Welcome to 2019! I hope that you had a safe and festive one. It’s only been 2 weeks since the last Storage Short Take and – hopefully – you didn’t need or care about Data Center Storage during that time!
Nevertheless, that doesn’t mean a lot of stuff didn’t happen, or isn’t going on. So, without further ado…
2018 Storage Recaps
Chris Mellor unwraps his holiday snark once more with a 2018 storage industry recap over at The Register.
More 2019 Storage Predictions
The predictions started early, as I assembled a few in the last Storage Short Take, but here are a few more.
Steven Carlini from Schneider Electric weighs in on his predictions for 2019. Unfortunately he lost me when he said, “on premise…”
There’s not much in this one, but I include it because it just made me laugh. Congruity360 predicts “Data Center as a Service (DCaaS).” Now why does that sound so familiar… perhaps I’ve heard of it by another name…?
Now, this one is actually interesting. Datanami has assembled a few execs from the industry to examine the 2019 trends, and aside from the “the future of technology is exactly what we happen to provide” claims, there are some very insightful answers in here as well.
At least IBM uses “premises” correctly. Beyond that and the hand-waving, though, there’s not much here more than an advertisement for their Think conference in February.
Of course, New Year’s predictions wouldn’t be as complete – or as predictable – as Tom’s Hardware. Yawn.
Companies in the News
Well, if you’ve been hibernating for the past couple of weeks, you may not have heard that Dell has returned to the public market.
Acronis has recently hit my radar, and just like when you start seeing ads for cold medicines when you have a cold, I’ve seen more and more information about their work recently, and their IP appears impressive. Well, apparently they’re making headway in their partnerships as well, as they’re now working with Google’s Virustotal to improve IoT end-device malware protection. Looks like I have some reading to do.
Looking for work? Cohesity is looking to hire nearly 400 employees in San Jose and RTP, North Carolina. I don’t think they’ll let you drive the RV, though.
DellEMC reveals more information about what kinds of Persistent Memory (also called Storage-Class Memory, though it appears that a movement is underway to stop using that term) will be in their PowerMax portfolio.
I write a lot about Synology, but I have to confess this little NASbook TBS-453DX from QNAP looks pretty interesting. 10GbE, HDMI, and three USB 3.0/four USB2.0 ports seems interesting. I’m curious as to what it’s primary focus is, though; it seems geared towards home-use with media/TV hookups, but initially promotes itself towards “working spaces and remote workers.” In my experience, these devices do well with one or the other, but not generally both.
Researchers at the Universities of Oxford, Exeter, and Munster have been working on a new technique to store more optical data in a smaller space than was previously possible. This gets a bit esoteric, as optimal methods for storing and transmitting information are not the same as electrical methods (which is what is used mostly, now).
You ever hear of QSAN XCubeNAS servers? Me neither… until today. I’ve never used them, but they’re notable for promoting their new XCubeNAS by focusing on Thunderbolt 3’s networking capabilities at 40Gb/s. That wouldn’t suck.
Webinars and Conferences
ICYMI, you can check out the most recent FCIA webcast Will You Still Love Me When I Turn 64GFC where Dean Wallace and Barry Maskas provide a technical session on T11 standards which define 64GFC serial Fibre Channel. Its a deep dive into backwards speed auto-negotiation compatibility, compatible form factors, and more, and has the distinction of being the only 5-star rated webinar I’ve ever seen! If you missed it, it’s available on-demand as is the Q&A blog that answers all the questions from the live event.
The SNIA Cloud Storage Technologies Initiative (CSTI) will be hosting two live webinars in February. The first one is Why Composable Infrastructure? on February 13th. It will define what composable infrastructure is (and is not) and then explain how composable infrastructure meets cloud data centers’ requirements to rapidly construct virtual pools of compute, network and storage based on the needs of particular customers or applications, then have those resources dynamically and automatically flex as needs change.
The second CSTI webinar will be on February 26th. What’s New in Container Storage brings back Keith Hudgins from Docker and Alex McDonald, the Chair of the SNIA CSTI to discuss the constantly changing container landscape. With new standards emerging every few months, you’ll learn what’s new, what to pay attention to, and how to get involved in the container community. If you don’t know Keith, he was a guest speaker at SNIA’s most popular webinar to date: Intro to Containers, Container Storage Challenges and Docker.
As I mentioned in my last Storage Short Take, SNIA’s Persistent Memory Summitwill be in Santa Clara, CA on January 24th. Registration is complementary. If you’ve got questions on emerging memory, you can check out this Emerging Memory Questions Answered Q&A blog by Tom Couglin and Jim Handy.
On the Fibre Channel front, there will be a great FCIAwebinar on February 20th, FICON 201. In this webinar, Patty Driever of IBM and Howard Johnson of Broadcom return as a follow up to their highly-rated FICON 101 webinar.
DO THIS NOW:
As noted in the last Storage Short Take, there is a critical severity security advisory for DSM and SRM:
Affected: Diskstation Manager and Synology Router Manager. These are biggies. DSM runs the entire NAS, and SRM runs their router. They have found a vulnerability that allows remote attackers to execute arbitrary code via a susceptible version. What’s the susceptible version? Well… all of them.
- Severity: Critical
- CVSS3 Base Score: 9.8
- CVSS3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
Solution: Upgrade your system:
- DSM 6.2.1-23824 Update 4
- SRM 1.2-7742 Update 5
- Visual Station 2.3.3-1646
Even so, it appears there is another issue now that is worth paying attention to as well.
Affected: Diskstation Manager (DSM). A vulnerability allows remote attackers to execute arbitrary code via a susceptible version
Solution: If you have:
- DSM 6.2 – Upgrade to 6.2.1-23824-4 or above
- DSM 5.2-6.1 – Ongoing
- SkyNAS – Ongoing
- VS960HD – N/A
As usual, ensure strong firewalls and harden the access into your devices from outside your environment.
Affected: Photo Station. There are vulnerabilities allow remote attackers to execute arbitrary SQL commands and remote authenticated users to upload arbitrary files via a susceptible version of Photo Station.
Solution: If you have:
- Photo Station 6.3 – Upgrade to 6.3-2977 or above
- Photo Station 6.8 – Upgrade to 6.8.11-3489 or above
Affected: File Station. A vulnerability allows local users to obtain sensitive information via a susceptible version of Android DS File.
Solution: Upgrade to 4.11.2-312 or above.
How about a little molecular data storage? Researchers from the University of Basel are working on a way to store data using individual molecules.