Executives and office life at Qumulo in Seattle, WA July 20, 2018. Photo by Andy Rogers Images
Qumulo says its sales have not been impacted by Pure Storage and VAST Data and are still growing.
The company, founded by ex-Isilon people in 2012, builds Core software – scale-out parallel filesystem storage – running on Qumulo and third-party hardware and in the AS, Azure and GCP clouds. It has raised $351 million with the last round bringing in $125 million in 2020.
Ryan Farris, Qumulo’s VP for product, speaking at an IT Press Tour briefing, was asked about any Pure and VAST sales influence on Qumulo and said: “We have not been impacted by that at all.” What about WEKA? “We hardly ever lose to WEKA. They target different workloads and do something specific.”
Hasn’t the VAST HPE deal affected Qumulo? Farris said: “The VAST HPE partnership is part of the natural order of things. Our partnership with HPE is still strong. I would only see it getting stronger.”
It seeems to us that the file and object storage market must be growing so fast that suppliers like Pure Storage, Qumulo, VAST Data and WEKA can all grow at a good clip without eating into each other’s customer bases.
We asked about profitability and Farris said: “We want to be cash flow positive by Q4 FY2024.” The biz has plenty of financial runway and doesn’t need to raise any more cash. Its sales are increasing, with Farris mentioning that a prominent rocket business is a customer.
He said: “Medical imagery is our fastest-growing vertical.” In the PACS (Picture Archiving and Communication System) market, file is primary storage, often with an S3 cloud backend for long-term storage. In Farris’s view, pure-play object storage for PACS is giving way to a file-object bridge like Qumulo.
He said that Philips’s PACS system runs very well on Qumulo, helped by an SMB multi-channel feature giving it a performance boost.
We were told that Qumulo’s S3 code its own software, developed to replace a prior MinIO gateway.
The product roadmap could, we understand, include a global namespace and the ability to provide file access at edge sites. Farris said: “The edge is a pretty big opportunity for us,” and discussed edge caches without copying all of a file to the edge site.
We think this means that Qumulo could move into the remote/edge site file access market currently dominated by suppliers such as CTERA, Nasuni and Panzura with their cloud-centered file systems based on underlying object storage. We understand that data movement could become easier and that there could be a Scale Anywhere launch by the end of the year providing such functionality.
Another roadmap item concerns more multi-tenancy features being built on VLAN separation – again by the end of the year.
One more development direction is the Nexus Qumulo.com idea to have one pane of management glass across a Qumulo cluster. This could arrive in the second half of the year.
Farris said an average Qumulo customer has more than 1PB of Qumulo storage. He also said Qumulo’s conversations with enterprise customers are around scale and cloud – not AI. We dare say Qumulo will move into supplying AI-type NAS in the next couple of years, and its customers will take it there.
Qumulo says it has excellent performance and pricing in the cloud. Right now it is focussed on serving files to virtual machines – but there is no reason it couldn’t do containers as well.
Phison is a big player in SSDs that, despite its bulky size, relatively few people in Europe know about. The company makes complete SSDs as well as a range of components including retimers, controllers and firmware. It’s an original design partner for the main NAND foundry suppliers – Kioxia/WD, Micron, Samsung, SK hynix/Solidigm, YMTC, and Kingston – and wants to enter the hyperscaler/large enterprise market for customized SSDs .
Michael Wu
Michael Wu, president of Phison USA, said Phison buys 16 exabytes of raw NAND a year, purchasing at wafer level, and has its SSD controllers manufactured by TSMC. “We always put someone else’s name on it,” he said.
The NAND foundry suppliers make more NAND than they themselves can use and Phison mops up the excess to build white-label SSDs. It can’t brand its own SSDs because that would compete with its customers.
The Taiwanese biz has 4,000 employees, the majority being engineers, and turned over $2 billion in revenues in 2022, shipping 600 million controllers. It designs, makes and sells drives and components for PC OEMs, gaming consoles, and the automotive, datacenter and industrial embedded markets. One out of every four SSDs shipped with Phison inside in 2022, we’re told.
Wu told B&F, attending an IT Press Tour, that Phison controllers are based on ASICs, FPGAs being too large and power-hungry. Phison controllers have a large number of small cores, each dedicated to specific jobs and sipping power, while competing controller designs have fewer and larger cores that timeshare jobs and suck up more electricity, he claimed.
CTO Sebastien Jean added: “The X1 controller usse 2 x Arm R5 CPUs and 32 other embedded CPUs; Andes co-processors, to split up the tasks.” Phison’s X1 controller runs cooler and faster with fewer delays as a result, he said.
Seagate is a long-term Phison buyer and partner for its SSDs, starting in 2017 when the company released the Nytro 141 SSD. It incorporated Phison for its NVMe SSD, using Phison’s Imagin+ design lab platform. Nytro and IronWolf Pro are some of Seagate’s brands based on Phison technology. The Seagate Nytro 5000 series uses SK hynix TLC 128-layer NAND and Phison’s PS5020-X1 drive under the Nytro label.
Phison firmware generations
Micron’s Crucial T700 PCIe gen 5 SSD actually has Phison inside as is its 1TB 2280 M.2 SSD. Marvell is a Phison competitor in the controller market, but it does not make complete SSDs.
