Tuesday, 18 July 2017

HPE Gen 10 - A New Compute Experience

HPE’s annual Discover event is often the platform from which new ideas and innovations are launched, and Las Vegas saw a pretty important one this year as, with much trumpeting and fanfare the latest iteration of their market defining server series was introduced to a waiting world.

You can very often tell how excited a vendor is about a new product, solution or innovation by the focus it is given at every opportunity, and if that holds true then HPE are very excited indeed about Gen 10 and everything it has to offer, and in truth they have every right to be excited.

2017 has seen a raft of strategic acquisitions, Simplivity and Nimble being the most recent, along with some new innovations, Synergy being the most notable. Combine these with the capabilities of Aruba wireless, 3Par Flash storage and a service offering that pulls it all together very neatly, and you’ll see that Gen 10 represents a step change evolution designed to be at the centre of the HPE proposition for years to come.

The Gen 10 series has been heralded by HPE as the world’s most secure industry-standard server. That’s a bold claim indeed, and whilst it may cause a sharp intake of breath by some, it’s not a claim made lightly and is also one that is backed up by some pretty robust data.

The claim is founded on the new Silicon Root of Trust technology along with a myriad of other differentiating security technologies that only HPE offers. The Silicon Root of Trust starts protecting servers, early in the production process and all the way through the product lifecycle, which they have branded as the HPE Secure Compute Lifecycle.

The Gen 10 is the centre piece of what HPE call “A New Compute Experience for our customers” and they have split this idea into three definable characteristics. Agility, Security, and Economic Control. As with all things though the devil is in the detail, so here’s a list of FAQ’s that will focus on that detail, and tell you everything you need to know. Westcoast of course stand ready to assist, and as the biggest HPE distributor in Europe our thirty plus years of experience makes us the ideal partner for all your Gen 10 projects.

Take a read through the information below and then get in touch at enterprsiebdm@westcoast.co.uk

What are the key new features that support the Agility story?

Simplify server operations

HPE Integrated Lights-Out (iLO) is an industry leading server management solution, two decades running. The HPE iLO solution differentiates itself by enabling three crucial tenets of server management—configuration, monitoring, and remote management. The new HPE iLO 5 comes with several improvements to simplify operations such as reducing maintenance windows with updates performed efficiently at scale with the least possible impact to production and the ability to easily roll back changes if problems arise.
Accelerate data-centric applications

We are building on in-memory compute with HPE Scalable Persistent Memory. You can now do much larger in-memory compute with persistence (TB instead of low 100s of GBs with NVDIMMs).

Use cases: Accelerate applications for fast caching and storage, reduce transaction costs for latency-sensitive workloads, deploy bigger, more affordable data sets to gain new insights from large memory pools.

How it works: Data is written to actual server memory marked as Persistent Memory via BIOS/CPLD means. We use a backup power source (800W power supply unit/400W battery backup unit) to hold up power during a power loss event and move from DRAM to NVMe SSDs for persistence.

Restore solution example: An in-memory Microsoft® Hekaton DB recovered with SSDs in 20 mins. The same Microsoft Hekaton DB is recovered with HPE Scalable Persistent Memory in 45 seconds (Yes, you read that correctly.).

We are also doubling the capacity of the HPE NVDIMMs (flash-backed DIMMs designed to eliminate smaller storage bottlenecks) 16 Gb up to 192 GB total capacity in a single server (cannot be mixed with HPE Scalable Persistent Memory in the same server).
Use cases: Ideal for smaller database storage bottlenecks write caching tiers and any workload constrained by storage bottlenecks. Software licensing reduction achieved through using NVDIMMs with fewer server core pairs (reduced core pair licensing from database vendors) versus using block storage devices.

Automate application deployment

HPE OneView is our infrastructure automation engine to simplify operations, increasing the speed of IT delivery for new applications and services. Through software-defined intelligence, HPE OneView 3.1 brings a new level of automation to infrastructure management by taking a template-driven approach to provisioning, updating, and integrating compute, storage, and networking infrastructure.

Designed with a modern, standard-based API and supported by a large and growing partner ecosystem, HPE OneView also makes it easy to integrate powerful infrastructure automation into existing IT tools and processes.

We are extending the partner ecosystem with new integrations from Mesosphere, Densify.com, Red Hat®, ServiceNow, and InfraKit. The integration of Mesosphere with HPE OneView 3.1 allows IT and DevOps to automate deployment and streamline operations of Mesosphere Enterprise DC/OS on HPE infrastructure for large-scale production environments.

HPE Intelligent System Tuning

We are making it easier to manage your on-prem infrastructure by dynamically tuning the performance on HPE ProLiant servers to match the needs of your workloads. HPE Intelligent System Tuning available on select HPE ProLiant Gen10 servers.

What are the key new features that support the Security story?

We are introducing the world’s most secure industry-standard servers. This is a big claim founded on our new Silicon Root of Trust technology along with a myriad of other differentiating security technologies that only HPE offers.

The Silicon Root of Trust starts protecting our servers, early in the production process and all the way through the product lifecycle, which we have branded as the HPE Secure Compute Lifecycle.

