Kioxia has launched a high-speed PCIe 5 data center SSD, the CD8P, which is significantly faster than its existing DC product, the CD8, and has double the stated capacity.
Both drives use BiCS 5, Kioxia’s 112-layer 3D NAND technology, with cells formatted for TLC (3 bits/cell). They are single port datacenter drives with power loss protection, end-to-end data protection, and support the OCP Datacenter NVMe SSD Specification 2.0. The CD8P range has flash die failure recovery as well. Self-encrypting (SED) models support the TCG Opal and Ruby SSC standards. Like the CD8, the CD8Ps come in read-intensive and mixed-use variants with differing capacity levels.
Kioxia SSD business unit SVP and GM Neville Ichhaporia said of the release: “The CD8P Series is ready for next-gen PCIe 5.0 servers, delivering a great combination of high performance with low latency in both E3.S and 2.5-inch (U.2) form factors.”
They are intended for general-purpose server and cloud applications.The CD8 starts at 960GB and tops out at 15.36TB in read-intensive form whereas the read-intensive CD8P starts at 1.92TB and goes up to 30.72TB.
Mixed-use capacities for the CD8 range from 800GB to 12.8TB, reflecting the need for over-provisioning cells for the added write burden. The CD8P’s equivalent range is 1.6TB to 12.8TB. The CD8P E3.S format drive’s maximum capacity for read-intensive work is 7.68TB with the U.2 (2.5-inch) version running up to 30.72TB.
The CD8P stated performance:
Random read IOPS: 2 million vs CD8’s 1.25 million
Random write IOPS: 400,000 vs CD8’s 200,000
Sequential reads: 12 GBps vs CD8’s 7.2 GBps
Sequential writes: 5.5 GBps vs CD8’s 6 GB/sec
(These are all “up to “ numbers.) The difference from the CD8 is, we understand, down to Kioxia’s latest controller and firmware. The firm emphasizes the drive’s consistent performance, saying its 99.999 percentile latency is <255 µs.
As with the CDS8, the CD8P supports 1 drive write per day (DWPD) in read-intensive form and 3 DWPD in mixed-use, during its 5-year warranty.
Although faster than the CD8, Kioxia’s CD8P is not quite as fast as Samsung’s PM1743 dual-port data center SSD, which provides up to 2.5 million/250K random read/write IOPS and has sequential read and write bandwidth numbers of up to 13 GBps and 6.6 GBps respectively.
However, Kioxia has its own dual-port data center drive, the CM7, and that provides up to 2.7 million, 600K random read/write IOPS and 14/6.75 GBps sequential read/write bandwidth; better than Samsung.
Solidigm’s D5-P5336 datacenter SSD goes up to 61.44TB with its 192-layer QLC (4 bits/cell) NAND. Kioxia will, we think, need to move to BiCS6 (162-layer or BiCS 8 (218-layer) NAND technology to match that capacity level.
Kioxia’s CD8P drives are now sample shipping to prospective customers.
Cobalt Iron has released fresh backup migration tech, Compass Migrator, that it says can shift your legacy IBM backups to Cobalt Iron’s SaaS backup service, with IBM’s Spectrum Protect and TSM initially supported.
There are very many backup suppliers because each one’s backup file format is proprietary, making migration to a replacement supplier impractical, and sometimes impossible. You need to restore all the legacy format backups and then back them up again using the new supplier’s software. It’s not an automated process and can take many weeks if not months to complete. Cobalt Iron’s product is offering a solution to that problem.
Cobalt Iron’s deployment coordinator, Graham McGivern, said: “As a user of this remarkable Compass Migrator tool, I am amazed by how it simplifies the management of numerous data migrations from multiple sources and targets.”
Don’t get the wrong idea though. “Multiple sources” actually means IBM currently, as CMO Andy Hurt told us: “The current Compass Migrator announcement is for the Spectrum Protect Edition and includes the full migration automation available for legacy TSM and Spectrum Protect legacy environments. Other automated Compass Migrator Editions for other legacy backup environments will be completed as needed by customer engagements.”
TSM stands for Tivoli Storage Manager. Hurt said: “Both disk and tape-based backup sources are supported. … PBs of data and thousands of tape volumes are within the current scope of Compass Migrator operations.”
The company says Compass Migrator:
Selectively identifies data to be migrated (e.g., only particular types of data, for certain systems, by date range, active data only, etc.).
Automatically migrates data from legacy backup environments into multiple storage targets (including new data centers or the cloud) in the Compass environment.
Optimizes migration processes (e.g., minimizes tape mounts, dynamically manages a migration staging area, manages throughput, allows massive parallelism for large data amounts, etc.).
Rebinds long-term retention data with appropriate retention policies.
Provides migration progress indicators, details, and migration validation analysis.
Maintains data custody-tracking throughout the entire migration process and beyond.
Provides summary and analysis reports of all migration operations as audit evidence.
Supports migration restarts in the event of failed migration jobs or scheduled maintenance activities.
Hurt said: “Migration throughput is completely throttled by available customer networking and backup resources and other customer operations. Compass Migrator can be scaled to very high throughput leveraging many legacy source backup servers and many Compass Accelerator targets.”
