Itzikr's Blog

There is no question that we live in an ever-changing world – especially for you in IT.

According to Dell’s own research [The Global Data Protection Index (GDPI) Snapshot a survey of 1000 IT decision makers from organizations around the world], almost half (48%) of organizations have suffered a cyber attack in the last 12 months.

Click to access global-data-protection-index-key-findings.pdf

And ESG research further confirms that of the companies they surveyed that had suffered an attack, 50% paid a ransom, but only 40% of them were able to cover more than 75% of their data.

Then there’s sustainability. IDC reports that 83% agree that sustainability is one of the most important criteria for IT buying decisions.

And finally, ESG has found that 9 out of 10 IT organizations must now move faster than three years ago, and nearly half of them more than 50% faster.

We know that there is innovative power in data – in fact, 81% of ESG survey respondents expect that DATA will “be their business” within next two years. But acting on it is the challenge.

That’s because organizations are faced with technology barriers like cyber threats, energy costs, operational silos and of course cloud costs and complexity.

The Dell Technologies Innovation Index bears this out.

This global benchmark assesses organizations’ innovation maturity by surveying more than 6,600 business decision makers.

According to the Dell Technologies Innovation Index, Innovation leaders (those with mature innovation approaches) are purposely investing in innovation – to drive outcomes for their business – especially in times of uncertainly.

The study reveals that these outcomes are significant. We found that Innovation Leaders (as compared to Innovation Laggards) are:

• Twice as likely to experience high levels of revenue growth
• 50% more likely to be able to attract the talent they need to drive innovation
• Significantly more likely for their innovation investments to drive new customer value
• Significantly more likely for their innovation investments to drive measurable changes and tangible improvements in their business

The reality, though, is that these challenges are real barriers holding many organizations back from achieving their innovation priorities and becoming a leader.

So how do you overcome those technology barriers?

So how do you overcome those technology barriers? With software-driven storage innovations from Dell Technologies – so you can strengthen IT security and supercharge efficiency.

When it comes to powering your innovation, we believe today’s

• cyber resiliency to secure and protect data everywhere
• And breakthrough efficiency to lower operational and energy costs

Only Dell provides the unique combination of immutability to protect against deletion, a cyber vault for air-gapped isolation, and AI and machine learning to speed data recovery. These innovations accelerate Zero Trust adoption, to protect an organization’s data from the threat of cyberattacks.

And for efficiency, our software innovations continue to push intelligence and automation to new levels. From eliminating time-consuming tasks with ML, to making our technology more energy efficient with each new generation.  For example, we certify that our systems use industry standard benchmarks including ENERGY STAR and EPEAT. And Dell guarantees up to 4:1 data reduction across our broad storage portfolio.

This year, we’ll be announcing a parade of product releases across the greater Dell Storage portfolio, all designed to help customers strengthen their cyber resiliency and supercharge their efficiency. First up is PowerStore…

So let’s talk about PowerStore!

Again, the next-gen PowerStore release (PowerStoreOS 3.5) is the first of multiple announcements you’ll see over the next few quarters across the total Dell Storage portfolio – ALL designed to help customers strengthen their cyber resiliency and supercharge their efficiency.

We’ll discuss new capabilities of the PowerStore platform itself – as well as some exciting new ways PowerStore is integrated with the surrounding Dell ecosystem.

But first…let’s take a quick look at where PowerStore’s been recently.

As you may know, PowerStore has been experiencing incredible momentum in the marketplace.

• The platform’s container-based design is allowing us to bring new capabilities to market very quickly…
• …and we’re winning awards with each new software release
  
  • Including a Storage Product of the Year award from TechTarget for the third year in a row!
• The industry recognizes not only the PACE, but also the VALUE of these frequent enhancements.

That value has been recently quantified by independent third-party analysis (IDC) which found PowerStore returned an incredible 468% 3-year ROI for customers, on average. That’s a payback in less than 11 months!