As Phison is a design partner for the big SSD suppliers, it is among the first to get involved with new SSD technologies such as the latest layer count 3D NAND, QLC-format cells and PCIe interface generations.
Wu said: “We are the early NAND enabler.”
It is sometimes the first to market and shipped the world’s first PCIe gen 4 in 2019. The following year it shipped the highest capacity M.2 drive, the first PCIe gen 4 QLC drive and the highest capacity 2.5-inch SSD. The fastest PCIe gen 4 drive in 2021 was a Phison product. It released and shipped its E26 PCIe gen 5 client SSD this year.
“Phison product is in the early SSD swim lane going forward,” said Wu.
A PCIe gen 6 drive could be available in about two years: the company is talking to AMD, Intel and Ampere about a CXL SSD. It could have both CXL and NVMe accessibility and could avoid the overhead of having an on-drive file system.
Wu and Jean reckon large enterprise customers that want SSDs optimized to their own specifications should consider going down the Phison route. “We are talking to some of them,” Jean told us.
Aporia is using Databricks‘ Lakehouse Platform, AI capabilities, and MLflow offerings to provide ML observability to customers. Databricks customers can monitor their ML models in production without duplicating any data from their Lakehouse or any other data source. Aporia’s deployment on Databricks enables monitoring billions of predictions without data sampling, production code changes, or hidden storage costs.
Nearly two in three Americans (65 percent) who have backed up all the data on their computer use a cloud-based system as their primary backup method.
Those who use a cloud backup service are more likely to say they had to recover, access, or restore lost data from their computer in the past month than those who use a cloud drive service, cloud sync service, or external hard drive (18 percent vs 9 percent and 7 percent each).
…
Commvault is running an aggressive marketing campaign calling out other vendors for allegedly mis-representing their capabilities. It’s promoting an eBook entitled “5 Questions Most Data Protection Providers Won’t Answer.” The other data protection vendors mentioned in its eBook include Cohesity, Dell, Rubrik, Veeam, and Veritas. Get the eBook here.
…
Ranga Rajagopalan
Ranga Rajagopalan is joining Druva as its CMO, moving from his role of SVP products at Commvault. He said in a LinkedIn posting: “The world of data protection has become unnecessarily noisy – with claims, hypes, lies, lie detectors and whatnot. I am looking forward to helping customers cut through all this noise and simplify their data protection with Druva.” Druva is hiring, including in marketing.
…
A GigaOm Sonar Report says vendors with a data storage security posture (DSSP) are aware of the systemic challenges of securing data and understand that there is no single, universally correct way to secure and protect data and provide layered options. All the reports were written by Justin Warren.
…
HPE is previewing a new sustainability dashboard on the HPE GreenLake platform and a portfolio of sustainability services which span technology, services, financing, and asset upcycling programs. The dashboard will use analytics from the HPE portfolio across compute, storage, and networking to improve overall sustainability performance. New technology from OpsRamp, which HPE acquired in May 2023, will provide additional sustainable IT capabilities to the dashboard by delivering a unified approach to manage multi-vendor infrastructure and application resources in hybrid and multi-cloud IT environments.
…
John Blumenthal, VP Data Services, has resigned from Tom Black’s storage operation at HPE, departing for a startup.
John Blumenthal
…
IBM has released its Storage Defender to manage data resiliency for mission-critical enterprise applications across the entire data lifecycle. It is IBM’s first storage offering to bring together multiple IBM and third-party products that unify primary, secondary replication, and backup management. Storage Defender uses AI and event monitoring across multiple storage platforms through a single pane of glass to help protect organizations’ data layer from ransomware, human error, sabotage, and other risks. Storage Defender software capabilities cover inventory, threat detection, data protection, Safeguarded Copy and recovery orchestration, and are available to clients with consumption-based credit licensing.
…
IBM’s Spectrum Virtualize has become Storage Virtualize and v8.6.0 was made available for download on FixCentral. It adds:
Inline Data Corruption Detection – by calculating the Shannan Entropy of data streams, IBM can look for early warnings that data streams maybe under attack.
SVC support for Safeguarded Copy on Stretched Cluster configurations. Not only can IBM now support SGC when using VDM, but there’s also been a 10x increase in the capacity that can be managed in an ESC (Enhanced Stretched Cluster).
Multi-threaded iSCSI Kernel Module(s). The single kernel module driving all iSCSI connections/ports has been a bottleneck to unleashing iSCSI performance. Some huge increases are now available, proportional to the number of cores in the box.
NVMe-TCP Support. Adding to existing iSCSI, iSER, RoCEv2 and iWarp support, IBM can now run any or all of these protocols including NVMe-TCP on one or more Ethernet ports. Almost all of the Ethernet card slot restrictions have been removed so users can oversubscribe the 100Gb ports.
…
Decentralized cloud storage supplier startup Impossible Cloud has launched a Partner Program. It also announced a number of backup providers as alliance partners. These include Comet Backup, an inaugural partner, as well as Acronis. Clients will now be able to use these companies’ backup software in conjunction with Impossible Cloud’s S3-compatible storage to safeguard data.
…
There is a constant drip of reports saying Kioxia and Western Digital merger talks are onging.
…
SK hynix has started mass production of its 238-layer 4D NAND Flash memory and product compatibility tests with a global smartphone manufacturer are under way.