If Cobalt Iron can work out how to migrate Spectrum Protect and TSM backups to its SaaS vaults then so can other backup suppliers. Having it done for Spectrum Protect and Tivoli means, in principle, it could be done for Veritas, Legato and other well-used and long-lived backup software products. This opens the way to make competitive inroads into, and raids on, incumbent backup supplier’s customer bases.
Zivan Ori, founder of NVMe flash array company E8, is leaving AWS for a to-be-revealed destination. AWS bought E8 in 2019. Ori said in a LinkedIn post: “The last time I took such a decision was 9 years ago when I founded E8 Storage. Exactly 4 years ago, AWS acquired E8, where we became part of EBS. Now with the public launch of EBS io2 Block Express, AWS is offering the fastest block storage in the public cloud – our vision is complete! It is time for me now to embark on a new and equally exciting adventure. Not much I can share publicly now, but stay tuned…”
…
Cohesity is making layoffs. A company spokesperson said this is a continuation of the plans announced in June: “Cohesity is currently executing on its plan to optimize our workforce, with a twofold goal of having more flexibility to increase our investments in strategic areas of critical importance to our customers, and becoming cash flow positive in FY24. We will ensure that impacted employees receive resources and support from Cohesity, and where possible can be redeployed to open roles within the company. We will also continue to recruit globally in areas of strategic importance to Cohesity.” No specific numbers of terms of departures was mentioned.
…
Nick Pearce, co-founder and director of Object Matrix, which provides object storage for the media and entertainment market, is leaving the DataCore-acquired company. DataCore bought Object Matrix in January. His destination is as-yet unknown.
…
Singapore-based DapuStor has announced mass production of its PCIe 5.0 SSD Haishen5 product series with a Marvell Bravera SC5 controller. It has sequential read and write speeds reaching up to 14000/8000 MBps, 2.8 million random read IOPS and 600,000 random write IOPS with 55μs random read latency and 7μs random write. It supports SR-IOV and CMB (Controller Memory Buffers) and comes in E1.S, E3.S and U.2 formats.
…
Amy Fowler.
At the Flash Memory Summit today, the Futurum Group announced that the SuperWomen in Flash Leadership Award for 2023 goes to Amy Fowler, VP and GM, FlashBlade, at Pure Storage. This reflects her key role as part of the team that launched FlashBlade, which became available in 2017, achieved over $1 billion in revenues within four years of launch and is now approaching $2 billion. She has long been involved in Women@Pure, an internal organisation providing an open forum where members collaborate. Fowler also serves as the executive sponsor of Pride at Pure.
…
Lithuania-based Genomika has received over €5 million from the EU’s Pathfinder initiative for research into DNA storage. It has previously worked with Twist BioScience. Genomika says it aims to develop a DNA storage drive in 3 years.
…
Kioxia is delaying the start of 3D NAND production at its No. 2 Factory (K2) Kitakami Plant. The new plant was originally expected to start mass production this year, but due to the reduced global demand for 3D NAND Flash, it will be postponed to an as-yet undefined date.
…
Kioxia America announced the availability of the first hardware samples supporting the Linux Foundation’s vendor-neutral Software-Enabled Flash Community Project, making flash software-defined. It consists of purpose-built, media-centric flash hardware focused on hyperscale requirements with an open source API and libraries. “The Software-Enabled Flash project allows the flash industry to shed the legacy HDD device paradigm,” said Eric Ries, SVP of the Memory and Storage Strategy Division for KIOXIA America. “Flash can be customized for different storage requirements, and protocols can be changed with a simple driver change while keeping the same hardware in place.” It’s expecting to deliver customer samples this month and will be showing the concept at FMS 2023.
…
NetApp has restructured its unified partner program into PartnerSphere with a single model covering public and hybrid clouds, as well as AI and analytics. The intent is to consolidate multiple programs for different kinds of channel partners, such as Spot partners, into a single entity that includes all partner types, business models and routes to market. PartnerSphere, NetApp says, shifts from solution specializations to identify partner capabilities and competencies aligned to its key focus areas: Cloud Solutions, Hybrid Cloud and AI & Analytics.
…
Observability and security supplier Dynatrace has signed a definitive agreement to acquire Israeli startup Rookout, which supplies dynamic instrumentation for cloud-native apps so developers can find and fix bugs faster. It is used by Backblaze, NetApp and Seagate. Adding Rookout to the Dynatrace platform will provide developers with increased code-level observability into production environments. It’s a cash buy and the amount was not disclosed.
…
Weka has provided some speed numbers for its scale-out parallel filesystem:
It says it delivers exceptional performance on-premises and in the cloud across bandwidth as well as IOPS and latency, which its customers say are all important for GPU workloads.
Dr. Siva Sivaram.
…
Next-gen solid-state lithium-metal battery tech developer QuantumScape has appointed Dr. Siva Sivaram, President of Western Digital, and a veteran of the semiconductor and data storage industries, to the newly created role of President. He will oversee QuantumScape’s technology and manufacturing groups as the company ramps up its transition from R&D to production.
