Market Roundup

August 31, 2007

IBM Announces System Storage DS3300

McAfee to Package PCI Compliance Products

IBM Updates BladeCenter QS21


IBM Announces System Storage DS3300

By Clay Ryder

IBM earlier this week announced the System Storage DS3300, a new entry-level disk array featuring integrated management software targeted at SMBs, especially those seeking to consolidate storage for a variety of users. Using iSCSI interfaces, next-generation SAS back-end technology, and DS3000 management software, the DS3300 offers robust, reliable, cost-effective shared storage even for organizations of modest scale. The DS330 enables organizations to transition from DAS configurations to an IP SAN with considerably less effort than required of past solutions. The installation wizards guide administrators through setup and configuration so that organizations with minimal or no IT staff experienced in storage solutions can successfully install a DS3300. The DS3300 is positioned as an easy-to-use IP SAN for SMB customers seeking an alternative to a traditional Fibre Channel SAN as part of their transition from a DAS environment. The DS3300 features SAS hard drives with expansion capability through the IBM System Storage EXP3000 Expansion Unit for up to 14.4TB of raw capacity with scale up to forty-eight hard disk drives. Customers can elect to include enhanced data protection features such as FlashCopy for point-in-time, full-volume copies of data, and VolumeCopy for full logical drive replication. In addition, IBM has announced two new Express models based on the DS3400 (FC array) that have achieved designation as Microsoft Simple SAN Solutions. The DS3400 solutions incorporate IBM SAN16B-2 Switches and IBM Emulex 4 GBps FC 1-port PCI-E Enterprise Host Bus Adapters (HBA). IBM is working with Emulex to deliver its EZPilot software to configure the various components of the DS3400 Express Kit and tie together the DS3400, Brocade Switch, and the Emulex HBAs in a straightforward manner. The IBM System Storage DS3300 will be generally available September 7, 2007 with a beginning list price of $5,000.

This announcement illustrates a larger movement that we have seen afoot in the industry overall, namely, the availability of multiple interconnect technologies within a given product line. Gone are the days where only high-end arrays featured FC and moderately priced disks were only found in the most basic product offerings. With the DS3300, the DS3000 series now provides customers with a range of host interface connectivity including, SAS, FC, and iSCSI. For end users this means greater choice and hence flexibility in their purchase decisions as they can choose the connectivity that best meets their needs without necessarily placing themselves within with a price bracket or being forced to purchase unwanted capabilities in order to gain the preferred connectivity. Further, scalability that is reasonable for the target SMB customer base is ensured through the expansion unit. While 14TB may not seem a huge amount of storage, for departmental usage or for organizations of more modest scale, this is more than likely well within the need at hand. Of course, given the SAN nature of the storage, this is by no means a hard limit.

The new Express models of the DS3400 are also interesting for their attention to making storage easier to deploy by non-storage professionals. In line with its overall Express product methodology, IBM has sought to mitigate the skill set issue by simplifying the deployment process through the inclusion of the EZPilot software along with the installation wizards. This approach is well positioned to meet the needs of midsized organizations that could benefit from a FC SAN but lack the internal skill sets commonly associated with such deployments. This again illustrates the crossover of what was once considered a high-end approach into the broader marketplace. Notably absent from this announcement was any mention of services. Although services are important not only for customers but also for the operating margins of vendors, in this case we believe the fact that services were not mentioned further exemplifies the potentially wide-ranging appeal of this solution. If organizations are likely to be able to deploy DS3300 without external assistance, this bodes well not only for the Express moniker specifically, but more importantly for SMBs who could now take advantage of the relative simplicity and ease use afforded by a SAN, with the commensurate improvement in operational efficiency and expense. For many SMBs, we expect this may just prove to be a combination that reignites the strategic discussion of SAN vs. DAS to most any organization’s benefit.