…
Synology has announced new products. The four-bay DiskStation, DS423, is a new Value Series NAS, while the new HAT3300 Plus Series drives are designed for Synology systems to ensure consistent performance in multi-user environments. Finally, the BeeDrive will be coming soon, a personal backup hub for easy data protection. Disk Station Manager DSM 7.2 software is available in the download center for manual updates. The most substantial changes are probably full volume encryption and immutable snapshots. More info on the DSM 7.2 product page.
…
Sternum has identified a security vulnerability (CVE-2023-27988) that affects owners of Zyxel Networks’ Linux-operated NAS storage devices running the latest firmware (version 5.21). A patch has been issued by Zyxel and is available here.
…
China’s TerraMaster released a new model of its U8-450 eight-bay short depth rackmount NAS, it comes with high-speed dual SFP+ 10GbE ports and dual RJ45 2.5GbE ports providing up to 20Gbps transmission bandwidth through Link Aggregation. U8-450 supports up to 176TB, and has a 2U rackmount case with a depth of 384mm (15.1 inches) weighing 6.9kgs. The U8-450 has been specifically developed for users who require high-speed storage which can meet the stringent demands of 4K video editing, virtualization, databases, and other applications with high storage performance requirements. The space-efficient short depth design makes it easy to install in small media cabinets.
…
Kyodo News reportsToshiba has recommended that shareholders accept the buyout offer from Japan Industrial Partners. Toshiba makes, among many other things, hard disk drives, and owns 40 percent of NAND and SSD supplier Kioxia. The price offered by the consortium – which includes Tokyo-based JIP, Orix Corp. and Rohm Co – is only a 1.8 percent premium to the company’s closing stock price on June 8 on the Tokyo stock market of ¥4,540.
…
The Transaction Processing Performance Council (TPC) is putting out a call for papers for its 15th annual Technology Conference on Performance Evaluation and Benchmarking (TPCTC 2023). The conference will be colocated with the 49th International Conference on Very Large Data Bases (VLDB 2023) in Vancouver BC on August 28. The deadline for abstract submissions is Wednesday, June 14. Researchers and industry experts are encouraged to submit ideas and methodologies in performance evaluation, measurement and characterization.
…
Research house TrendForce reports that the global top 10 semiconductor foundries witnessed a significant 18.6 percent QoQ decline in revenue during the first quarter of 2023. This decline – amounting to approximately $27.3 billion – can be attributed mostly to sustained weak end-market demand. The rankings also underwent notable changes, with GlobalFoundries surpassing UMC to secure the third position, and Tower Semiconductor surpassing PSMC and VIS to claim the seventh spot.
…
TrendForce says the DRAM industry witnessed a 21.2 percent QoQ decline in Q1 revenues, bringing total revenue down to $9.663 billion. This significant dip represents the third consecutive quarter where revenues have fallen. Only Micron saw increased shipment volumes.
…
TrendForce reveals that purchasing momentum in the NAND flash market decelerated during caledar Q1. Despite suppliers aggressively slashing prices to stimulate demand, the bit shipment volume of NAND Flash saw only a marginal growth of 2.1 percent over the quarter. Coupled with a 15 percent drop in ASPs, the NAND flash industry registered a QoQ revenue decrease of 16.1 percent, amounting to about $8.63 billion.
…
DNA storage technology supplier Twist BioScience has laid off employees. It reported financial results for the second quarter of fiscal 2023 ended March 31, and announced actions aimed at accelerating its path to profitability, while simultaneously extending the company’s runway. It is resizing many teams throughout the organization and reducing its workforce by approximately 270 employees, or 25 percent. The biopharma team has been resized to focus on revenue-generating partnerships and Twist says it will moderate its investment in DNA data storage.
….
Western Digital has laid off 7 percent of its Israeli workforce, 60 jobs, according to Calcalist. This is the company’s second round of layoffs in the country over the past six months. It has flash R&D operations in Israel dating from its SanDisk acquisition.
….
Western Digital has announced new corporate sustainability targets that focus on powering its operations with 100 percent renewable energy, achieving net zero Scope 1 and Scope 2 emissions across its operations and water and waste reduction targets. Specific commitments include:
Running its global operations on 100 percent renewable energyby 2030
Achievingnet zero emissions in the company’s operations (Scope 1 and 2 emissions) by 2032
Reducing water withdrawals by 20 percentby 2030
Diverting more than 95 percent of its operational waste from landfillsby 2030
Having gained shareholder approval at a general meeting, scandal-struck WANdisco will raise up to $30 million and try to reshape the company, including potentially changing its brand name.
New management needs to get the WANdisco recapitalized and the shares relisted to try and save the company. The June 6 Special General Meeting (SGM) of shareholders vote was a major step forwards.
It was preceded by WANdisco’s management completing more than 45 meetings covering a large majority of the shareholder base. Having sensed the temperature and told shareholders about the tenor of its plans, the SGM resulted in 97.7 percent of votes cast being in favor of management’s ideas to rescue the company with a large infusion of fresh cash raised by issuing new shares and a turnaround plan.
WANdisco is hoping to publish audited accounts for 2022 on or around June 30 and complete its $30 million fundraising quickly. It will then seek relisting on the AIM stock market, which should reassure partners, customers, and employees that it has a future. The turnaround plan will add detail to that and a planned investor roadshow will outline its main elements. These include:
Target market size
Technology and product differentiation
Go-to-market strategy and structure
Selling methodology and sales governance processes
Disclosure improvements
Organisational structure
Corporate governance
Board’s future ambitions for the company
The WANdisco brand change is to be proposed at the planned 2023 AGM. Information about the potential name change and AGM date will be provided in the relatively near future.