Profile. As the world continues to grapple with the realities of increasing data volumes and e-waste, companies like Blancco have found their niche by providing data erasure solutions. These have become critical as more devices that hold valuable data are sent for recycling rather than ending up as e-waste.
In contrast to anti-ransomware technologies that focus on maintaining immutable copies of data, Blancco’s objective is to ensure the secure deletion of data.
The company was established in 1997 in Joensuu, Finland, originally as Carelian Innovation. Early products included the Protekto anti-theft device for PCs and the Blancco Data Cleaner, a solution designed to overwrite data on disk drives. Blancco’s inception was largely driven by a data security breach in Finland in 1997, where health records of more than 3,000 patients were discovered on computers sold by a Finnish hospital. The product was officially launched in 1999.
Carelian decided to rebrand to Blancco in 2000, and subsequently focused its efforts on developing the software. This move led to the introduction of Blancco LAN Server in 2001, broadening horizons to a wide array of clientele including recycling and refurbishing centers, auction houses, leasing companies, and large corporations. By 2005, Blancco had amassed a user base surpassing 3 million.
Blancco’s software works by overwriting all sectors of a drive with random patterns of zeroes and ones, preventing any potential data leaks before devices are traded, sold, recycled, or reused. The software also allows for targeted sanitization, overwriting data in a specified file, folder, or location, while leaving non-targeted areas intact.
Blancco mobile graphic.
The company continued to evolve, aligning its tech to meet various international data erasure standards. In 2007, Blancco was added to the NATO Information Assurance Product Catalogue. This was followed by Sun Microsystems licensing Blancco’s software in 2008 to facilitate data removal for their workstations and servers. Blancco’s compliance with international regulatory standards for data erasure was a significant factor in securing the deal. To date, these standards include over 25 industry norms such as the US DoD 5220.22-M, NIST Clear and Purge, among others.
The company further expanded its portfolio by extending data erasure to other suppliers’ servers. A Data Center Edition was released in 2008 for mass storage systems from companies including EMC, HP, and Sun. Blancco also provides tamper-proof, audit-ready Certificates of Erasure that confirm the erasure process, aiding regulatory compliance and ensuring data protection. In 2012, Blancco added mobile data erasure to its repertoire with the introduction of Blancco Mobile.
The business now owns a diverse range of software that caters to mobile phones, PCs, servers, and datacenters. The software is capable of wiping data on SATA, SAS, and NVMe drives, both HDD and SSD, and can manage RAID groups and virtual machines. Some of their key offerings in the Data Center Edition include:
Blancco Drive Eraser
Blancco Removable Media Eraser
Blancco LUN Eraser
Blancco Virtual Machine Eraser
Blancco Hardware Solutions
Blancco Management Console
Globally, over 250 refurbishment centers use its technology. The company has also collaborated with eBay Korea for smartphone data removal and Samsung for SSD data deletion. Blancco maintains offices in the UK, France, Germany, North America, and the Asia Pacific region.
In April 2014, the company was acquired by UK-based firm Regenersis. The latter’s software division, which offers device diagnostics, repair, and data erasure services, was subsequently renamed to Blancco Technology Group in 2015, with Blancco becoming a subsidiary.
Today, the Blancco Technology Group is listed on the London Stock Exchange and is currently poised to be acquired by private equity biz Francisco Partners for £175 million ($221.3 million). Francisco Partners is particularly interested in Blancco due to its sustainability and e-waste reduction initiatives, aspects that are gaining prominence in the era of ESG (Environmental, Social, and Governance) considerations.
Francisco Partners is also buying observability platform New Relic for $6.5 billion.
Cloud storage provider BackBlaze has reported an increase in annual failure rates for its 8TB and 10TB disk drives.
The company currently maintains a population of 241,297 disk drives and diligently tracks their failure rates by parameters such as capacity, model type, and manufacturer. In addition to this, BackBlaze publishes quarterly and lifetime annualized failure rate (AFR) statistics each quarter.
In the second quarter of 2023, the firm reported an average AFR of 2.28 percent, a noticeable increase from 1.54 percent in Q1 2023. Upon further analysis of the AFRs by drive capacity, the company identified that the 8TB and 10TB capacities experienced particularly high quarterly AFRs, with the 10TB drives topping the list.
BackBlaze also studied the quarterly AFR trends over a three-year period for its older drives, those aged five years or more, while excluding 12TB and larger drives. The data compiled revealed the recent uplifts in the AFRs.
The company also found that the lifetime annualized failure rate for all its drives in Q2 was 1.45 percent compared to 1.40 percent in Q1. A more detailed examination of the Q1/Q2 AFR differences for drives by capacity confirmed the observed increase in failure rates for the 8TB and 10TB drives.
Backblaze blogger Andy Klein wrote: “The red line is our baseline as it is the difference from Q1 to Q2 (0.05%) of the lifetime AFR for all drives. Drives above the red line support the increase, drives below the line subtract from the increase.”
While BackBlaze has yet to pinpoint the exact cause behind the increased AFR, the age of the drives appears to be the most probable factor. The 8TB drives originate from manufacturers including Hitachi GST (11,205), Seagate (23,625), and Toshiba (61), while the 10TB models are all from Seagate (1,124). Given that the average age of these drives is over 60 months, it appears that the five-year mark may represent a threshold for an increased likelihood of failure.