Other stats from the same report show

• An average $3.3 million annual benefit per organization ($324,000 per 100TB)
• 61% faster deployment of storage resources
• 24% decrease in total 3-year operational costs

The differentiator is intelligence and automation.

• PowerStore is just simpler and easier to deploy and maintain
• Allows staff to work with greater productivity, and spend more time on innovation (26% more time, according to the study!)
• We’re helping companies get MORE done with fewer resources, an advantage that could not be better timed for current market conditions.

Customers recognize this too, and they’re voting with their wallets.

• Many LARGE companies already trust PowerStore with their data.  PowerStore has Fortune 500 customers in ALL these vertical industry sectors.  (name some)
• But midsize and smaller businesses are also using the platform – and PowerStore deployments are now operating in over 90 countries worldwide
• Companies of all sizes are learning how PowerStore can transform their business.

It’s important to note 24% of PowerStore customers are net new to Dell Storage – in other words, PowerStore is convincing customers to change storage vendors!  There must be something very compelling here…

And best of all… customers who invest in PowerStore are extremely satisfied.

• We’ve been hearing this for years – and it was recently validated by a rigorous independent 3^rd-party survey.
• PowerStore is currently ranked #1 in customer satisfaction globally across multiple metrics

Preferred by more IT decision makers than Pure, HPE and NetApp
—————-

Vs. Pure, the survey also found customers were 

• More confident in PowerStore’s roadmap than Pure FlashArray
• More satisfied with PowerStore’s performance than Pure FlashArray

PowerStore is the ONLY storage system with a Bain-certified NPS score

• Dell received an “outstanding” two-star accreditation rating from Bain & Company based on the Bain NPSx_℠ CX accreditation framework
• Validates that the measurement approach and methodologies meet Bain’s strict standards.
• Bain is the inventor of the NPS, so they do know what they’re talking about…

Again, this simply validates what we’ve been hearing from customers, and what our sales figures have been showing for almost three years.

What do customers love about PowerStore? It’s the non-stop innovation – and that already includes Cyber Resiliency and Efficiency, which are integral to the platform’s DNA.

It’s important to understand the enhancements we’ll discuss today are built on a solid foundation of innovation that’s already been laid.

With respect to Cyber Security, we’re not just bolting on features to respond to trends.

PowerStore’s development process has always been aligned with the National Institute of Standards and Technologies (NIST) cybersecurity framework of industry standards and best practices. Within the framework’s key criteria (Identify, Protect, Detect, Respond and Recover), we’ve implemented a broad multi-layer security approach with foundational Zero Trust technologies such as:

• Hardware Root of Trust and Secure Boot throughout the portfolio to protect against malware tampering
• Data-at-rest encryption (with end-to-end FIPS 140-2 certification)
• Cloud-based cybersecurity monitoring for intelligent threat detection
• Advanced file security – including file locking, ransomware protection and more.

And with respect to Efficiency…this has been PowerStore’s bread and butter since it first launched in 2020!

It’s one of the things customers love most about the platform. PowerStore’s adaptable, intelligent, continuously modern design optimizes both operational and energy efficiency to help them get the most out of every resource, even as requirements change unpredictably.

• Container-based architecture lets us add new features quickly and non-disruptively
• Built-in intelligence auto-tunes performance, data reduction, resiliency in the background

These capabilities reduce management overhead to boost operational efficiency

• Good example is our unique scale-out/scale-up capability that eliminates up to 99% of the effort to load balance a cluster as you expand

…and the same built-in intelligence also makes the platform itself more efficient 

• Newest PowerStore release is up to 60% more energy efficient – providing dramatic increases in both density and IOPS per watt.
• PowerStore’s data density beats Pure FlashArray in model-to-model comparisons across the entire portfolio
  • …with up to a 25x density advantage when you compare entry models!  (500 vs. //X10)
• Dell actually has more EnergyStar storage certifications than any other vendor – for instance, PowerStore has three certified models (vs. ZERO for Pure) –

So let’s look at what’s coming next…

Again, based on PowerStore’s powerful existing foundation, we’re adding even more Cyber Resiliency and more Efficiency.

