Howard Marks

Network Computing Blogger

Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

See more from this blogger

Pure Storage Boosts Crypto Features, Takes CIA Money

Pure Storage recently announced that it updated its FA-400 all-flash array, boosting both capacity and performance, plus a few significant software enhancements. The company also announced an investment by In-Q-Tel, the CIA's venture capital arm.

While the amount In-Q-Tel paid out wasn't made public, investment from the spook community is a major endorsement when selling to security-centric government and military clients.

More Insights


More >>

White Papers

More >>


More >>

On the security front, the new version of Pure's software encrypts all data on the system at rest using self-encrypting SSDs and AES-256 encryption. I assume the self-encrypting drives come from Samsung, as it's another of Pure's investors.

Pure does key management in an interesting way. Rather than storing the key in a small amount of non-volatile memory on the controller, it encodes the key with dispersal codes, which is similar to mechanisms used by Amplidata and Cleversafe. The key is then spread across all the SSDs in the system; recovering the key requires half plus one of the SSDs.

This means the encryption at rest is good not just for drive disposal but for systems in transit--as long as no more than half the SSDs are shipped via any one interceptable route.

[Encrypting stored data is great for security, but it can also be used for data disposal, says Howard Marks in "The Best Use of Encryption You’ve Never Considered.”]

The performance and capacity improvements for the FA-400 come from updating the system to the latest components from their suppliers. Faster Sandy Bridge (Xeon E5-2600) processors and more memory boost the system's IOPS rating from 200 to 400K. Bigger SSDs double the raw flash capacity to 23TB, which with Pure's deduplication should yield somewhere between 80TB and 100TB of space for most users.

Software updates include low- or zero-impact snapshots and integration with host offload interfaces such as VAAI and ODX. Interestingly, the snapshot mechanism isn't tied to LUNS or logical volumes, thus allowing the system to take snapshots of arbitrary LBA ranges. While this will require some future software integration, it lays the groundwork for per-VM snapshots via vVols and consistency groups.

The system also now supports in-place upgrades of all components, including the controllers, so users can upgrade to the new FA-400 controllers without downtime.

In addition, Pure has built an interesting cloud management model. FA-400 systems report their health to Pure's NOC more or less continuously. For administrators trying to troubleshoot the product, this eliminates tedious process of opening a ticket, waiting for a response, sending logs, waiting for a response, and so on. It also allows Pure to proactively correlate events across customers, so Pure can notify customers that have similar usage patterns to install patches before those patterns trigger a bug.

A Changing Market From where I sit, the market opportunity has come and gone for drag racers--that is, the very fast but feature-limited flash systems from vendors such as IBM/TMS and Violin. Now that full-featured, all-flash arrays can deliver 400,000 IOPS along with deduplication, snapshots and the rest of the storage management capabilities we've come to expect from a disk array, there's no reason to buy a fast rackmount SSD.

IBM and Violin have recognized this, but their response of adding third-party storage management to a management processor and putting the rackmount SSD behind a virtualization engine like SVC is a stopgap at best.

Will Pure Storage join EMC and NetApp as a mainstay of the storage industry? Maybe. Each time a raft of startups brings new technology to market, the results are pretty much the same: a couple get picked up by the big boys at a good price, like 3Par and EqualLogic; a few go for pennies on the dollar, like Exanet or OnStor.

If a company is lucky, it becomes a player in its own right, but the odds are long. Pure Storage has managed to establish the mind share needed to become a player, but whether it can turn that mind share into substantial sales is still an open question.

Note: The folks at Pure Storage asked me not to use the term "spook" to refer to In-Q-Tel, the CIA, No Such Agency, the DIA or any other government body that may be flying a black helicopter over my house, but I just couldn't resist.

Related Reading

Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Research and Reports

Network Computing: April 2013

TechWeb Careers