Upon drive failure, data recovery operations are launched and the faulty drives are promptly replaced. As Klein wrote: “Are we worried about the increase in drive failure rates? Of course we’d like to see them lower, but the inescapable reality of the cloud storage business is that drives fail.”
The Arch Mission Foundation (AMF), a Los Angeles-based non-profit organization, has placed nickel-based Nanofiche disks on the Moon, creating an extraordinary cold analog/digital data archive library. The project aligns with their ambitious vision of maintaining a billion-year multi-planetary archive.
Update. Lunar library is a probable write off. See bootnote. 18 Sep 2023.
Founded by entrepreneurs Nova Spivak, Nick Slavin, and Matthew Hoerl, AMF aims to safeguard and disseminate human knowledge for future generations. The organization describes its mission as a contingency plan for humanity, designed to “to help humanity fulfill its purpose in the universe by preserving and transmitting our most important knowledge to the stars, via specialized archive devices called ‘Archs’ that are designed to spread and persist across vast distances of space and time.”
In 2018, AMF launched a quartz optical disk into orbit within the glove compartment of a Tesla car, a tactic that, while somewhat unconventional, was engineered with the use of 5G technology developed by researchers from the University of Southampton. As AMF explained: “The Roadster is the perfect place to put an Arch library so that it can be noticed and retrieved in the distant future.”
A year later, an Arch Lunar Library was crash landed on the Moon in the Beresheet lander. This archive, housed within a single 1mm-thick disk comparable to a standard 120mm DVD, was constructed from 25 nickel film layers, each 40 microns thick. Developed by NanoArchival, the library uses analog storage and includes a 30-million-page archive archive of human history and civilization, covering a comprehensive range of subjects, cultures, nations, languages, genres, and time periods.
Reading a nanofiche disk
Creating a nanofiche disk involves a multi-step process. First, data is etched into glass via laser at 300,000 dots per inch, then, the design is grown at an atomic scale in nickel through an electrodeposition process. The disk’s top four layers contain more than 60,000 pages viewable with a 150X to 200X magnification optical microscope, while the remaining 21 layers house 100GB of compressed digital archives, which can be decompressed to nearly 200GB. This compressed data forms the majority of the Lunar Library’s 30 million pages, with extraction specifications provided within the analog layers.
Nanofiche pages
These digital layers include more than 100GB of compressed datasets that decompress to nearly 200GB of content. This comprises the text and XML of the English Wikipedia, along with tens of thousands of PDFs of books spanning various genres and fields. Further details are currently undisclosed, and AMF has yet to explain this decision.
AMF maintains that the nickel disk is resilient to a wide range of conditions, including electromagnetic radiation, extreme temperatures, and various biological and chemical agents, ensuring its longevity for millions of years. AFM has a Billion Year Archive vision: “An ultra long-term backup strategy to preserve the knowledge and biology of our planet across multiple Arch Libraries, replicated at multiple locations, around the solar system.”
While this venture is impressive and draws parallels with the Arctic World Archive Piql disks, it is a departure from typical digital archives. Financially endowed individuals and institutions may consider backing this ambitious project. However, the needs of everyday digital archives remain more modest – storing data securely for 25 to 50 years and ensuring quick, convenient access without the need for a lunar mission or a visit to a Svalbard coal mine. Future technologies, such as those being developed by Cerabyte, may bridge the gap between extreme data longevity and everyday read/write accessibility.
Bootnote
THe crash landing on the moon’s surface wrecked the Beresheet landing craft. According to Wikipedia: “The final telemetry reading indicated that at an altitude of 150 m (490 ft) the craft was still traveling at over 500 km/h (310 mph), resulting in a total loss on impact with the lunar surface.” But the Arch Mission Foundation believes its nanofiche disk could still be partially or even fully intact, somewhere amongst the Beresheet lander wreckage.
The GoAnywhere file transfer product and unsupported versions of Cobalt Strike have been manipulated into malware delivery channels, and the supplier, Fortra, says it is actively working to counteract this issue.
GoAnywhere was compromised by attackers exploiting a zero-day vulnerability and used to transmit malware designed to locate and exfiltrate sensitive information from the IT systems of Fortra clients. Victims include Rubrik, Hitachi, Rio Tinto, Hatch Bank, Community Health Systems, and the University of Toledo Medical Center.
Cobalt Strike is a threat emulation tool provided by cyber security supplier Fortra. It serves as a decoy malware agent known as Beacon, which can reside in an IT environment for an extended period. Acquired in 2020, the tool was designed to aid customers in detecting real malware that has infiltrated their systems. Regrettably, unsupported versions of Cobalt Strike have been co-opted or cracked to distribute actual malware.
A Microsoft report explains: “Used by legitimate security professionals to simulate cyber attacks in defense testing, the tool has also become a favorite instrument of criminals who steal and manipulate older versions to launch ransomware attacks around the world. In the last two years, hackers have used cracked copies of the tool, Cobalt Strike, to try and infect roughly 1.5 million devices.”
Matthew Schoenfeld
We asked Matthew Schoenfeld, president of Fortra, to further comment on these instances of product technology misuse.