We’ll look at these things in detail shortly, but just to summarize

• We’re meeting the stringent security requirements of the US Federal government, opening up new many new markets for PowerStore
• And we’re also enabling an authentic Zero Trust experience for our business customers, with new capabilities like
  • Secure and immutable snapshots – impossible to delete, even by an administrator
  • Multifactor authentication
  • And a number of new security and resiliency capabilities for our FILE customers
• On the efficiency side, the big news is native integration with Dell’s PowerProtect DD backup appliances — #1 data protection solution in the industry
  • Customers can now manage backups to either CLOUD-based or ON-PREM versions of PowerProtect DD directly from PowerStore – no extra software or dedicated backup server required.
• We also have a number of enhancements for our DevOps customers to help them accelerate innovation at scale by enabling self-service provisioning of PowerStore
  • New integration wit the popular Terraform toolset, as well as enhancements to our existing Ansible support and Container Storage Modules
• And finally – we’re pleased to announce the immediate availability of our Dynamic AppsON capability – a “better together” solution with VxRail featuring integrated solution-level Lifecycle Management.

Lets look at a few of these things in detail.

PowerStoreOS 3.5 is a major security milestone for PowerStore. With our latest software, the platform now meets the stringent security requirements of the US Federal Government and DoD – and also accelerates the adoption of Zero Trust business solutions.

First, on the government side, we’ve achieved the critical STIG technology compliance

• Gives PowerStore solutions access to the $1 billion US Federal storage market, including the US Department of Defense.
• [Note: DoDIN Approved Product List (APL) listing is in process – but the technology part is complete and we can now submit PowerStore for inclusion. See additional info below.]

STIG mode, highly requested by many users in the federal space, changes several elements of PowerStore to comply with Federal requirements, including

• DoD login banner
• Password complexity requirements and rules
• Periodic intrusion detections and alerts
• User lockout policies

Obviously, STIG compliance is of primary interest to our US federal customers
(other organizations should not activate it) but it also sends a strong message to our enterprise business customers.

• Governmental security requirements are by far the most strict – this achievement proves PowerStore is up for any security challenge
• And although STIG mode is not available for non-governmental use –many of the underlying technologies are – and we’ll look at some of those next…

ADDITIONAL BACKGROUND INFO

“Federal customers are the Most Recession Proof industry with 72% saying spending will increase or stay the same
in 2023.” (IDC 2022 Industry IT and Communications Survey)

The Dell PowerStore Security Configuration Guide
contains more information on this feature.

What   is STIG Hardening?

• Security Technical Implementation Guides (STIGs) are cybersecurity configuration standards for IT products established by the US Department of Defense Information Network (DoDIN).
• STIG hardening is a subset of the requirements for DoDIN APL. It is specific to the DODIN requirements as negotiated with DISA.
• The use of STIGs enables a standard for securing IT infrastructure. When implemented, this feature enhances security for software, hardware, physical and logical architectures to reduce vulnerabilities in secure, sensitive Federal environments. While some STIG hardening progress was delivered in previous releases, PowerStore now has fully STIG complaint operating mode.

Who uses STIG mode?

• STIG mode is exclusively for US DoD Federal customers. No other agencies or commercial organizations should be enabling STIG mode. The customer should not turn on STIG mode until the product is listed on APL.

What does it do?

• Enabling STIG changes several elements of PowerStore to comply with Federal requirements:
  • DoD login banner
  • Password complexity requirements and rules
  • Periodic intrusion detections and alerts
  • User lockout policies
  • Disables the ability to add an appliance to the cluster

Why is STIG mode important for PowerStore?

• STIG compliance is an essential prerequisite for submission to the Federal Approved Product Lists (APL). With STIG mode, PowerStore can now be sold to Federal customers, opening a massive new market.

What is the Federal Approved Product List (APL)?

