Security researchers with Eclypsium, a firm created by two former Intel executives that specializes in rooting out vulnerabilities in server firmware, have uncovered vulnerabilities affecting the firmware of Supermicro servers. Fortunately, it’s not easily exploited.The good news is these vulnerabilities can be exploited only via malicious software already running on a system. So, the challenge is to get the malicious code onto the servers in the first place. The bad news is these vulnerabilities are easily exploitable and can give malware the same effect as having physical access to this kind of system.“A physical attacker who can open the case could simply attach a hardware programmer to bypass protections. Using the attacks we have discovered, it is possible to scale powerful malware much more effectively through malicious software instead of physical access,” Eclypsium said in a blog post announcing its findings.To read this article in full, please click here
Intel formally introduced the Optane DC persistent memory modules late last week, an entirely new class of memory and storage technology designed to sit between storage and memory and provide expanded memory capacity and faster access to data.Unlike SSDs, which plug into a PCI Express slot, Optane DC is built like a thick memory DIMM and plugs into the DIMM slots. Many server motherboards offer as many as eight DIMM slots per CPU, so some can be allocated to Optane and some to traditional memory.That’s important because Optane serves as a cache of sorts, storing frequently accessed data in its memory rather than forcing the server to fetch it from a hard disk. So, server memory only has to access Optane memory, which is sitting right next to it, and not a storage array over Fibre Channel.To read this article in full, please click here
Intel formally introduced the Optane DC persistent memory modules late last week, an entirely new class of memory and storage technology designed to sit between storage and memory and provide expanded memory capacity and faster access to data.Unlike SSDs, which plug into a PCI Express slot, Optane DC is built like a thick memory DIMM and plugs into the DIMM slots. Many server motherboards offer as many as eight DIMM slots per CPU, so some can be allocated to Optane and some to traditional memory.That’s important because Optane serves as a cache of sorts, storing frequently accessed data in its memory rather than forcing the server to fetch it from a hard disk. So, server memory only has to access Optane memory, which is sitting right next to it, and not a storage array over Fibre Channel.To read this article in full, please click here
After years of shrinking sales, the server market is suddenly hot, very hot. According to the latest figures from IDC, worldwide server shipments increased 20.7% year over year to 2.7 million units in Q1 of 2018, and revenue rose 38.6%.This is the third consecutive quarter of double-digit growth, and it’s being driven by a number of factors. They include a marketwide enterprise refresh cycle, strong demand from cloud service providers, increased use of servers as the core building blocks for software-defined infrastructure, broad demand for newer CPUs, and growing deployments of next-generation workloads.Average selling prices (ASP) increased during the quarter due to richer configurations and increased component costs. The increased ASPs also contributed to revenue growth. Volume server revenue grew by 40.9%, to $15.9 billion, while midrange server revenue grew 34%, to $1.7 billion, and high-end systems grew 20.1%, to $1.2 billion.To read this article in full, please click here
After years of shrinking sales, the server market is suddenly hot, very hot. According to the latest figures from IDC, worldwide server shipments increased 20.7% year over year to 2.7 million units in Q1 of 2018, and revenue rose 38.6%.This is the third consecutive quarter of double-digit growth, and it’s being driven by a number of factors. They include a marketwide enterprise refresh cycle, strong demand from cloud service providers, increased use of servers as the core building blocks for software-defined infrastructure, broad demand for newer CPUs, and growing deployments of next-generation workloads.Average selling prices (ASP) increased during the quarter due to richer configurations and increased component costs. The increased ASPs also contributed to revenue growth. Volume server revenue grew by 40.9%, to $15.9 billion, while midrange server revenue grew 34%, to $1.7 billion, and high-end systems grew 20.1%, to $1.2 billion.To read this article in full, please click here
It’s a good thing AMD had the sense not to rub Intel’s nose in the Meltdown/Spectre vulnerability, because it would be getting it right back for this one: Researchers from the Fraunhofer Institute for Applied and Integrated Safety in Germany have published a paper detailing how to compromise a virtual machine encrypted by AMD's Secure Encrypted Virtualization (SEV).The news is a bit of a downer for AMD, since it just added Cisco to its list of customers for the Epyc processor. Cisco announced today plans to use Epyc in its density-optimized Cisco UCS C4200 Series Rack Server Chassis and the Cisco UCS C125 M5 Rack Server Node.To read this article in full, please click here