Blocks & Files: How is Fortra combating the GoAnywhere DLP malware delivery episode?
Matthew Schoenfeld: For background, here’s our official statement on what happened regarding the GoAnywhere zero-day vulnerability: On January 30, 2023, we were made aware of suspicious activity within certain instances of our GoAnywhere MFTaaS (Managed File Transfer-as-a-Service) solution. We quickly implemented a temporary service outage and commenced an investigation.
We discovered between January 28, 2023, and January 30, 2023, an unauthorized party used a previously unknown, zero-day remote code execution (RCE) vulnerability to access certain GoAnywhere customers’ systems. This vulnerability was assigned CVE-2023-0669.
Our initial investigation revealed the unauthorized party used CVE-2023-0669 to create unauthorized user accounts in some MFTaaS customer environments. For a subset of these customers, the unauthorized party leveraged these user accounts to download files from their hosted MFTaaS environments. We prioritized communication with each of these customers to share as much relevant information as available to their specific instance of the GoAnywhere platform.
During the investigation, we discovered the unauthorized party used CVE-2023-0669 to install up to two additional tools – “Netcat” and “Errors.jsp” – in some MFTaaS customer environments between January 28, 2023, and January 31, 2023. The threat actor was not able to install both tools in every customer environment, and neither tool was consistently installed in every environment.
When we identified the tools used in the attack, we communicated directly with each customer if either of these tools were discovered in their environment. We reprovisioned a clean and secure MFTaaS environment and worked with each MFTaaS customer to implement mitigation measures. While we continue to monitor our hosted environment, there is no evidence of unauthorized access to customer environments that have been mitigated and reprovisioned by our team.
Blocks & Files: Isn’t this recent Cobalt Strike Microsoft effort a ‘closing a stable door after the horses have bolted’ initiative – because cracked copies of Cobalt Strike were also used to deliver malware?
Matthew Schoenfeld: Regarding our collaboration with Microsoft and Health-ISAC, Fortra had taken many steps to strengthen the overall security of Cobalt Strike prior to this action. These include:
Strict vetting processes for Cobalt Strike customers – they are required to comply with usage restrictions and export controls;
Issuing hundreds of DMCA (Digital Millennium Copyright Act) notices to web properties serving up unauthorized versions of the Cobalt Strike software;
As criminals adapted their techniques, we adapted the security controls in Cobalt Strike to eliminate the methods used to crack older versions;
Cooperation with many external partners, including the FBI Cyber Division, National Cyber Investigative Joint Task Force (NCIJTF).
These steps continue and we remain relentless in our efforts to improve the security of the ecosystem.
Blocks & Files: With two of its products having been penetrated by malware, what is Fortra’s strategy to prevent future attacks?
Matthew Schoenfeld: For background, Cobalt Strike has not been penetrated by malware. The recent action is helping disrupt cracked, legacy copies of Cobalt Strike which have been used to distribute malware. Our ongoing strategy to prevent further misuse of Cobalt Strike is detailed in our response above.
Additionally, Microsoft recently published this update which provides further information on the collaboration and its results.
Comment
For a cyber security company, the misuse of its ethically developed threat emulation testing software to distribute real malware is undoubtedly a grave concern. Just like any other software, there can be trial versions, and there might be customers whose support periods for the licensed versions have expired, making them susceptible to malware manipulation of the software. The situation with Cobalt Strike underscores the need for stringent distribution and management of such software. It is essential that every copy is known, continuously monitored, authenticated at each runtime, and removed when its usage ceases or support expires.
Such software should be treated with the same caution as biohazardous material – a precaution that was, in hindsight, not adequately implemented, leading to the ongoing cleanup operation by Fortra and Microsoft.
Microsoft’s involvement stems from its discovery of public-facing Cobalt Strike command-and-control servers on its Azure public cloud. Microsoft convinced Fortra to join forces in combating the threat, and together they have identified and analyzed around 50,000 unique instances of cracked Cobalt Strike, underlining the severity of the problem.
Both Microsoft and Fortra are targeting organizations and sites that are using unauthorized versions of Cobalt Strike. As per Microsoft’s report, they “are now armed with a court order authorizing them to seize and block infrastructure linked to cracked versions of the software.”
“The order also allows Microsoft to disrupt infrastructure associated with abuse of its software code, which criminals have used to disable antivirus systems in some of the attacks. Since the order was executed in April, the number of infected IP addresses has since plummeted.”
The GoAnywhere breach relied on an unknown vulnerability in its code. Unknown vulnerabilities will always pose a risk, but enhanced monitoring and validation of file transfer destinations, as well as more robust file control software, could have possibly prevented this data theft.
Ransomware detection, prevention, and recovery systems, in and of themselves, are often defenseless against data theft malware. The same applies to many data loss prevention software options, as illustrated by Code42 CEO Joe Payne. When customers utilize third-party file transfer services, they become vulnerable to malware delivery and data theft if these services are compromised by malware, as has been the case.
Bootnote
Fortra’s full GoAnywhere breach statement can be viewed here.
The board of WANdisco has approached its former CEO and CFO requesting repayment of performance bonuses.