McAfee to Package PCI Compliance Products

By Lawrence D. Dietz

McAfee, Inc. has announced the Easy PCI Plan, designed to help companies achieve compliance with the Payment Card Industry Data Security Standard in advance of government deadlines. The New McAfee Easy PCI Plan includes integrated protection and compliance solutions, along with certified PCI consulting and audit services provided by Foundstone Professional Services. The offering includes products such as McAfee Total Protection, McAfee Foundstone, and McAfee IntruShield. All three solutions map directly to PCI standard requirements to help companies pass critical PCI audits and achieve sustainable compliance. McAfee Foundstone Professional Services is a PCI-certified Qualified Security Assessor.

At the heart of the McAfee Easy PCI Plan are solutions that directly map to well over half of the twelve distinct requirements of the latest PCI DSS standard (v1.1). When combined with certified McAfee consulting and audit services, the Easy PCI plan provides a prescriptive approach for addressing the primary PCI pain points such as passing the PCI audit and meeting the September 30 deadline, selecting and deploying a layered security model that sustains compliance, proactively protecting sensitive credit card data—including the systems that store it—with good industry practices for protection and prevention. The combination of products and services provide coverage for system passwords and other security, antivirus software or programs, secure systems and applications, the use of unique IDs for persons with computer access, access to network resources and cardholder data, and regular testing of security systems and processes.

McAfee IntruShield provides network intrusion prevention that monitors networks in realtime to prevent attacks and intrusions on unmanaged or vulnerable systems. For example, IntruShield can protect unpatched Point of Sale terminals or prevent malicious attempts to steal sensitive PCI data. Built-in features include integrated Network Access Control, anti-spoofing, internal firewall, and encrypted threat protection. McAfee Foundstone provides a network-based vulnerability management appliance to run regular vulnerability scans on systems and other critical assets, while helping to keep system patch levels up to date. Integration with IntruShield allows highly vulnerable systems or hosts to be prioritized as high risk so that remediation can be triggered. McAfee Total Protection Enterprise provides agent-based software that delivers critical protection, including antivirus, anti-spyware, personal firewall, host intrusion prevention, and NAC. In addition, McAfee Host Data Loss Prevention can be a critical element of establishing good industry practices for preventing the loss of sensitive credit card data.

There are a couple of very positive attributes of this announcement. First of all McAfee is clearly demonstrating that it identifies with the customer’s issues, showing how its products and services combine to address specific pieces of what can be some very complicated requirements. McAfee has also been clever enough to cobble together security products that address top-of-mind issues such as Network Access Control and Data Loss Prevention. The icing on the product cake is the availability of professional services purported to help customers scope their needs and implement the appropriate McAfee products in a cost-effective manner. These are not vendor-neutral services, these are services to help maximize the vendor’s revenue and hopefully help customers get the most out of their purchase.

However, there are some aspects of the announcement that pose key questions. For example, what size entity are these services aimed at? If McAfee is aiming for the bottom end of the elusive middle market, we wonder whether that size organization is sophisticated enough to handle this much technology. There is also the issue of one-size-does-not-fit-all. Large end users in particular like to employ a number of security products from different vendors, and these McAfee products might not be right for all those organizations interested in PCI compliance. Last but not least, there is the crucial conundrum of partners. No software vendor can exist without a partner ecosystem. Many McAfee VARs may feel that Foundstone is taking food out of their children’s mouths and some might consider defecting to crosstown rival Symantec. An alternative view is that organizations already working with security-oriented VARs are likely to maintain that relationship in spite of the option of using Foundstone. However, overall we believe other vendors with combinations of products should consider this approach as a way to help their customers understand how products work together and, of course, to increase top-line revenue.