• The Department of Defense Information Network (DoDIN) Approved Products List (APL) is the single consolidated list of products that have completed Cybersecurity (CS) and Interoperability (IO) certification. The APL process is used to test and certify products that affect communication and collaboration across the DoDIN and is an acquisition decision support tool for DoD organizations interested in procuring equipment to add to the DISN to support their mission.

When will PowerStore be listed on the APL?

• PowerStore now satisfies the prerequisites and is eligible for APL submission and certification. There is no defined timetable for APL addition, but Federal customers can evaluate and test PowerStore while the process is underway.
• We anticipate that PowerStore will be listed on the APL sometime at the end of calendar year 2023. Once certification is achieved, the customer can then be ready to purchase and use PowerStore in production.

PowerStore also meets the toughest Zero Trust security framework requirements for today’s leading businesses, with new capabilities to protect, prevent and respond to threats more quickly and easily than ever.

With PowerStoreOS 3.5 and higher, you can enhance the security of your PowerStore system with Multi-Factor Authentication (MFA) using RSA SecurID. Also known as “advanced” or “two-factor authentication,” MFA offers numerous advantages, including improving the security of accounts and data against hackers, reducing the risk of poor password practices, and ensuring compliance with government regulations.

• Enable for both PowerStore Manager and REST API
• Works seamlessly with both local and LDAP user accounts for PowerStore, making it easy to implement and manage.
• Required by both private enterprise and federal customers
• Was part of the requirement for STIG compliance

[Note SecurID is currently the only MFA product integrated with PowerStore.]

Prior to PowerStoreOS 3.5, PowerStore Snapshots were already immutable, meaning they can not be modified.

With 3.5 we add a new layer of security for block data snapshots, also preventing them from being deleted until the designated retention period expires.

• Once designated as a secure snapshot, even administrators can not modify or delete it.

When secure snapshots are enabled, you’ve basically created an impenetrable “Vault”

• Protects against both external threats like ransomware attacks as well as accidents or malicious activity caused by administrators.
• There is simply no way to destroy the data
  • …even by cloning a snapshot and attempting to write it to the same point in time.
  • …even if the array runs out of space – see note below.
• This deletion prevention also extends to resources associated with secure snapshots, ensuring that source data cannot be deleted.

Management is very simple from either PowerStore Manager, CLI or REST API

• Secure Snapshot setting is optional per volume or volume group
• You can initiate manually or schedule for automatic creation using protection policies
• It’s easy to change the setting – but changes apply ONLY to future snapshots – any previously secure snaps stay locked and can not be deleted or modified, even after you alter the setting.

Secure snapshots are your cost-effective first line of defense against ransomware and other cyber-resiliency threats.

PowerStore has been on a great trajectory with enterprise file services.

PowerStoreOS 3.5 continues the trend by enhancing file resiliency in several key ways.

The release increases key NAS limits for PowerStore, including

• Up to 4x more file systems per appliance
• Up to 4x more “mounted snapshots” per appliance (also called .snapshots or CPKT snapshots)

These increases give administrators

• more granular file management options
• more recovery points for self-service restores

Streamlined access control

3.5 allows admins to manage SMB share permissions (ACLs) directly from PowerStore Manager or REST API.

• Flexibility and convenience
• Respond quickly to security threats
• No client-side access required
  • Previously, admins needed to use Microsoft Management Console (MMC) on a Windows client to manage share permissions.

Fail-Safe Networking

The 3.5 update adds Fail-Safe Networking (FSN) support for file interfaces.

• Well-known feature across the Dell portfolio (Unity XT, etc.) for advanced file users
• Lets you configure ports in an active/backup configuration.
  • Provides switch-level redundancy to eliminate single point of failure and…
  • …maintain availability in the event a port, cable, or switch goes down
• Can be used in combination with existing Link Aggregation for another level of protection
  • FSN can consist of individual ports, Link Aggregations, or a combination of both.
  • If all active ports of an FSN fail, the backup port automatically takes over and continues to service IO.
  • Intelligently switches connections to avoid disruption to file data.