A WANdisco spokesperson told B&F: “In line with shareholder sentiment, and as simply the right thing to do, the Board of WANdisco confirms that it has written to former executives of the Company requesting that bonuses paid for FY 2022 are returned. It is clear that the bonuses paid are significantly at odds with the realities the Company has faced.”
The replication biz, according to filings, discovered in early 2023 that an as-yet-unnamed single senior sales rep had grossly inflated their 2022 sales, leading the company to erroneously report sales of $24 million instead of the actual $9.7 million. Sales bookings of $127 million turned out to be $11.4 million. WANdisco then paid its CEO and CFO bonus awards based on these inaccuraries. It also expanded operations to handle the purported increased business volume. However, reality struck when auditors were unable to reconcile the reported customer orders with the real ones.
Dave Richards
CEO Dave Richards and CFO Erik Miller subsequently resigned. WANdisco was suspended from the stock market and interim executive roles were filled. The company also commenced a forensic accounting investigation and laid off some staff.
Last month WANdisco managed to secure fresh capital from shareholders just before its cash reserves depleted. The company has since been reinstated to the stock market under a new, permanent leadership team.
The 2022 annual report revealed that Richards and Miller had received bonuses of $588,000 and $244,000 respectively, on top of their salaries of $514,000 and $269,000. The report indicated that these bonuses were awarded “based on the achievement of corporate financial performance measures, including revenue and overheads targets.”
VAST Data is announcing new AI database software as part of its upcoming mega data platform, revealing how data storage and the database itself have been converged into a single platform.
Its data platform suite, which has been compared to the concepts of former supercomputing outfit Thinking Machines, is based on its NAS DataStore, VastOS storage software and single-tier QLC flash certified hardware base with data catalog software.
The platform will ultimately be composed of its existing hardware, OS and Data Catalog. VAST is currently adding the DataBase part and developing the DataEngine part – the eventual compute layer. The “storage-database hybrid” platform will only be complete when the DataEngine software component arrives next year.
Renen Hallak
Renen Hallak, VAST CEO and co-founder, said: “We’ve been working toward this moment since our first days, and we’re incredibly excited to unveil the world’s first data platform built from the ground up for the next generation of AI-driven discovery.”
The VAST DataBase is a combined transactional and analytical database with a scalable and ACID-transactional distributed design, with an exabyte-scale columnar data structure optimized for flash. VAST says it is architected for rapid data capture and aggregates the features of a standard database, data warehouse and data lake.
The company is developing VAST DataEngine by adding application triggers and Python-based functions natively into the VAST Data Platform. The intent is to make it a global function execution engine.
This DataEngine will operate on the VAST DataStore with real-time streams of rich content, IOT data, and text. The software will make decisions by correlating all of a VAST storage fleet’s metadata, accessing at all the fleet’s global locations and including archive data.
VAST claims a global federation of machines will compute on a global collection of data to discover the greatest insights with the greatest infrastructure efficiency. There will be a global namespace, a DataSpace, “that permits every location to store, retrieve and process data from any location with high performance.”
That is, the distributed VAST DataStore fleet will compute, rather than a single datacenter.
That includes the public cloud as the VAST OS is now available in AWS, Azure and the Google Cloud.
The DataEngine software operates within the DataSpace to create a mesh of computational resources (CPUs, GPUs and DPUs) that can move the data to compute (when compute has greater gravity) or compute to data (when data has more gravity).
As our sister publication The Next Platform notes, AI workloads need enormous amounts of data to build models, an enormous amount of compute to run inference on new data as it enters the model, plus a lot of performance grunt. As “all of this puts tremendous pressure on the storage system to deliver information.” Vast Data says its Universal Storage, a disaggregated shared nothing implementation of NFS that has a very fine-grained quasi-object store underneath it, can handle this.
VAST says its DataStore will understand natural data by embedding a queryable semantic layer into the data itself. It will continuously and recursively compute on data in real-time, evolving with each interaction.
Hallak said: “Encapsulating the ability to create and catalog understanding from natural data on a global scale, we’re consolidating entire IT infrastructure categories to deliver a recursively computing thinking machine to drive new discoveries that were previously unthinkable. With the VAST Data Platform, we are democratizing the data infrastructure of artificial intelligence to reimagine a world that discovers at an ever-accelerating pace.”
Hallak believes a future AI system might go further in synthesizing and learning from data than today’s large language models. This will need a platform that can ingest “the entire data spectrum of natural data – unstructured and structured data types in the form of video, imagery, free text, instrument data” which will be generated from all over the world and processed using real-time inference and constant, recursive AI model training.” This is where functions and the application triggers come in, as the VAST system generates new data which is used to trigger fresh processing routines.
The company’s’ DataBase product is available now, with some customers already using it in production. The DataEngine will become available in the early part of 2024.
Commvault’s quarterly revenues have consistently been around $200 million for the past seven quarters as subscription and Software as a Service (SaaS) revenues begin to overtake traditional license sales.
The company, known for providing on-premises data protection software with robust security features, along with the Metallic SaaS data protection service, reported revenues of $198.2 million in its first quarter of fiscal 2024, ending on June 30. This represents a modest increase of $150,000 from the previous year. Profits have surged to $12.6 million, marking a substantial 259 percent increase from the Q1 $3.5 million profit of the previous year.
