Condusiv Technologies Blog

Condusiv Technologies Blog

Blogging @Condusiv

The Condusiv blog shares insight into the issues surrounding system and application performance—and how I/O optimization software is breaking new ground in solving those issues.

Recently Discovered SSD Vulnerabilities Could Cripple Global Markets with Data Corruption if Exploited by Attackers

by Brian Morin 15. June 2017 10:38

Recently discovered multi-level cell (MLC) solid-state drive (SSD) vulnerabilities by researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of Technology in Zurich, reveal the first-ever security weakness of its kind against MLC SSDs that store much of the world’s data. Two different types of malicious attacks are reported to corrupt data, leaving much of the world’s data currently exposed while organizations search for answers.

If security experts and data protection experts didn’t have enough to worry about already, the latest discovery from Carnegie Mellon University has set off brand new alarms that could be far more crippling than the recent WannaCry virus or any ransomware attack. In this case, data is not infected or held hostage, but is lost entirely - not even the host SSD hardware can be salvaged after such an attack. This is not simply alarming to organizations that stand the most to lose like financial institutions, but we’re talking about real lives here if patient care is compromised as we saw earlier this month at hospitals across the UK.

In a recently published report by researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of Technology in Zurich, there are two types of malicious attacks that can corrupt data and shorten the lifespan of MLC SSDs – a write attack (“program interference”) and a read attack (“read disturb”). Both attacks inundate the SSD with a large number of operations over a short period of time, which can corrupt data, shorten lifespan, and render an SSD useless to store data in a reliable manner into the future. However, both attacks rely upon native read and write operations from the operating system to the solid-state drive, which is circumvented by Condusiv® I/O reduction software on Windows systems (V-locity®, SSDkeeper®, Diskeeper® 16).

The only reason this story has been covered lightly by the media and not sensationalized across headlines is because no one has died yet or lost a billion dollars. This is a new and very different kind of vulnerability. Protection from this kind of an attack is not something that can be addressed by traditional lines of defense like anti-virus software, firmware upgrades, or OS patches. Since it is cost prohibitive for organizations to “rip-and-replace” multi-cell SSDs with single-cell SSDs, they are forced to rely on data sets that have been “backed-up.” However, what good is restoring data to hardware that can no longer reliably store data?

By acting as the “gatekeeper” between the Windows OS and the underlying SSD device, Condusiv I/O reduction software solutions perform inline optimizations at the OS-level before data is physically written or read from the solid-state drive. As a result, Condusiv’s patented technology is the only known solution that can disrupt “program interference” write operation attacks as well as “read disturb” read operation attacks that would attempt to exploit SSD vulnerabilities and corrupt data. While most known for boosting performance of applications running on Windows systems while extending the longevity of SSDs, Condusiv solutions go a step further as the only line of defense against these malicious attacks.

Condusiv’s patented write optimization engine (IntelliWrite®) mitigates the first vulnerability, “program interference,” by disrupting the write pattern that would otherwise generate errors and corrupt data. IntelliWrite eliminates excessively small writes and subsequent reads by ensuring large, clean contiguous writes from Windows so write operations to solid-state devices are performed in the most efficient manner possible on Windows servers and PCs. An attack could only be successful in the rare instance of limited free space or zero free space on a volume that results in writes occurring natively, circumventing the benefit of IntelliWrite.

Condusiv’s second patented engine (IntelliMemory®) disrupts the second vulnerability, “read disturb,” by establishing a tier-0 caching strategy that leverages idle, available memory to serve hot reads. This renders the “read disturb” attack useless since the storage target for hot reads becomes memory instead of the SSD device. A “read disturb” attack could only be successful in the rare instance that a Windows system is memory constrained and has no idle, available memory to be leveraged for cache.

While organizations use Condusiv software on Windows systems to maintain peak performance and extend the longevity of their SSDs, they can trust Condusiv to protect against malicious attacks that would otherwise corrupt user data and bring great harm to their business and service to customers.

Telestream Solves MS Exchange Timeouts and Boosts SQL with V-locity I/O Reduction Software

by Brian Morin 13. June 2017 05:12

Many first-time users of V-locity® I/O reduction software for virtual servers end up trying the software for more than boosting application performance, but to resolve “shadow IT issues” like timeouts, unexpected crashes, troublesome servers that need to be rebooted regularly, etc.

Often times, the underlying issue is in fact I/O related. By offloading I/O from  storage and optimizing the remaining I/O stream to be written and read as a large, clean sequential profile, the “shadow IT issues” that plague many environments simply disappear when trying V-locity. Condusiv has published previous case studies solving shadow IT issues on ERP systems and MS-SQL apps. For Telestream (a popular provider of software and hardware products for video capture, encoding, transcoding, and network-based delivery), it was users timing out from MS Exchange and getting disconnected from the email server.

Before considering adding another hybrid storage array, all-flash array, or expensive new servers that may or may not solve the problem, they gave V-locity a try first.

“As soon as we installed V-locity and the Exchange timeouts disappeared, we were elated that users were no longer getting disconnected from the email server. That made our purchase of V-locity I/O reduction software a ‘no brainer,’” said Allie McLachlan, Systems Administrator, Telestream.

McLachlan continued, “The most eye-opening experience was finding out how badly our system performance was being taxed by small, fractured, random I/O from Windows write inefficiencies and the “I/O blender” effect. We would have had no idea that was even an issue without trying V-locity to solve those root cause performance issues.”

To read the full story and how their MS-SQL apps were boosted by 50% as well, read here:

Month List


<<  August 2017  >>

View posts in large calendar