Archive for April, 2010

Smaller and cooler

April 27, 2010 Leave a comment

Having recently completed a white paper on green power and data center issues for one of my writing clients, I had cooling issues on my mind when I ran into Rich Friedrich of Hewlett-Packard at a recent conference. Rich is director, Strategy and Open Innovation Office of HP Laboratories. He talked about some of the research priorities at HP. Many of them are aimed at finding innovative new uses of existing technologies.

In the case of cooling, HP engineers are looking for ways to apply the company’s inkjet technology to data center cooling. Huh?

People who don’t spend time in and around data centers might not realize that the cooling requirement didn’t go away with the conversion of mainframe computers into multiple small servers. Fewer computers are liquid cooledd nowadays, but the air conditioning requirements can be intense — and expensive. As individual boxes give way to rack-mounted “blade” appliances, the close proximity of many microprocessors can create intense zones of heat, enough to burn up the boards.

In air cooling, what data center designers try to do is line up the hot components, creating cool rows and hot rows, then isolate the hot rows physically so that refrigeration can be aimed precisely where the heat is. Done correctly, this can be more efficient than trying to cool the whole room. You’ve heard the expression, “boiling the ocean” as a reference to futility. Well, think of inefficient cooling as “air conditioning the desert.”

Two or three vendors go a step further, offering fish tank-like racks filled with inert coolant (similar to the liquid used to fill transformers) into which blades are immersed, mounted vertically. It requires removing optical drives and hoping that the hard drives are really watertight.

But not all CIOs are enamored of the idea of big, open tanks of liquid in their data centers.

Here’s where the inkjet technology comes in. Friedrich explained HP is experimenting with inkjets — the jets assemblies themselves, not the printers. Inkjets can apply picoliters of liquid under pressure to very small areas. If liquid coolant could be applied to just the surface of a microprocessor or other hot component itself, or to its heat sink, it would eliminate the need for immersion in gallons of fluid and perhaps for elaborate air conditioning setups. Further, he said, if the the chip was hot enough to boil the coolant (or the liquid designed to boil at the temperature it encountered on the chip) the vapor could be recovered locally, condensed, and recirculated. If you’ve ever seen cooling oil applied to a metal cutting bit on a lathe or drill press, you’ve also seen the mess if can create. Boil-and-recover would avoid the miniature version of this problem.

You can read more about this work here.

One way to secure the weak chain link

April 10, 2010 Leave a comment

The enterprise IT market is becoming crowded with specialized products aimed at cyber security. Many of them adapt packet analysis on IP networks. Taking advantage of the fact that switching operates essentially at wire speed and that storage, in dollars per terabyte, keep falling, these products capture all packets, in some cases replicating offline for forensic analysis, in others analyzing packets as the flow by and recording metrics to log.

Some, such as Solera Networks, look purely for anomalies indicating cyber threats. They record and can playback, almost like tape, recent network activity with the added function of deep inspection of each packet. Real traffic can be compared to a database of known works and viruses, but looking for new threat behaviors must happen offline.

Others products, like Splunk, are used partly for cyber forensics and partly for application monitoring. They also use the packet coming into the network as the basic element for understand of and visibility into the network.

These products are located at the network hub, typically as a dedicated rack appliance, and they report either through their own dashboard or via another network monitor.

But security and network administrators also have to worry about a constant source of cyber evils, namely the end points their networks support. The bulk of end points are PCs. Judging from the attack patterns, the traditional anti-virus products and personal firewalls don’t seem to be that effective at stopping worms and viruses from reaching the network servers.

I spoke the other day with Aaron Barr, who heads up a four-month-old federal unit of HB Gary, whose Digital DNA resides in the RAM of PCs on the network. That’s where malware lives, and from where its behavior can be seen and analyzed by looking into the code itself. Looking at behavior is distinguished from looking at profiles like standard anti-virus products. Barr said detecting behavior — for instance, keystroke logging — is preferable because it takes into account the fact that malware self morphs as a way of evading profile-based detection.

Keep in mind that analysis and reporting tools are not intended for search-and-destroy, but rather to give the network operations staff a near real-time picture of what is going on and whether there are dangerous infections aimed at capturing keystrokes or other information.

Now the question is whether the mechanism exists for organizations to efficiently share information on threats so that response isn’t always a step behind the perps putting malware into the wild, where it hunts for vulnerable organizations.