We are delivering an end-to-end security solution, starting at the very inception of the product with our Silicon Root of Trust. HPE is in a unique position here because we develop our own custom HPE iLO 5 chipset in the fabrication facility even before the server goes into production. We tie the server essential firmware (HPE iLO 5, Unified Extensible Firmware Interface [UEFI], CPLD, IE, and ME) into our custom silicon with an unbreakable link, which anchors our firmware.

We are also providing unparalleled detection and recovery capabilities. As soon as the server is booted and HPE iLO firmware comes alive, it looks into the silicon for the immutable fingerprint that verifies that all the firmware code is valid and uncompromised. Over a million lines of firmware code run, before the operating system starts, making it essential to confirm that all server essential firmware is free from malware or compromised code.

During server operation, HPE has a new technology that conducts Runtime Firmware Verification that checks the firmware stored in the server. At any point, if compromised code or malware is inserted in any of the critical firmware, an HPE iLO audit log alert is created to notify the customer that a compromise has occurred.
In the unlikely event of a breach, the customer may then securely recover the firmware automatically to a previous known good state. HPE provides this function through a new HPE license called, HPE iLO Advanced Premium Security Edition.
Aruba ClearPass creates a strong networking security clearance protocol for clearing anyone requesting access to the network. ClearPass creates a profile of potential users and clears access of users into our Aruba networks. Our recently acquired company Niara, will be responsible for monitoring activity of users inside the network. Once ClearPass vets and clears users into networks, Niara takes over and using machine learning, works to predict any nefarious behaviour before any serious damage can be done. If Niara identifies abnormal activity resembling potential malicious behaviour, it communicates to ClearPass, temporarily terminating the suspected user’s access to the network until more thorough vetting can be conducted. In the case of a rogue employee, this predictive capability block potential bad actors from the network, before any damage is done.

HPE is the first industry server manufacturer to announce support for the Commercial National Security Algorithm (CNSA) suite.5 This is the very highest level of security, typically used for the most confidential and top secret information. HPE also has FIPS validation on firmware and offers that as another level of protection during the operation phase of the server’s life.

Scalable encryption is another differentiated offering from HPE protecting data stored in the server. Unlike competitor servers, who use self-encrypting drives that require management of separate keys in every drive, HPE offers secure encryption through our Smart Array Controller cards that contain all encryption cards and manage those at scale. Going one step further, the HPE Atalla Enterprise Secure Key Manager (ESKM) is also qualified with our controller cards that take key management to a higher level. Through this technology, we are saving customers the agony of tracking an unmanageable number of encryption keys—sometimes on spreadsheets.

Closely related to security, are the numerous government regulations that customers must comply with. To aid our customers, HPE is applying the NIST 800-53 security controls to a solution stack of storage, networking, servers, and software creating a secure baseline. This secure baseline will provide customers with the comfort to issue an authority to operate (ATO) before putting IT infrastructure into operation. Additionally, this NIST 800-53 control set will assist customers with certifications like FedRAMP, HIPAA, and ISO 207001. Earlier this month, the President issued an executive order mandating all federal agencies follow NIST guidelines for cybersecurity protections. The private sector is also beginning to use the same NIST controls as standards with preventing cybercrime.

The final part of HPE Secure Compute Lifecycle comes after the servers and other equipment have reached their full use and entered end of life. The security and protection services from HPE Pointnext provide final disposal of customer equipment ensuring the data is properly disposed off according to NIST standards.

What are the key new features that support the Economic Control story?

Economic Control is a better way to consume and pay only for what you use.

Customers have to manage trade-offs—benefits of cloud with the control of on-prem. HPE Flexible Capacity offers both.

HPE provides active capacity management—the customer has sufficient supply to meet demands available in minutes either on-prem or cloud. Customers have full architectural control of the solution with contemporary hardware—including HPE Gen10, software from HPE and ISV partners, and services—paying only for what they use. HPE Flexible Capacity has been in market for five years; net promoter scores in the 90s and has never lost a customer.

At Discover, we announced HPE Capacity Care Service. It gives customers access to some benefits of HPE Flexible Capacity today and can be attached to an HPE ProLiant Gen10 sale. HPE Capacity Care is designed to help midsized companies through our extensive partner network. It can be purchased or consumed through a subscription model.

HPE has also developed innovative investment models to accelerate the journey from legacy IT to Hybrid IT.

HPE offers customers the ability to monetize existing assets, with HPE Accelerated Migration, to ease the transition to newer technology or to shift to flexible usage models. For IT organizations to make rapid business decisions with limited risk, we provide the ability for customers to acquire equipment ahead of actual need with HPE Pre-Provisioning and return infrastructure without penalty with HPE Flexible Asset Return.

For those customers who value predictable payments and smooth technology transitions, we leverage our financial services organization to provide a pathway from HPE Gen9 to HPE Gen10 with no additional cost or change in monthly payments.
These are part of a broader portfolio of investment strategies to deliver the financial outcomes customers require.

See the full FAQ here

No comments:

Post a Comment