It’s a good thing AMD had the sense not to rub Intel’s nose in the Meltdown/Spectre vulnerability, because it would be getting it right back for this one: Researchers from the Fraunhofer Institute for Applied and Integrated Safety in Germany have published a paper detailing how to compromise a virtual machine encrypted by AMD's Secure Encrypted Virtualization (SEV).The news is a bit of a downer for AMD, since it just added Cisco to its list of customers for the EPYC processor. Cisco announced today plans to use EPYC in its density-optimized Cisco UCS C4200 Series Rack Server Chassis and the Cisco UCS C125 M5 Rack Server Node.To read this article in full, please click here
It’s a good thing AMD had the sense not to rub Intel’s nose in the Meltdown/Spectre vulnerability, because it would be getting it right back for this one: Researchers from the Fraunhofer Institute for Applied and Integrated Safety in Germany have published a paper detailing how to compromise a virtual machine encrypted by AMD's Secure Encrypted Virtualization (SEV).The news is a bit of a downer for AMD, since it just added Cisco to its list of customers for the EPYC processor. Cisco announced today plans to use EPYC in its density-optimized Cisco UCS C4200 Series Rack Server Chassis and the Cisco UCS C125 M5 Rack Server Node.To read this article in full, please click here
Open source has taken over the server side of things, but admins are doing a terrible job of keeping the software patched and up to date.Black Duck Software, a developer of auditing software for open-source security, has released its annual Open Source Security and Risk Analysis, which finds enterprise open source to be full of security vulnerabilities and compliance issues.[ For more on IoT security see our corporate guide to addressing IoT security concerns. | Get regularly scheduled insights by signing up for Network World newsletters. ]
According to the study, open-source components were found in 96% of the applications the company scanned last year, with an average of 257 instances of open source code in each application.To read this article in full, please click here
Open source has taken over the server side of things, but admins are doing a terrible job of keeping the software patched and up to date.Black Duck Software, a developer of auditing software for open-source security, has released its annual Open Source Security and Risk Analysis, which finds enterprise open source to be full of security vulnerabilities and compliance issues.[ For more on IoT security see our corporate guide to addressing IoT security concerns. | Get regularly scheduled insights by signing up for Network World newsletters. ]
According to the study, open-source components were found in 96% of the applications the company scanned last year, with an average of 257 instances of open source code in each application.To read this article in full, please click here
With so much going on in the enterprise storage world, two bits of good news have come out — and it’s only Tuesday. Capacity is going up, and prices are coming down.According to the report from DRAMeXchange, the enterprise SSD market has been growing fast. It projects enterprise SSD sales to top 30 million units this year, up from fewer than 20 million units in 2016, and that rate of growth is expected to continue in the next three years.That’s despite tight supply for memory chips in the first quarter resulting in high average selling prices. For the second quarter, which we are in the midst of, DRAMeXchange expects a rebound in demand due to increased supply.To read this article in full, please click here
In my earlier blog post on SSD storage news from HPE, Hitachi and IBM, I touched on the significance of NVMe over Fabric (NoF). But not wanting to distract from the main storage, I didn’t go into detail. I will do so with this blog post.Hitachi Vantara goes all in on NVMe over Fabric
First, though, an update on the news from Hitachi Vantara, which I initially said had not commented yet on NoF. It turns out they are all in.“Hitachi Vantara currently offers, and continues to expand support for, NVMe in our hyperconverged UCP HC line. As NVMe matures over the next year, we see opportunities to introduce NVMe into new software-defined and enterprise storage solutions. More will follow, but it confuses the conversation to pre-announce things that customers cannot implement today,” said Bob Madaio, vice president, Infrastructure Solutions Group at Hitachi Vantara, in an email to me.To read this article in full, please click here
The tech industry got a jolt last week worse than the 3.5 magnitude quake that hit Oakland, California, on Monday. A report by Bloomberg, citing the usual anonymous sources, said that after a whole lot of R&D and hype, Qualcomm was looking to shut down or sell its Centriq line of ARM-based data center processors.Qualcomm launched the 48-core Centriq 2400 last November. At the time, potential customers, such as Microsoft, Alibaba and HPE, took to the stage to voice their support and interest.To read this article in full, please click here
The tech industry got a jolt last week worse than the 3.5 magnitude quake that hit Oakland, California, on Monday. A report by Bloomberg, citing the usual anonymous sources, said that after a whole lot of R&D and hype, Qualcomm was looking to shut down or sell its Centriq line of ARM-based data center processors.Qualcomm launched the 48-core Centriq 2400 last November. At the time, potential customers, such as Microsoft, Alibaba and HPE, took to the stage to voice their support and interest.To read this article in full, please click here
When three major vendors all make similar product announcements, you know things are cooking in that space. In this case, Hitachi Vantara, HP Enterprise, and IBM all made news around SSD-based storage, much of it related to de-duplication and other ways to get control over data creep.With users generating gigabytes of data every week, the solution for many enterprises has been to throw storage at it. That can get expensive, especially with SSD. SSD averages about 40 cents per gigabyte, while HDD storage averages about 5 cents per gigabyte.To get control over data sprawl, storage vendors are offering de-duplication, or in the case of Hitachi Vantara, better de-duplication with their new systems. We’ll run down the news alphabetically.To read this article in full, please click here
It’s rare to see a processor find great success outside of the area it was intended for, but that’s exactly what has happened to the graphics processing unit (GPU). A chip originally intended to speed up gaming graphics and nothing more now powers everything from Adobe Premier and databases to high-performance computing (HPC) and artificial intelligence (AI).GPUs are now offered in servers from every major OEM plus off-brand vendors like Supermicro, but they aren’t doing graphics acceleration. That’s because the GPU is in essence a giant math co-processor, now being used to perform computation-intensive work ranging from 3D simulations to medical imaging to financial modelingTo read this article in full, please click here
It’s rare to see a processor find great success outside of the area it was intended for, but that’s exactly what has happened to the graphics processing unit (GPU). A chip originally intended to speed up gaming graphics and nothing more now powers everything from Adobe Premier and databases to high-performance computing (HPC) and artificial intelligence (AI).GPUs are now offered in servers from every major OEM plus off-brand vendors like Supermicro, but they aren’t doing graphics acceleration. That’s because the GPU is in essence a giant math co-processor, now being used to perform computation-intensive work ranging from 3D simulations to medical imaging to financial modelingTo read this article in full, please click here
Cavium this week announced general availability of ThunderX2, its second-generation 64-bit, ARM-based system-on-a-chip (SoC) line of server processors. And it’s coming with some big-name endorsements.The first generation, ThunderX, had a more muted launch two years ago. No one wanted to get on Intel’s bad side, it seemed, and Intel was viewing ARM, not AMD, as its biggest threat. Fast forward two years, and Cavium has endorsements from HPE, Cray, and Atos, as well as HPC users such as Sandia National Labs and the U.K.’s GW4 Isambard project.Cavium announced ThunderX2 almost two years ago. It’s not an upgrade to ThunderX; it’s a whole new chip. It acquired a line of ARM server processors code-named Vulcan from Broadcom after the company was acquired by Avago and decided to shed its data center effort.To read this article in full, please click here
Research conducted by market research firm IHS Markit found that 74 percent of firms surveyed had SD-WAN lab trials in 2017, and many of them plan to move into production this year.The report, titled “The WAN Strategies North America” (pdf, registration required), found security is the number one network concern by a wide margin and the top reason to invest in new infrastructure, as companies must fend off the constant threat of cyber attacks.There are other reasons, as well, such as traffic growth, company expansion, adoption of the Internet of things (IoT), the need for greater control over the WAN, and the need to put WAN costs on a sustainable path.To read this article in full, please click here
Research conducted by market research firm IHS Markit found that 74 percent of firms surveyed had SD-WAN lab trials in 2017, and many of them plan to move into production this year.The report, titled “The WAN Strategies North America” (pdf, registration required), found security is the number one network concern by a wide margin and the top reason to invest in new infrastructure, as companies must fend off the constant threat of cyber attacks.There are other reasons, as well, such as traffic growth, company expansion, adoption of the Internet of things (IoT), the need for greater control over the WAN, and the need to put WAN costs on a sustainable path.To read this article in full, please click here