As IBM’s storage hardware sales continue their long-term decline, Big Blue has announced anti-ransomware Safeguarded Copy for its FlashSystems and on-premises Storage-as-a-Service offerings, with planned public cloud extensions.
The Safeguarded Copy feature automatically creates data copies in point-in-time immutable snapshots that are securely isolated within the system and cannot be accessed or altered by unauthorised users. It is a DS8000 mainframe storage array capability as discussed in an IBM Red Book publication, aimed at countering content-level data corruption.
Denis Kennelly, General Manager, IBM Storage, said in a statement: “Protecting against ransomware and other forms of malware requires a two-pronged approach to resiliency that involves automated protection and rapid recovery. That’s why we’re standardising our modern data protection software, Safeguarded Copy, across our portfolio, bringing even more cyber resiliency to IBM FlashSystem.”
Note that standard FlashSystem arrays are used here, not separate backup target arrays. The idea is to enable the main system to have its own safeguards against ransomware and be able to recover from an attack.
It is based on making special copies of data which are immutable, and can be used to restore damaged original data volumes or build new and uncorrupted volumes. Safeguarded Copy provides functions to create multiple recovery points for a production volume. These recovery points are called Safeguarded Copy backups. The recovery data is not stored in separate regular volumes, but in a storage space that is called Safeguarded Copy backup capacity. The backups are not directly accessible by a host and the data can be used only after a backup is recovered to a separate recovery volume.
IBM Security QRadar monitors activities and looks for signs that an attack may have begun, such as the attempted logging in of an unauthorised person. Since phishing-led ransomware attacks involve getting authorised user credentials this approach is somewhat limited. QRadar can be used to invoke Safeguarded Copy proactively, to create a protected backup automatically at the first sign of a threat.
Safeguarded Copy backup capacity is always thin provisioned. The Safeguarded Copy can be used for regular validations of the copies to provide early detection of a problem and aid in the investigation of compromised data. Read the Red Book for more detailed information.
IBM will launch an on-premises Storage-as-a-Service (StaaS) offering in the northern autumn that, it claims, combines the control of an on-premises deployment with the ease of a cloud service.
Customers will be able to have, say, a FlashSystem array with one- to five-year options, and pay a single rate based on TB/month at a fixed annual rate and the performance level of the system deployed. They will be able to scale storage capacity dynamically up or down as needed with variable pricing, only paying for what they use. The base and variable pricing (when extra capacity is needed) are the same.
There is no new contract penalty. IBM handles installation and configuration and provides so-called concierge-level services and support.
IBM StaaS will be offered in three tiers – varying with the level of system performance needed, capacity required, and the length of commitment. The service will start as low as $27/TB/month on effective basis and come with full concierge lifecycle services. There is an optional 100 per cent data availability guarantee, with which IBM will provide about 50 per cent of additional reserve capacity above customer base needs, in order to be able to respond immediately for data growth. The reserve capacity will be billed at the same rate as the base capacity once it is utilised.
IBM plans to make its StaaS available across North America and Europe in September and aims to extend the service to other regions around the world in future.
This StaaS offering will be extended to support hybrid cloud use cases with the monthly-priced Spectrum Virtualize for Public Cloud, which supports IBM Cloud and AWS, and with planned support for Azure. It will also support hybrid cloud setups deployed via cloud-adjacent architecture at Equinix co-location data centres.
This approach by IBM mirrors what is happening elsewhere in the storage industry with, for example, Pure’s Evergreen, HPE GreenLake and Dell’s APEX services.
Mainframe-dominated storage sales
IBM storage hardware revenues are strongly affected by its System Z mainframe cycle. As its sales rise and fall, so too does the DS8000 line of mainframe storage. In its latest reported results for Q2 2021, IBM’s overall Systems division reported hardware sales of $1.4 billion, a year-on-year decline of 7.3 per cent. Storage hardware sales drooped seven per cent, and we calculated this to mean $452.5 million. The fall was attributed by IBM to the declined in high-end storage tied to the Z cycle.
We have no idea what is happening to FlashSystem array and other non-DS8000 storage sales, as these numbers are not revealed by IBM. It seems obvious that they are overshadowed by the DS8000 mainframe arrays – so we cannot generally expect any overall rise in IBM storage hardware sales until the next-generation mainframe, possibly to be called the Z16. Assume a two-year refresh cycle and the Z16 will arrive around September this year, with storage sales rising in the next two or three quarters after that.
We track IBM storage hardware sales by quarter and by year, and the chart below shows the mainframe cycle impact in the 2017–18 and 2019–20 periods, with multi-quarter uplifts in revenues as the mainframe goose lays its golden eggs:
However, the long-term trend is down and down, and what was a $4.8 billion run rate business in 2010 is now a $1.8 billion run rate business.
We also have no idea about IBM’s storage software sales, as these are not singled out by IBM either. That is a shame as we expect IBM’s total storage sales – hardware and software – to be north of $2 billion a year, and possibly well north.