CEO and president Sanjay Mirchandani said: “We’re off to a solid start to our fiscal year, highlighted by accelerated subscription revenue momentum and continued operating discipline.”
Mirchandani highlighted three subscription-related numbers. Total annual recurring revenue (ARR) rose 15 percent year-over-year to $686 million. Subscription ARR expanded 32 percent to $500 million, and Metallic increased its ARR 72 percent year-over-year to $113 million. Currently, Metallic has nearly 4,000 customers, up from over 3,000 just two quarters ago. Based on this growth, I reckon Metallic could reach a $500 million run rate within the next couple of quarters.
Commvault used to publish metrics such as the number of large deals in a quarter, its services revenue, and software and product revenue. However, recent reports have shifted focus towards ARR, subscription ARR, subscription customers and revenue, and SaaS revenue.
All of these subscription-related metrics are growing:
ARR: $686,000,000, up 15 percent Y/Y
Subscription ARR: $500 million, up 13 percent
Subscription customers: 7,800, up 39.3 percent
Subscription revenue: $95 million, up 11 percent
SaaS: $113 million and growing 72 percent
Metallic continues to present opportunities for customer acquisition and cross-selling for Commvault, with 60 percent of Metallic customers being new to Commvault and showcasing a 118 percent net dollar retention rate. Wells Fargo analyst Aaron Rakers told subscribers: “40 percent of customers have Metallic plus CommVault core solutions.”
A mere 25 percent of Metallic customers are enterprise customers, typically those with over 1,000 employees, which indicates that Metallic is helping to broaden the customer base.
Projections for the next quarter anticipate revenues between $193 million and $197 million, representing a midpoint of $195 million and a modest 3.7 percent increase from the previous year. This moderate growth is attributed to the ongoing transition to subscription models and SaaS client acquisition.
Full fiscal 2024 revenues are projected to be approximately $820 million, reflecting a 4.5 percent increase from fiscal 2023.
Mirchandani finished up his prepared remarks by pointing out: ”In the Fall, we will be announcing some exciting capabilities and offerings that will further empower customers and redefine the industry.” That’s not long to wait.
High-end array supplier Infinidat says bookings bounced 29 percent year-over-year during the first six months of 2023.
The company sells InfiniBox storage arrays with a memory-caching capability that it says produces faster storage IO both with disk-based and all-flash systems. It also sells cyber-resilience capabilities in the form of InfiniGuard arrays and its InfiniSafe software, claiming the software and its InfiniSafe Cyber Detection product can offer close to immediate recovery. It also has a hybrid cloud play as its InfuzeOS has been ported to AWS.
Phil Bullinger
CEO Phil Bullinger said: “Infinidat experienced strong demand for our enterprise solutions in 1H 2023 and extended the trajectory of profitable growth we accomplished in 2021 and 2022.”
Although the privately owned company is talking about bookings rather than revenues, which will come later, this is still a notable feat.
Many suppliers have been hit by recessionary forces such as post-Covid supply chain issues, the Ukraine-Russia war, and a weakened general economy. It hasn’t affected everybody though.
IBM said storage hardware sales were a bright spot in its most recent results, and VAST Data claims sales are taking off too.
Infinidat reckons its growth is due to array features, support and price/performance. It cites an Infinidat commissioned IDC Business Value White Paper, which calculates the InfiniBox portfolio provides an 11-month payback period.
The cyber-resiliency features match a need in the market. According to the June 2023 Fortune 500 CEO survey, cybersecurity was the number two concern of CEOs behind recession concerns.
CMO Eric Herzog told us: ”Cyber is becoming a concern of all the companies these days – both customers and prospects. Channel partners are also telling us customers want to understand the vendor’s cyber story. It is clearly helping us both with the customers and the partners.”
The Fortune 500 survey also found that many of the CEOs said their businesses were already using generative AI, with 75 percent expecting that AI will enable them to need fewer workers in five years’ time. There’s an opportunity here for Infinidat to store data and feed it to AI training and inference processes, as well as using machine learning in its NeuralCache and also AIOps to make its array operation more efficient.
Western Digital experienced another quarter of depressed revenues but saw signs of an uplift in its client and consumer businesses.
The company has two divisions: hard disk drives and SSDs built with NAND from its joint-venture fab operated with Kioxia, with whom merger discussions are ongoing. WD generated revenues of $2.68 billion in its fourth quarter of fiscal 2023, ended June 30, a 41 percent year-on-year decline. It reported a net loss of $715 million, compared to net income of $301 million.
CEO David Goekeler said on the earnings call: “Western Digital’s fiscal fourth quarter revenue exceeded expectations as our access to broad go-to-market channels, enviable retail franchise and strong client SSD portfolio enabled us to capture demand upsides in both client and consumer end-markets, reaffirming our strength in a challenging market environment.”