The board says the sales reporting deception involved false purchase orders from eight companies. It believes there are no recent contracts, revenues, proofs of concept, technical engagements or sales relationships between any of these eight companies and WANdisco. It continues to liaise and cooperate with the authorities in relation to this potential fraud.
In addition to WANdisco’s own investigation, the UK’s Financial Conduct Authority is also inspecting statements made by the company.
Nutanix has sold its Frame Desktop-as-a-Service (DaaS) business to Dizzion. DaaS provides virtual PC desktops across an internet link without users having to manage their own virtual desktop infrastructure (VDI).
Dizzion CEO Steve Prather burbled: “We are thrilled to unite the Frame and Dizzion families and to continue to work closely with Nutanix, increasing our leadership position in the End User Computing (EUC) market. Together, Dizzion and Frame deliver the most comprehensive DaaS offering available globally, from vendor-assembled to vendor-managed services that support the overall market and customer trends to Managed DaaS.”
Nutanix bought Frame in August 2018 and then developed the Xi Frame desktop-as-a-service offering. Xi Frame, supported on AHV, was available in the Nutanix private cloud, and runs on AWS, Azure and GCP public clouds with access through any browser and device.
Tarkan Maner
Tarkan Maner, Nutanix Chief Commercial Officer, said: “We look forward to collaborating with Dizzion to provide a complete DaaS solution including our Nutanix Cloud Platform to our joint customers.”
Dizzion, founded in 2011 and backed by the LLR Partners private equity house, provides Desktop-as-a-Service to remote workers around the globe. It claims that with Frame it has become the largest standalone DaaS provider, deployable from over 300 global datacenters across the major Public Cloud providers, as well as on customer premises tech.
Having bought Frame in 2018, Nutanix partnered with Citrix three years later to have Citrix VDI running on top of Nutanix HCI in hybrid and multiple public clouds. Frame was not enough, it seems. That move raised doubts about Nutanix’s commitment to Frame, doubts now shown to be real.
Back then Maner said: “Together, Nutanix and Citrix can deliver remote work solutions which can be deployed across private and public clouds … to empower workers, wherever they happen to be.”
The Frame business unit sale price has not been revealed.
Seagate CFO Gianluca Romano openly talked about the company’s HAMR disk drive capacity point schedule at a Bank of America 2023 Global Technology conference.
He revealed actual capacity points, timing and other aspects in details we haven’t encountered until now. HAMR (Heat-Assisted Magnetic Recording) is Seagate’s follow-on technology to conventional Perpendicular Magnetic Recording (PMR), which is approaching the limit of its ability to decrease bit size on a disk platter before the written bits lose stability and flip from zero to one and vice versa.
HAMR uses a more stable recording medium that needs heating before writing a bit which is then stable at room temperature. Seagate hopes to get a capacity jump on its competitors who are delaying their use of the technology.
Gianluca Romano
Romano said: “HAMR is growing very well. It’s growing actually a little bit faster than what we were expecting just a few months ago. So we are starting to ship already last quarter and this quarter for qualification … Probably you will see a good volume from HAMR that can start to impact our P&L, I would say, in three to four quarters from now.”
He said that, with HAMR “you can grow in capacity per unit without increasing the bill of materials.” That’s because the drives, at the top capacity point, keep a 10-platter, 20-head configuration as capacity increases in a stepped way. With PMR, the recent drive capacity increases have come from upping the platter count from 8 to 9 to 10 with the current 20TB PMR drives, limiting the $/TB cost decrease. That restriction goes away with HAMR.
The first HAMR drives will have a 32TB capacity level. Romano said: “The following product will be a 36-terabyte and will still be based on 10 disks and 20 heads. So all the increase is coming through areal density.
“The following one, 40TB, still has the same 10 disks and 20 heads. And also the 50, we said at our earnings release, in our lab, we are already running individual disk at 5 terabytes [per platter]. So we can increase capacity by a lot without increasing the cost per unit because it’s the same bill of materials.”
The sequence then is 32TB, 36TB, 40TB and 50TB. The time interval between these capacity levels is longer than with PMR drives. Romano said: “With PMR, we were able to have a new product basically every 12 months, 15 months, and maybe take a little bit longer, but not much longer. So I would say probably every 18, 20 months. So a little bit longer [for HAMR], but of course, increased capacity is much bigger.”
What about the PMR drive progression? “We are not developing any PMR after the 24TB. So we have a 24TB coming out soon, next few months … That is the last PMR product” at a high capacity point apart from a 28TB shingled drive. The high capacity drives have a limited set of customers. “I think all the cloud guys will focus on the high capacity. They will want to have an HAMR 36 terabytes compared to a PMR 24, to me [that] makes a lot of sense.”
Lower capacity PMR replacement by HAMR
One of the great advantages of HAMR technology is the opportunity to replace lower-than-32TB capacity PMR drives with HAMR ones at the same capacity point – but with fewer platters and heads. This would lower the cost of making them, the bill of materials. For example, a 10-platter 20TB PMR drive for the video surveillance market could be replaced by a 5-platter HAMR drive with 50 percent fewer heads and platters.