Together, these latest enhancements provide more reasons for customers to deploy PowerStore unified file/block solutions for enterprise environments!

ADDITIONAL BACKGROUND

• NAS limit increases: It’s important to note that this update does not increase the number of file snapshots available in the system. Rather, it increases the number of mounted .snapshots, a popular request for file administrators to streamline end-user recovery.By increasing the number of mountable snapshots, file administrators can now provide more end-users with self-service restoration capabilities, making it easier, and streamlining data recovery.  Self-service restores are done through previous versions on SMB and the .snapshot directory on NFS.
• Fail-Safe Networks: When used in conjunction with Link Aggregations, multiple ports can be used as part of the active or backup part of the FSN.
  • Note that you cannot put the System Bond into an FSN.
  • Members of an FSN can have different speed/duplex settings but must have the same MTU.
  • FSN appears as a single link with a single MAC address and potentially multiple IP addresses.

With 3.5, we’ve added a native integration with PowerProtect DD appliances

• you can now back up PowerStore directly to PowerProtect, with no dedicated backup server required, and zero impact to your application hosts.

With this integration, PowerStore customers have a very cost-effective way to take advantage of PowerProtect, the industry’s #1 data protection appliance.

• Works with either physical PPDD appliances…
• …or software-defined DDVE (virtual edition)
• Backups are very efficient – only changes are sent across the wire
• PowerProtect ingests unique blocks only, and cost-reduces those with typical 65:1 data reduction!

Backs up volumes and volume groups (VGs) via an incremental-forever methodology

• Can backup 150 TBs/day with PowerStore’s Data Mover.
  • After the initial backup only differentials from previous backup need to be moved

As we’ll discuss on next slide, you get multiple restore/recovery options:

• Back to the original VG
• To new volumes on the original source array
• To VGs on a different PowerStore array
• Instant Access, which allows an admin to mount a copy of the VG to allow surgical recovery

Backups can be orchestrated from either PowerProtect Data Manager, which is aimed at Data Protection Admins – OR PowerStore Manager, which is primarily targeted for use by Storage Administrators.

ADDITIONAL BACKGROUND

Why use PPDM? There are a few features only available via PPDM.

• Application and application aware copies/ PSM only provides crash consistent copies
• Future integration with the DD Cyber Recovery vault requires PPDM. It won’t be available via PowerStore Manager

In addition to the “direct to PowerStore” benefit… (no backup server required, no host impact, etc.), …we’re also adding ability to set up and manage PowerProtect DD backups directly from the PowerStore Manager UI.

• No additional software required – you can set it up in just 90 seconds!
• Works with ANY PowerProtect DD target: physical appliance
  on-prem
  or DDVE (virtual edition) running in the cloud.
• NOTE: Solution is currently qualified with AWS, Google and Azure quals are pending – but you can already purchase DDVE on all three cloud marketplaces

Recovery is also simplified, thanks to new “Instant Access” feature

• Administrators can easily peek into remote backup contents through Instant Access enabling temporary access to the snapshot without bringing it back onto the PowerStore
• Restore only the data you need – in as few as 7 clicks
• Again, all from the PowerStore Manager UI – no need to contact backup administrator

You get multiple restore/recovery options:

• Back to the original volume or volume group
• To new volumes on the original source array
• To volume groups on a different PowerStore array
• Instant Access, which allows an admin to mount a copy of the VG to allow surgical recovery

What does this mean for PowerStore customers?

• If you have existing PowerProtect DD targets in your environment, this is an absolute no-brainer!
  • No additional cost
  • Take advantage of PowerProtect’s 65:1 data reduction and other great features
• It’s an easy-to-deploy multi-cloud solution
  • Avoid vendor lock-in, reduce both cloud and on-prem costs

Harnessing tight integrations with PowerProtect can enable more efficient datacenter operations. A backup and storage solution from a single vendor can reduce data protection administration costs by up to 22% and backing up data to a PowerProtect appliance can save up to 41% in power and cooling per petabyte, enabling you to reduce your carbon footprint and further your organization’s sustainability goals.

