For the security-first data center, make your network end-to-end PCIe
With access and data breaches ever more common, and network security a significant headache for many IT/ITC managers, there are many factors to consider to maintain security in the data center without sacrificing performance or scalability. What if you could drastically reduce the potential intrusion vectors for security issues, and do so by a factor of five or six?
Consider that in a traditional siloed data center with static resources, the data must travel over several networks, from PCIe to Ethernet, InfiniBand, and countless buses and devices. Multiply these traversals each time you sequence workflows and data management operations. Not only does the overhead get in the way of performance, but each time one of those hops and related bus-level conversions occurs, the possibility of a security breach looms as the data are briefly stored in an HBA or HCA adapter. Each touchpoint in a NIC is another opportunity for your data to risk being compromised or corrupted. In comparison, data traveling directly and exclusively over PCIe never stops. The data do not reside in any link interface because it passes straight through without the usual peeks, prods and pokes; thus, reducing the risk of access or interception.
Also, PCIe is an inherently more reliable network, as a time-based protocol, because the data are guaranteed to arrive non-corrupted, point to point with no hops, and no store and forward. On the other hand, Ethernet was designed to span great distances, commonly dropping packets, with a built-in retry capability for packet loss, while surviving any communication loss.
What if instead of forcing your data to contort itself through all these low-level translation steps, it could safely “travel” over one network, the native PCIe interconnect that all your data center resources “speak and understand”? Instead, have the rack-level resources communicating securely over PCIe without the need of Ethernet or InfiniBand. Now you could skip multiple hardware and software layers by keeping the entire data plane communicating strictly over PCIe.
That is what GigaIO’s FabreX™ does as a native PCIe fabric for the ultimate in network security. With our recomposable dynamic infrastructure, running end-to-end PCIe, you can vastly reduce NICs in the rack. Hence, you not only reduce your CapEx by not needing to buy extra adaptors and switches, as you would with other composable infrastructure vendors, but you increase the data center network’s overall security while improving resource utilization and performance.
Indiscriminate hacking and malware proliferate primarily due to access vectors that open networks (like Ethernet) provide. Deploying FabreX could be an essential tool in keeping your data center secure.
Add to this the fact there are thousands of Ethernet expert hackers, but very few, if any, PCIe hackers, and you might see how deploying FabreX could be an essential tool in keeping your data center secure.
A good analogy is the relative vulnerability of Windows vs. Linux: for years, Windows malware was prevalent but limited with Linux. Today, Linux has become more popular, but its fundamental security posture remains more secure, some would argue, because of its open-source nature. The same argument can be said about the PCIe standard and its OEM implementations. With PCIe, whose packet traffic, by definition, will never find their way outside the data center on a WAN, you can have confidence that PCIe traffic stays within the data center.