The flash/SSD business unit reported $1.38 billion in revenues, down 42.6 percent Y/Y but a 5.4 percent Q/Q increase, indicating a possible flash turnaround. HDD revenues were down 39 percent Y/Y and 13.4 percent Q/Q at $1.3 billion. HDD units dropped 28.5 percent Y/Y to 11.8 million. The cloud sector bought 5.8 million units, down 37.6 percent Y/Y, client buyers bought 3.3 million, 15.4 percent lower Y/Y, and the consumer market purchased 2.7 million drives, an 18.2 percent Y/Y decrease. HDD capacity ships went down 18 percent Q/Q as well, with customers buying fewer high-capacity nearline drives.
WD said its 26TB SMR disk drives are shipping in high volume and it is about to begin sampling a new and as yet unannounced 28TB SMR drive. This suggests a 24TB conventional non-SMR drive might be coming, with 2TB higher capacity than its current 22TB drives. Goekeler said 30TB and 30TB+ SMR drives were also on the way, all using WD’s ePMR, OptiNAND and Ultra SMR technologies.
He added: “Going forward … several of the major cloud providers are standardizing on an SMR deployment, UltraSMR for us, and we expect have a significant ramp of that technology over the next several quarters.”
Financial summary
Gross margin: 3.4 percent vs 31.9 percent a year ago
Operating cash flow: -$68 million vs last year’s $295 million
Free cash flow: $-219 million vs last year’s -$97 million
Cash and cash equivalents: $2 billion
Diluted EPS: -$1.98 vs $1.78 a year ago
WD has three main market sectors: cloud, client and consumer. Cloud revenues of $994 million were down 53 percent Y/Y due to declines in both SSDs and HDDs. Nearline drive shipments declined Q/Q as well. Reported client revenues were $1.04 billion, a 36.8 percent annual decrease but a 6.2 percent Q/Q increase as game buyers bought more capacity, while the $643 million in consumer revenues were down 18.9 percent Y/Y. Consumer revenues increased ever so slightly Q/Q; 3.2 percent due to higher SSD sales.
This was the first time in nine quarters that cloud revenues have dropped below client revenues, as a chart indicates:
We also see the slight upturns in client and consumer revenues after several quarters of decline. There have been previous Q/Q upturns in the consumer business which were not sustained so lets not pin too much hope on that; the trend is still downwards. The client upturn, the first after seven successive down quarters, is perhaps more significant.
Goekeler put a positive spin on the flash side of things: “We are encouraged by several indicators signaling improving flash market dynamics. Our two largest end markets, client and consumer, are returning to growth, inventories are normalizing, content per unit is increasing and price declines have been moderating. Western Digital is well-positioned to capitalize on improving market conditions and capture long-term growth opportunities in data storage, spanning from client to edge to cloud.”
Client HDD ships also increased sequentially.
WD is a leaner business than it has been, with inventory lowered by $300 million Q/Q, cash capital expenditure run rate reduced by over 50 percent in the past two quarters, and a consolidated HDD manufacturing footprint.
Nothing was announced about the ongoing merger talks between Kioxia and WD, which form part of WD’s strategic business review. This review is being driven by activist investor Elliott Management which reckons that WD’s flash business is under-valued and dragging WD’s total stock market valuation down. Separating it off, and merging it with JV partner Kioxia, would make its value more visible in stock market terms, meaning a higher share price.
HDD competitor Seagate reported revenues of $1.6 billion in its latest quarter, also down 39 percent Y/Y but a larger sum than WD’s $1.3 billion for its HDD business. Goekeler said WD would move towards a HDD build-to-order manufacturing process from its current build-to-forecast process. Seagate has already said it’s making this change.
Full fiscal 2023 revenues were $12.3 billion, down 34 percent on the previous financial year, with a loss of $1.7 billion versus profit of $1.5 billion. What a difference those twelve months made.
A question on the earnings call was asked about Pure’s notion that SSDs will kill HDDs. Goekeler said: “HDD is the predominant storage mechanism in the data center. We don’t expect that to change. Our customers don’t expect that to change. .. And we expect robust growth of HDD storage in the data center going forward. We also expect growth of enterprise SSD storage in the data center going forward. It’s probably growing a little bit faster than HDD, but not in a way where you’re looking at one is a substitute for the other. They’re highly complementary technologies, and we expect that to be the case for any useful planning horizon in the future.”
WD said it foresees significant and persisting cost differences between HDDs and SSDs in the next decade.
Goekeler said he expects there to be “improving demand and new product ramps to drive growth in revenue and profitability” in the HDD business after the next quarter, with the flash business improving as well. There should be “sequential exabyte growth in capacity enterprise HDD throughout the fiscal year, but it’s going to be towards the end of the year, end of the first quarter, where we start to get line of sight to all of the customers coming back.”
It seems that WD thinks the next quarter will reach the bottom of its revenue trough. Expected revenues for this next quarter are $2.65 billion +/- $0.1 billion, which would be a 29 percent Y/Y decrease; the sixth successive quarter of revenue decline. The bright lights at the end of the depressed revenue tunnel could be shining in the quarter after that. And generative AI could help, with Goekeler saying: ”it’s a catalyst for a profound increase in the rate of data creation.”
Bootnote
WD’s President of Technology and Strategy, Siva Sivaram is leaving the company to become President at QuantaScape, a lithium battery startup.