Hashicorp’s Terraform and Red Hat’s Ansible are two automation platforms that have been adopted with the most success in the IT infrastructure automation space. Common benefits of these independent solutions are reduced costs, deployment speed, error reduction, reduced risks, and increased business agility. For example, these platforms allow organizations to treat their infrastructure as a version-controlled, repeatable, and testable resource, making detecting and resolving issues easier. All these benefits enable seamless IT operations, continuously driving up application development cycles, and allowing easier addressing compliance at a large scale.

ServiceNow remains the #1 ITSM and ITOM platform used by customers for creating a self-service portal. From there, customers can set up integration with different management stacks – vCenter, MSFT SCCM, Cloud (AWS, GCP, Azure), automation (ansible, terraform) – and accordingly create the service catalogs for self-service management.  

Our consultants have services dedicated to Automation from Day 0 to Day 2 operations

Released in Q1 of 2023, Terraform Providers for PowerStore were introduced and made available. In addition, through our agile engineering processes, incremental updates to the Ansible modules have been released mainly for supporting vVols, vCenter and VMFS support.

CSM App Mobility allows Kubernetes administrators to clone stateful application workloads and metadata to other Kubernetes clusters using a single command. It leverages native storage array capabilities and open source technologies to copy both application data and metadata to the desired object storage.

CSM App Mobility can be utilized in private and public cloud environments, helping enterprises streamline projects such as bug triage, blue-green deployments, new platform migration, dev/test environment set-up, and more.

You’ve been hearing about Dynamic AppsON since last fall’s VMware Explore – well with VxRail’s “Pipton” release coming out in May 2023, it’s finally here!

A true Dell “better together” solution, Dynamic AppsON combines the advantages of PowerStore with VxRail, the industry’s #1 hyperconverged solution. The two platforms were designed for synergy from the start, and are frequently deployed in the same environments – largely thanks to their common VMware DNA. But now the approach goes to another level.

Dynamic AppsON combines compute-only VxRail dynamic nodes
with PowerStore T model appliances in a tightly integrated solution that allows users to scale compute or storage independently.

• Increases flexibility for both platforms
  • Gives VxRail environments access to PowerStore’s enterprise efficiency, data protection and resiliency features
  • Helps PowerStore environments quickly expand compute for CPU-intensive workloads
  • All while simplifying operations with end-to-end automation and management integration.

Dynamic AppsON helps customers seamlessly adjust performance and resource utilization for the changing needs of their workloads, saving cost and management effort over time.

• Easy to purchase, deploy and support
• End-to-end VMware management – provision BOTH platforms directly from vSphere.
• With the Pipton release, you get solution-level Lifecycle Management (LCM).
  • VxRail’s LCM capability will now apply to the entire solution
  • Ensures all software components (PowerStoreOS, VxRail BIOS, firmware, drivers, vSphere/ESXi software) are updated with the latest validated versions
  • Eliminates complexity and risk
  • Ensures solution is always optimized, always up-to-date

Ideal for a wide range of workloads

• Compute-intensive – where compute needs may grow faster than capacity needs
  • Data analytics/visualization, medical research, edge computing, etc.
• Data-intensive –where storage needs may grow faster
  • Business analytics, OLTP, Data warehousing, Oracle, SQL, etc.

No matter what the requirement – Dynamic AppsON lets you scale and evolve YOUR way.

The new recycle bin for PowerStore is exactly what it sounds like and let’s face it, accidents happen.

When an object is deleted from the PowerStore management interface, including the CLI, REST or GUI, the storage resource and associated snapshots can now be placed in a recycle bin The storage admin will now be able to easily retrieve items from the recycle bin without needing to restore from backups.

The key benefit of this feature is that it will allow the user to save time while retrieve storage resources if they were accidentally deleted and will prevent a Data Loss (DL) situation at the customer site.

A Recycle Bin within a is not new in the industry and this feature will fill the competitive gap from other storage companies like Pure and NetApp