IBM Updates BladeCenter QS21

By Clay Ryder

IBM has introduced a new version of the IBM BladeCenter QS21 based on the Cell Broadband Engine as well as the IBM SDK for Multicore Acceleration Version 3.0, which is the cornerstone of the CellBE software ecosystem and developer enablement program. The IBM BladeCenter QS21 is a standard-width blade allowing customers to outfit a BladeCenter chassis with a maximum of fourteen QS21’s, twice the density of the previous version which was limited to seven blades per chassis, and offers an additional 2GB of I/O buffer memory and support for sixteen lanes of single data rate Infiniband connectivity. These latest offerings are targeted at organizations in a range of industries that create and run visual, graphic, and immersive, realtime applications such as 3D rendering, compression, and encryption. According to IBM, The BladeCenter QS21 is one of the most power-efficient computing platforms to date, generating a measured 1.05GigaFLOPS/watt.  With its peak performance of approximately 460GFLOPS, clients can achieve 6.4TeraFLOPS in a single BladeCenter chassis and over 25.8TeraFLOPS in a standard 42U rack. The IBM BladeCenter QS21 will be generally available October 26, 2007.

The IBM SDK for Multicore Acceleration Version 3.0 includes industry standard libraries that provide system services and programming model support, as well as a systematic tutorial with example code, demonstration programs, compliance tests, and extensive documentation to enhance productivity in CellBE development. The SDK also features debugging tools as well as performance analysis and tuning tools and includes early release features such as libraries that support a hybrid computing methodology. The Accelerated Library Framework for Hybrid-x86 and the Data Communication and Synchronization Library for Hybrid-x86 programming models allow automatic partitioning of an application across a hybrid platform consisting of an x86-based system and one or more CellBE processor-based BladeCenter QS21. The IBM SDK for Multicore Acceleration Version 3.0 will be generally available October 19, 2007.

The Cell-BE is an interesting processor, and it is finding itself taking up residence in many different places including gaming consoles, specialty engines for mainframes, super computers, and server blades, among others. With this next generation of the CellBE-equipped blade, we see some improvements that may help broaden the applicability of this processor beyond that of its historically vertically focused applications, such as HPC, or gaming for that matter. By bringing the performance of the CellBE into a single-width blade, with the requisite connectivity speedway through sixteen InfiniBand lanes, we see the QS21 having the potential to cause organizations to rethink some of their approaches to computing workloads, especially those that could benefit from access to high-speed dynamic graphic rendering or number crunching but that have not previously done so. This might include simply using the CellBE processor as a driver of next-generation interactive visual information display scenarios or it could include leveraging the processor for offloading cryptographic or other similar intensive workloads.

Echoing our thoughts on the CellBE + mainframe combination, we can think of scenarios where the combination of CellBE with other platforms such as x86 or POWER would be well suited, for example, genomics research, DNA sequencing, and other scientific applications where there is a combination of intensive data processing combined with rich graphical representations. This would be a hybrid of realtime and “static” data processing workloads (perhaps large amounts of static data such as test/lab results) whose values are an input to a dynamic computational element or rendering, or perhaps using the capabilities of the QS21 to render realtime graphical representations of business or operational efficacy across the enterprise. Log files and reporting provide a textual understanding of discrete events, but it is difficult to “see” the overall health of an organization or infrastructure from discrete facts. But in a graphical approach, these may be very different, yet ultimately useful. Of course, with all the focus on security in today’s marketplace, cryptographic offload could be another function supported by CellBE, especially given the SDK delivered that supports the hybrid approach to application deployment.

Overall, we are intrigued by the potential whenever technologies are leveraged in new and interesting ways. To our way of thinking, this is announcement is much more than simply creating a new blade or providing a new SDK, rather it is marrying a variety of workloads including back-end processing, rich graphical rendering, and general-purpose infrastructure, and with it exposing new ways to address application workloads while creatively taking advantage of the versatility of the blade chassis platform.

The Sageza Group, Inc.

32108 Alvarado Blvd #354

Union City, CA 94587

510·675·0700 fax 650·649·2302


Copyright © 2007 The Sageza Group, Inc. May not be duplicated or retransmitted without written permission.