Tuesday, September 29, 2009

The Hidden Costs of Unreliable Disk Drives

The Dirty Little Secret of Managing RAID Storage
*By Jerome Wendt, President and Lead Analyst at DCIG Inc.

Organizations are storing more data than ever on disk. Archives, backups, DR and video surveillance data along with unstructured data are largely contributing to this explosive growth. Yet one of the dirty little secrets of managing the large disk farms needed to store all of this data is managing the replacement of failed SATA hard disk drives (HDDs). While current RAID technologies do an adequate job of protecting from data loss in most of these environments, when a SATA HDD fails, it still does require someone to replace it.

Replacing failed SATA HDDs may be no big deal in smaller environments. But when you start to consider how potentially unreliable some SATA HDDs are and the time involved with managing their replacement in large disk farms, the process becomes much more complicated. Here are just some of the steps that I had to follow when I worked at a Fortune 500 data center and had to replace a failed HDD (SATA or otherwise):

• Open a trouble ticket in my organization's change control system
• Open a trouble ticket with the vendor to replace the disk drive
• Determine the urgency of replacing the failed disk drive.
• Schedule a time for the HDD replacement.
• Notify the affected application, server, change control and security teams.
• Verify the new drive was successfully installed and close out the open trouble tickets.

While not every organization has to go through all of these steps to replace failed SATA HDDs, regularly replacing failed HDDs becomes a cost and a risk to any company.

Organizations obviously do not want to lose data on their SATA storage systems, but they also do not want to dedicate a full time person to manage the task of replacing failed HDDs. It makes sense to think more about this issue ahead of time and to buy storage systems that mitigate the problem.

Here are some features that organizations should look for in SATA storage systems to ensure high reliability of the SATA HDDs:

• Manufacturers that have a history (5+ years) of working with SATA.
• Manufacturers that only use enterprise SATA HDDs.
• Manufacturers that stress test the HDDs before deploying them in the system.
• Manufacturer can manage HDDs when they are spun down.

Once organizations know about some of these finer points that SATA storage system manufacturers take (or do not take) to ensure the reliability of the SATA HDDs within their systems, it becomes easier to justify choosing one over another for these types of hardware benefits. For instance, Nexsan Technologies is a prime example of an organization that has a long history of working with SATA HDDs (10+ years) and has taken all of these steps and more to ensure the reliability of SATA HDDs on its many products which include SATABoy and SATABeast.

Most organizations say that when they are contemplating the use of SATA HDDs that their primary concern is reliability. In truth, most are more initially concerned about the protection and recoverability of their data which is a fear most SATA storage system manufacturers address through the use of RAID. But RAID only addresses concerns about data reliability, not hardware reliability, and as customers can find out after the fact, reliable SATA HDDs have a value that organizations may only appreciate and understand after they purchase an unreliable storage system.

*Jerome Wendt, President and Lead Analyst at DCIG Inc., writes extensively about data storage, including white papers, product analysis, and blogging at www.dciginc.com. SANDirect thanks him for his contribution today!

Thursday, September 3, 2009

Too Good to be True: Green AV $&^&^%@)(*&^%$

Too Good to be True: Save your Computer—and the Environment—with Green AV

By Jim

Debbie stares at the pop-up window in dismay: “Windows defender warning: review harmful unwanted software Trojan:win32/Fake xpa severe.” This is the fifth attack detected in five minutes. She’s very annoyed.

A bright green button flashes: “Do you want to block the attack?” Well, heck yeah. The computer’s got Norton Anti-Virus, and Debbie’s waiting for it to do its thing, but it hasn’t. It seems to be ignoring the attacks. Another anti-virus program, called Green AV, claims to handle 100% of malicious software, viruses, spyware, and malware. She clicks through. They promise to block the annoying attacks and—bonus—they donate a portion of the purchase price to save Amazonian rainforests. Talk about green performance!

It’s a bit pricey--$99 and change—but the testimonials are good and it offers a 100% money back guarantee. If it works like it claims, the price is well justified. And if it doesn’t then you get your money back, right?

Fortunately, most IT professionals (and Debbie too) are rather too savvy to actually fall for this clever scam—especially given that whoever created the bogus website forgot to use spell-check. But just because you’re not coughing up the hundred bucks doesn’t mean you’re not in trouble. In Debbie’s case, all she did was click an ad for teeth whitening—an ad posted on her Yahoo! Mail site—and she became infected.

Green AV spreads like most viruses do—through innocuous-looking downloads. Once on your computer, it avoids detection by the simple expedient of removing your protective software. Next, it begins to produce fake warnings of attacks, as well as redirecting your web browser to warning screens in place of the websites you want to visit—and each time, it offers to “fix” your problem, if you’ll just visit their website and buy their program.

And the worst part of the problem is that a true solution simply doesn’t exist yet. Some folks have had success with downloading Malwarebytes or manually removing offending files. But not Debbie—we had to wipe her computer clean and reinstall everything.

What’s amazing about the whole thing is that these clowns are still out there. Not only their ads and the malware itself, but a plain-for-the-world-to-see website (www dot green-av-pro dot com—we’re not posting an actual link because we don’t want to promote traffic there) with an apparently fully functional shopping cart with which to part innocent bystanders from their cash. Why hasn’t anyone shut this scam down? Why hasn’t Mcafee, Microsoft, Symantec, etc put a stop to this malicious irritation?

How about you? Have you been infected? What did you do about it? Do you know a fix that really works? Can you help shut this scam down? Tell us!