Romano said: “It’s a huge difference in bill of materials, a huge difference in cost.”
Seagate anticipates passing some of that lower cost to customers in terms of a lower purchase price but would keep the the bulk to itself and so increase its profit margin per drive. “It’s not that we need to give all that cost to customers. We give a little bit of that cost benefit to customers and the rest of the benefit should stay with Seagate … improving our gross margin at very different capacity points using the new technology,” said Romano.
“That is the main focus, the main strategy of the company and why we’ve spent so much money in developing HAMR in the last more than 10 years.”
Of course HAMR technology has to deliver these benefits to Seagate. If it goes as planned, Toshiba and Western Digital will be unable to keep up with Seagate’s 4TB per HAMR generation capacity increments and also have a higher bill of materials at the lower capacity points, giving Seagate pricing headroom.
If HAMR technology fails to yield these benefits, Seagate has no ability to use the intervening ePMR and MAMR technologies being used by Toshiba and Western Digital. A failed HAMR future would be a potential problem for Seagate.
Cohesity has confirmed a round of job cuts, with chief marketing officer Lynn Lucas among those heading out of the door.
A spokesperson sent a statement to B&F:
“Cohesity has made the tough decision to optimize our workforce, with a twofold goal of having more flexibility to increase our investments in strategic areas of critical importance to our customers, and becoming cash flow positive in FY24. We will ensure that impacted employees receive resources and support from Cohesity, and where possible can be redeployed to open roles within the company. We will also continue to recruit globally in areas of strategic importance to Cohesity.”
Lynn Lucas.
The spokesperson also wrote “I can also confirm that Lynn Lucas is leaving the company. We thank her for her many contributions and wish her well.” Lucas became Cohesity CMO in 2018, joining from Veritas where she held the same role.
Cohesity did not confirm the number of staff involved in the job cuts. The privately owned business had 2,289 employees as of April 2023, according to Growjo.
Data protector and startup Cohesity was founded in 2013 by current CTO and chief product officer Mohit Aron, who was the original CEO. Sanjay Poonen became the CEO in August last year.
To date, it has raised a total of $660 million in funding, with the last round, an E-round, bringing in $250 million in April 2020. The business was then valued at $2.5 billion. Aron told Bloomberg an IPO was being considered in December 2021, at a $3.7 billion valuation. It actually filed for an IPO in December 2021 and has gone quiet on that front since.
Arcitecta and Spectralogic are partnering to sell systems into the high-performance secondary NAS storage market, not the primary filer business.
It all became clear at an IT Press Tour Briefing where we heard from and quizzed both companies about Arcitecta’s announcement on the partnership, which stated: “The Arcitecta Mediaflux + Spectra BlackPearl NAS solution provides high-performance scale-out NAS.” The two also provided an object store positioned as an archive-class system.
David Feller
Spectra’s David Feller, VP of product management and solutions engineering, told us the Arcitecta/BlackPearl AFA is not a high-speed primary storage NAS box: “All-flash BlackPearl is a cache to other BlackPearl S3 or tape gateway products.”
The context here is that Spectra recently and quietly introduced an all-flash version of its BlackPearl file and object gateway/cache for tape libraries. Existing BlackPearl products were all disk-based and the gateway concept was extended to produce an on-premises S3 object store, the S3 Standard Disk and S3 IA/GIR Disk, the on-prem Glacier (Infrequent Access) equivalent.
Then the all-flash BlackPearl NAS was added and Spectra partnered with Arcitecta so that its MediaFlux file and object management and orchestration software was supported. Out came the announcement and the IT reporting world thought the two companies were going after “high-performance scale-out NAS” as in the Dell PowerScale/Isilon and Qumulo Core case. Nope.
Arcitecta CEO Jason Lohrey briefed us, saying that MediaFlux plus all-flash BlackPearl was “just as fast as an Isilon front end,” if not faster. He then confirmed that he was comparing it to a disk-based Isilon system, not an all-flash one, and that MediaFlux/all-flash BlackPearl was a scale-out, secondary storage-focused system.
BlackPearl is a scale-up system. Arcitecta’s MediaFlux software treats an individual BlackPearl as a large storage drive and can use many BlackPearls in this way, making it a scale-out system.
Feller said Spectra had no plans to introduce QLC BlackPearl and move into VAST/Pure FlashBlade space. Also they rely on deduplication for their effective capacity and Spectra does not do dedupe.
Nathan Thompson, Spectra CEO and founder, hinted that a new tape library system was coming, with some similarities to the one Quantum supplies to hyperscalers. Thompson claimed that the hyperscaler tape library business was low margin and not attractive.
Commissioned: If you’re like most IT leaders, you are facing two uncomfortable realities.
The first is that external and internal cybersecurity threats are proliferating from individuals, independent collectives and nation-state attackers. The second is that your computing operating models are becoming more complex, as their tentacles spread across multicloud environments.
Which makes protecting against the former reality infinitely more difficult. Because with so many distributed device, software and network access points, perimeter defense is no longer a viable option.
Rather, a complex multicloud landscape requires a zero trust approach to protecting data. Zero trust’s central tenet is that there is no perimeter and that the increasing sophistication of attacks and the growing distribution of digital assets requires a “never trust, always verify” stance to cybersecurity.
