions with SSL/HTTPS/FTP/SSH/Ipsec, software full disk encryption (FDE), and application level encryption in databases, mail servers etc.


As for AES-NI, it comprises 7 instructions for accelerating different sub-steps of the AES algorithm. 4 instructions to perform the first round and last round of the 10/12/14 rounds of transformation that encrypts 128b of data from plaintext to ciphertext and vice versa. 1 instruction for mix column operation and 1 instruction for generating the next round key. The 7th instruction, CLMUL, does the packed carry-less multiply in hardware. The benefit are reduction of software side-channel attacks and reduction of performance overhead.


To find out more, please attend my class "Securing the Enterprise with AES-NI" class with Michael Kounavis and come see the "Westmere-EP Encrypting the Internet" demo at Fall IDF in San Francisco.

What if someone told you that more than 10% of the dollars you spent powering your servers did no useful computing work?  This sounds wasteful, however, that 10% is spent spinning the air movers that remove the heat generated through power conversion and powering of silicon and peripherals.


As a thermal and acoustic architect for servers it’s my goal to reduce that 10%, but the electrical energy going into a computer is converted to heat.  That heat must be removed to ensure components stay within their temperature limits ensuring data integrity and long term reliability.


For years and years the focus was on improving performance, even if that 10% sometimes pushed up to 20% in extreme cases.  In today’s environment, performance requirements must now be balanced with the power required to create that performance.  This change has driven a wide array of silicon features that can create that balance but the overall server cooling design must adapt to take advantage of those features while using the most cooling-efficient thermal components.


The session ETMS002, ‘Server Cooling Design Optimization for Low Power Consumption', at the upcoming IDF will provide answers demonstrating how servers are becoming more 'cooling-efficient' while ensuring that performance can be maximized.  Cooling tradeoffs based on board layout, heat sink selection and usage of silicon thermal management features will be discussed and quantified with regard to their impact on potential power savings.

Whether you are concerned with server design itself or with becoming more informed on purchasing decisions, this IDF session will enable you to understand the cooling and thermal management implementations that will save energy and reduce total cost of ownership.           

I wanted to share my excitement and some details about an upcoming demo at IDF 2009 (San Francisco, Sept 22-24, 2009) that will demonstrate advanced trading on Nehalem-EX.


Using the power of the 8-Core Intel® Xeon® Processor codenamed Nehalem-EX, NYSE Technologies will demonstrate a complete Smart Order Routing System in a single box that has a total of 32 cores. The demonstration will process the entire OPRA feed and all north American equities feeds, apply rules to decide when to trade and convert the order information into FIX format for delivery to the trading venue.


The demonstration will show NYSE Technologies’ Market Data Platform V5™ feed handlers processing raw market data at a rate of over 1.5 million updates per second; NYSE Technologies’ Data Fabric™ messaging platform will pass those messages via its Local Direct Memory transport to a mock Smart Order Routing program which will use Data Fabric again to pass orders to a NYSE Technologies’ Market Access Gateway. Typically, these processing tasks are designed as a three tier model with two latency inducing network hops. Deploying this solution in a single server provides for an order of magnitude reduction in latency.


Nash Palaniswamy (Intel)

Register and mark your calendar.  On Sep 23, 10am EDT (New York) / 14:00 GMT / 16:00 CEST (Paris), Red Hat and Intel team will host another webinar, guiding you through the steps to take to migrate your enterprise workload from UNIX/RISC to RHEL/Intel.  The "why" and economics of the migration is now quite evident.  This webinar presents "how" a migration should be carried out.  The time is scheduled best for audience in Europe, Middle East, and Africa, but also works well for those on the east coast of Americias.

In the mean time, Red Hat has written this migration whitepaper that walks you through methodologies of a migration.

Happy migration!  and drive your data center cost down!

There has always been a Linux option for enterprise workloads.  But today, with greater uncertainty and greater pressure for cost reduction, the option, these days, is now THE course to take.  But how? 

Here are two whitepapers we developed with our friends in the industry, giving data center managers guidance and directions on what to look for and what actions could be taken for UNIX/RISC to Linux/Intel migration. 


With Ziff Davis, Dell, Red Hat...;jsessionid=BF37C65ED3F67E934DD8DB579D28898E.node3COMS


With Red Hat...;jsessionid=BF37C65ED3F67E934DD8DB579D28898E.node3COMS

Also, visit for more information on the RISC migration program we run with Red Hat.

Filter Blog

By date: By tag: