Computer data is becoming increasingly important (see my Figure for the capacity growth of disk, NAND and DRAM devices) and difficult for users’ organisations to plan, manage and defend.
IBM, like other storage systems suppliers, has recognised this growing importance through embracing Software Defined Storage (SDS), while constantly adding new technology (such as NVME drives and non-IBM storage protocol connectors) and features to give its users the maximum amount of control over what might otherwise be an insurmountable problem. In this post I describe IBM’s latest additions and enhancements and how they help its customers.
IBM’s Q1 2019 storage announcements
As always, IBM’s storage division has been very busy in the last few months. In particular:
On December 11th it launched its NVIDIA DGX Reference Architecture for Spectrum Storage for AI – for a number of years advanced users have used NVIDIA’s high performance graphics cards for complex mathematical processing.
On February 5th it announced:
- IBM Storage for Containers and Cloud, which includes:
- IBM Storage Solutions for IBM Blockchain V1.0 – a new blueprint for the use of its storage in its blockchains, including a Remote Peer Solution for storage management and support for off-chain storage
- IBM Storage Solutions for IBM Cloud Private – an enhanced blueprint including support for Spectrum Scale, IBM z Persistent File Storage and ‘Integrate Day 0’ deployments and automation,
- IBM Storage Solutions for Analytics which now includes Cloud Private for Data for analytic workloads incorporating file and block storage support,
- IBM Cloud Object Storage which now adds NFS/SMB file access for object storage.
- AI Storage in its FlashSystem A9000 and A9000R – its new firmware release adds de-duplication with AI capabilities and advanced heuristic techniques for real-time analysis of meta-data for de-duplication and capacity estimations.
- Modern Data Protection – it has added retention sets to Spectrum Protect; for Spectrum Protect Plus it has added a range of features including offload to AWS and Azure clouds (as well as to IBM Cloud Object Storage, either as a cloud or on-premise resource), enhanced offload and support for Microsoft Exchange and MongoDB databases to Spectrum Protect Plus.
The Blockchain, Cloud Private and Analytics solution blueprints show that IBM is emulating and testing how organisations deploy storage solutions when building advanced, new and often very different types of application. IBM is enabling a wider use of public cloud resources through adding the ability to offload data to AWS and Azure, as well as through the addition of new file access protocols and databases. While its own cloud services business is doing very well, its intention in the storage business is to help customers adopting ‘hybrid multi-cloud’ approaches, where they choose the most appropriate infrastructure in terms of scalability, agility and cost.
IBM storage’s developing cyber resiliency – an MDR approach from inside
In the wider IT market cyber security protection techniques are evolving with new Managed Detection and Response (MDR) services – heavily dependent on AI and Machine Learning (ML) – beginning to be deployed to enhance signature-based software providing anti-virus, intruder detection and protection solutions. My Figure shows the mixture of cyber defence techniques – please note NDR is a new name for Network Traffic Analysis (NTA).
IBM is doing something similar for its storage systems customers. Its three level approach is:
- Planning – multi-key data encryption of the data on its arrays, the creation of a baseline understanding of normal business and storage patterns, the choice of ‘air-gap’ infrastructures for secure backups (tape, IBM Cloud Object Storage or public cloud) and the orchestrated ingestion and automated copying of critical data sets to the chosen air gap solution;
- Detection – the use of AI to monitor and detect abnormal activity, the use of role-based access control and APIs to limit the exposure of an organisation to an attack and the management of secondary data to make it easier to replace affected data;
- Recovery – the ready availability secondary data from tape, IBM Cloud Object Storage or air-gap cloud to replace affected data, the choice of on-demand rapid data restoration and the ability to script recovery tasks through the centralised audit logs and APIs.
IBM designs systems with security built in and provides tools for managing an organisation’s data securely from within the network (as opposed to MDR suppliers who provide services from outside). Beyond its storage division it is also of course a major Managed Security Service Provider (MSSP). I recently attended an analyst meeting inside an IBM X-Force shipping-container-based Security Operations Centre (SOC) in which we attempted to respond to a simulated cyber security attack. I was surprised how difficult it was to react effectively. IBM’s evolving protection of its storage portfolio should have a positive effect on dealing with cyber attacks through data encryption, monitoring and automated response to abnormal data movement and the use of air-gapped secondary storage to replace affected data speedily.
Cyber security is a growing problem for all as systems become more complex and those attacking us multiply. IBM shows us the value of adding security measures at the design stage, in operation and in the recovery from successful attacks. It offers resilient systems, which will be attractive to security-cautious industry sector customers and to those caught out by experience of data breaches and cyber attacks.
I’ve summarised the announcements in the Figures below.
©ITCandor Limited – unauthorised copying of this content is illegal and will be rigorously defended by us through court action