Best practices for crafting a zero trust strategy are well understood and rigorously documented. To better understand how to execute this sweeping defense, it’s important to consider the scope of modern computing environments.
Multicloud sprawl
If your enterprise IT profile is like that of your peers, your software workloads are running in on-premises gear as well as a mix of public and private clouds. Maybe you also run assets in a colocation facility or at the edge.
If you preside over such a hodge podge you likely also manage a cybersecurity profile that is nightmarish in its complexity, littered with disparate protocols and security keys. As a result, most organizations struggle with data protection.
Seventy-two percent of 1,000 IT decision makers cited the inability to locate and protect dynamic and distributed data generated by DevOps and cloud development processes, according to the Dell Technologies Data Protection Index. Overall, 67 percent of those surveyed said they are not confident that they can sufficiently cope with ransomware and malware attacks.
Functionally, zero trust in a multicloud environment is like the security protocols people encounter as they navigate airports en route to their destinations.
People provide identification and pay for baggage check with a credit or debit card. Then they are scanned several different ways—some obvious and some discreet—as they wind their way through the screening process. Airport employees and federal security officials collaborate to authenticate passengers with considerable rigor.
Zero trust operates a bit like the airport security process, albeit across an exponentially larger and digital footprint. Sprawling hybrid and multicloud environments store data in a variety of locations, with each system leveraging its own security protocols.
Reconciling these challenges in diverse environments is hard. Extending the airport analogy, you might even say it’s akin to changing the engine on a flying jetliner.
User. You’ll continually authenticate, access and verify user activity patterns to govern users’ access and privileges. This will help you protect and secure all interactions.
Devices. You’ll institute real-time inspection, assessment and patching of corporate-issued laptops, PCs and other work devices informs every access request.
Applications and Workloads. You’ll monitor and protect every software asset, including applications, hypervisors, virtual machines and containers.
Data. Central to the DoD’s pillars, data is the great glue for all of your enterprise assets. If key data is comprised, you risk losing the corporate kingdom. You need total transparency and visibility across all of your data, which you’ll secure with your infrastructure, apps, standards, encryption and data tagging.
Network and Environment. You’ll segment, isolate and control the network with granular policy and access controls.
Automation and Orchestration. You’ll define processes and policies for automating security responses, enabled by artificial intelligence (AI) and machine learning (ML), that helps ensure remediation based on intelligent decisions.
Visibility and Analytics. Your sprawling multicloud estate needs software sentinels watching for anomalous behavior. You’ll implement tools that analyze all events, activities and behaviors to generate context. And you’ll use AI and ML to improve detection and reaction time in making access decisions.
How zero trust safeguards multicloud environments
Applying these zero trust pillars is critical as you cultivate a multicloud-by-design strategy, in which application workloads are deliberately allocated across on-premises, public and private clouds, colos and edge devices, based on factors such as performance, security and cost.
You’ll classify applications and data; segment networks to break up assets into smaller parts to limit the spread of malware; incorporate strong encryption and continuous monitoring; and institute access controls based on the principle of “least privilege,” or granting users access to assets they need to do their jobs.
Your model will include backup and recovery services to help you geo-locate lost or stolen devices, remotely wipe them if necessary and recover devices from a snapshot. And in the event of a breach, the right cyber recovery systems help you remediate compromised data in a digital vault that is isolated, immutable and intelligent and features critical access management constraints.
By applying the multiple security measures incorporated in a zero trust model to an intentional multicloud strategy you’ll ensure that your organization’s data and applications are protected across a complex, distributed environment.
Above all, remember this key maxim as you bake zero trust into your multicloud strategy: “Never trust, always verify.”
Learn more about our portfolio of cloud experiences delivering simplicity, agility and control as-a-service: Dell Technologies APEX.
Commvault is offering greatly enhanced malware defences and detectors for its offerings, with workload recovery and automated recovery testing – all managed through a Cloud Command console.
The aim is to deliver a defense in depth environment that is far more difficult for bad actors to penetrate, and one that provides more certain and better recovery if an attack does take place. Commvault says this signals the next phase in its evolution.
Sanjay Mirchandani.
Commvault CEO Sanjay Mirchandani said: “Commvault has spent the last four years redefining and expanding the capabilities of our platform to bridge the gap between IT and security. As a result, our customers can now be on the offense, taking it to the attackers by consolidating threat defense, backup, and recovery in a way that’s never been done before.”
There are no guarantees, however. Commvault corralled in Phil Goodwin, an IDC Research VP, to explain why: “Ransomware protection guarantees are quite in vogue and do provide important benefits. However, it’s better to have rapid, certain and accurate recovery that avoids the need for a guarantee claim.”
He says: “Commvault is looking at the ransomware problem by seeking to avoid the costs associated with data breach downtime altogether through continuous, proactive threat monitoring and remediation. This type of approach can help stop threats before they do real damage to the bottom line. It’s pretty simple: the only path to true resiliency is through active defense backed by bullet-proof recovery.”
Cloud Command – A single platform and UI for management of all Commvault offerings in an integrated dashboard that provides full telemetry and observability into Commvault software indicators. Delivers health-at-a-glance, risk levels, security and recovery indicators, and more for Commvault offerings from a single pane of glass.
Risk Analysis – Powered by machine learning (ML), Commvault Risk Analysis quarantines and protects sensitive data, giving organizations the ability to discover, analyze, and secure sensitive data to help prevent cyber exposure and potential data exfiltration.
ThreatWise Advisor – Delivers integrated logic into Commvault backup environments to intelligently recommend decoy placement, and further harden critical workloads.
Threat Scan – looks for corrupted or suspicious datasets. Threat Scan can locate and quarantine malware and threats from backup content, and help ensure clean recoveries with a lower reinfection risk.
Auto Recovery – Cyber analysis tool to test recovery readiness at scale and providing a framework for forensic analysis to validate and sanitize points of recovery. It allows customers to recover workloads at scale from cyber attacks with minimal data loss and downtime.
Commvault Cloud Command screen shot.
It has also announced collaborations with Microsoft and CyberArk to integrate Commvault’s technology with their respective security platforms.
Commvault and Microsoft Sentinel bi-directional integration provides an enhanced security posture and improved collaboration between backup environments and security systems. It delivers automated orchestration jointly across both systems for combined cyber event insights, countermeasures, and optimized incident response.
The CyberArk partnership is to do with user credentials. Clarence Hinton, chief strategy officer at CyberArk, said: “Compromised credentials continue to be the leading cause of cyber attacks and data exfiltration.”
“Commvault’s new integration and existing plug-ins with the CyberArk Identity Security Platform help organizations follow strong Zero Trust architecture practices, deploy rigorous lifecycle credential policies and comply with the most stringent regulations. The new secrets management integration can significantly reduce the risk of credential theft with the ability to segment credential storage away from the backup environments.”
These Commvault security features will be available in the second quarter from Commvault and its partners. There is more information in a blog and also in a Supporting Technologies page.
We have also run a Q&A session with Steve Preston, VP of Metallic Security at Commvault, to find out more details about this Commvault security news and how it relates to some competing offerings.
We asked Steve Preston, VP of Metallic Security at Commvault, some questions about newly introduced security measures and how they relate to competing products and services.
Blocks & Files: How do Commvault’s early warning technologies detection compare with those from competitors like Nebulon and Sysdig?
Steve Preston: Nebulon, Sysdig and Commvault each do slightly different things in terms of how they conduct their detection, and users should take stock of their environment and which tools will best serve their needs. In general, a layered approach is always wise when it comes to security.
ThreatWise uses patented cyber deception technology. Unlike traditional honeypots, we enable customers to configure lightweight, highly scalable fake assets (decoys) to dilute the surface area and further protect critical workloads. Think of these decoys as trip wires in customer environments. The decoys are not visible to legitimate users and, when interacted with by a bad actor, provide an immediate alert to IT and Security teams (via security tooling) for investigation.
This all happens in production environments, so ThreatWise is able to uncover lateral movement, discovery, and recon – giving visibility into threats before data is compromised or hits backup environments. We are the only vendor in the data protection space with the ability to surface zero-day and advanced attacks in production. Additionally, Commvault has detection capabilities within backup environments themselves – such as the identification of abnormal file activities (ML powered), user behavior monitoring, and scanning for malware to prevent reinfection.
Blocks & Files: Another threat attack detector is Cohesity with DataHawk. This combines threat protection with scans for attack indicators and malware. Again, how do Commvault’s early warning technologies compare?
Steve Preston: Correct, Cohesity DataHawk does provide some similar scans for indicators of compromise (IOCS), but only conduct those scans post-backup. It has no capabilities to monitor or alert on threats present in the live/production environment as none of the scans are conducted until:
Backup is successfully completed to the Cohesity DataProtect platform;
Metadata for the backup job(s) is replicated to Cohesity DataHawk (resident in their AWS tenant);
DataHawk conducts basic anomaly detection, and can then execute deeper threat analysis (similar to Commvault Threat Scan, except our solution is localized to the customer environment and does not require customer metadata to be sent outside of their environment).
This is the key differentiation between what Commvault offers in our early warning capabilities (built into the core platform) as well as via the ThreatWise cyber deception solution (separate offering). We not only scan for anomalies, corruption, malware, and other threats within the backup data sets, but we also actively monitor the production clients we protect via our agents and honeypots to detect potential threats earlier and enable much faster incident response.
Rather than waiting to scan the data for threats once every 24 hours (post-backup), we can also monitor for threats as frequently as every five minutes in the active/production environment. No other data protection vendor does this – they only focus on examining the data post-backup.
Blocks & Files: Commvault Risk Analysis quarantines and deletes sensitive data – how does a customer then access their own sensitive data?
Steve Preston: While Risk Analysis can quarantine sensitive data in this fashion, customers have full control over how it remediates these types of issues. Risk Analysis can identify sensitive data, and alert if it’s found to reside outside of secured systems that it should be in. This is often referred to as “data spillage.” By default, Commvault will only notify if sensitive data files are found where they should not be, but from those alerts you can execute immediate remediation within the Commvault Risk Analysis dashboard by way of:
Locking down the file ownership or permissions;
Moving the file to an appropriate location;
Deleting the file from the incorrect directory/server;
Any/all of the above.
In addition, these actions can be automated or built into a broader orchestration workflow if there are more complex tasks and approvals needed prior to any action. So, unless the customer has determined that sensitive data, if found outside identified “secured” locations, should be immediately deleted, it will remain in place for the customer to resolve the alert as they see fit.
This resolution for data spillage can also apply to the backup copy, as the references to the sensitive data files themselves can be purged to ensure those files are not inadvertently put back into the wrong location as part of a restore. This also works for malware and ensuring malicious files are not recovered to reinfect the environment.
Blocks & Files: How does ThreatWise Advisor work?
Steve Preston: The Threat Advisor delivers an integration layer and logic between Commvault/Metallic backup environments and the ThreatWise Security Operations Console (TSOC). By continuously assessing workloads protected in backup environments, the ThreatWise Advisor intelligently recommends what sensors to configure and where, to simplify and maximize decoy placement, further harden critical workloads, and reduce the cognitive load for users.
Logic runs in the backup environment to assess workloads currently being protected, as well as active decoys deployed for those workloads. Users are provided with decoy recommendations to further protect workloads and data, and users can either disregard recommendations or complete the configuration process to deploy decoys for additional coverage.
Quantum reported its third growth quarter in a row and reckons it can see the end of a downturn affecting its markets. A prolonged downturn in its revenues has possibly/probably ended.
Revenues in the fourth fiscal quarter, ended March 31, were $105.3 million – up 10.7 percent and beating its $102 million guidance – due mainly to strong growth with hyperscale customers. There was a loss of $13.6 million – 74.4 percent more than a year ago. Full year revenues were $412.8 million, 11 percent higher annually, with a loss of $38.3 million, 18.6 percent more than its FY2022 loss of $32.3 million. Quantum attributed the full year rise to strong secondary storage performance.
Jamie Lerner.
CEO and chairman Jamie Lerner said in the earnings call: “We are pleased with the revenue results, we feel good about the supply chain, and we’re excited about recent product launches, but we have work to do in fiscal year 2024 to improve our bottom line results.”
He added: “Having weathered a macro environment marked by a global pandemic, supply chain challenges, and disruptive inflation, we are beginning to see signs of improvement across our business.”
Financial Summary
Gross margin: 30.2 percent vs 38 percent year ago
Subscription ARR: $13.4 million, up 81 percent year on year
ARR: $156 million
Adjusted EBITDA: $1.0 million vs $0.4 million a year ago
Cash, restricted cash and equivalents: $26.2 million vs $5.5 million a year ago
The gross margin was down year-on-year due to non-recurring inventory charge and revenue mix.
It was Quantum’s strongest fourth quarter result in six years – since 2017. Secondary storage products contributed 42 percent of the revenues – ten percent more than their contribution a year ago. The hyperscale market (tape libraries) did very well, with Lerner commenting: “We had an incredible year of hyperscale sales with two times revenue growth versus the prior year.” A stabilizing supply chain helped as well.
However, hyperscaler competion is rising. Lerner again: “Two years ago we were the only company that had a hyperscaler tape offer, now two other companies offer something similar to us.”
It anticipates its primary storage products will return to growth, and CFO Ken Gianella said: “We are seeing positive signs of recovery of our primary storage systems going forward due to increased market demand, the introduction of our Myriad platform, and our multiple year investment in our US and international sales teams.”
Lerner added: “[Myriad] will have revenue impact this year. We’ve modeled it very conservatively until we start to see POs coming in, but there will be revenue impact in this fiscal, for sure.”
Myriad sales could also involve accompanying ActiveScale data lake and CATdb data tagging sales. Quantum is naturally excited by this prospect.
Lerner said the company was making progress in transforming sales with direct engagement “in larger enterprise deals, especially in areas of repatriation of data back on premise from cloud providers.” It’s also focussing its salesforce on end-to-end selling. As a result, Lerner said, Quantum is now “seeing a higher volume of large deals becoming a bigger component of our revenue mix in the pipeline.”
He mentioned another sales initiative: “We are also working on several OEM partnership opportunities with global technology providers. Just this past quarter, we secured an active scale OEM win at a global provider of video streaming solutions that will add to our subscription ARR in fiscal year 2024.”
Turning a corner
Quantum’s annual revenue history indicates that its general revenue decline over the past fifteen years may be ending and turning upwards.
To help ensure it keeps on doing that it’s recently implemented cost reduction measures and extended its credit facilities. Lerner said: “Subsequent to the end of the fourth quarter, we implemented a global efficiency plan that includes a cost reduction action.” This involved more than ten percent of its workforce globally and should result in annualized net savings of around $14 million from fiscal 2025 onwards.
He said about the credit moves: “To support greater operational flexibility in the near term, we proactively secured an additional $15 million of liquidity and greater covenant flexibility from our current lenders to capitalize on the cost savings initiative and position the company for growth as we bring our recent product innovations to market.”
Quantum is also increasing its operational efficiency to squeeze cost out of the business.
Outlook
The outlook for Q2 is $97 million plus/minus $3 million which compares to the $97.1 million revenues from Q2 last year – essentially flat. However, the full 2024 year outlook is for $415 million plus/minus $10 million. This would represent a 11 percent annual rise at the mid-point. Lerner said: “Although we anticipate the first fiscal quarter to be seasonally lower, we expect a resumption of revenue rotation to higher margin products and EBITDA expansion throughout the remainder of the year.”
Quantum is assuming that its secondary storage revenues will be lower, due to declining hyperscale revenues, but more than offset by higher primary storage revenues in the rest of the year. That will be influenced by repatriation from the public cloud and more business based on AI and machine learning.
