Who knew an all-PCIe network could increase data center security?
News about data breaches are becoming an all too common occurrence, and network security is a significant headache for many IT/ITC managers. While many factors contribute to maintaining security in the data center, from physical access to software updates, the emergence of a new end-to-end all PCIe-network fabric brings an added layer of protection, by drastically reducing the potential intrusion vectors.
Today in a traditional static data center, the data must travel over several networks, always starting from PCIe from the server to Ethernet, InfiniBand, and countless buses and devices. Each new sequence workflow and data management operation multiplies the hops and related bus-level conversions. Not only does the overhead get in the way of performance, but each time one of those occurs, your data risks being compromised or corrupted when the data are briefly stored in an HBA or HCA adapter, and with each touchpoint in a Network Interface Card (NIC).
In contrast, data traveling directly and exclusively over PCIe never stops. The the risk of access or interception is reduced, because data passes straight through without the usual peeks, prods and pokes and so never in effect resides in any link interface.
In addition, PCIe is an inherently more reliable network, as a time-based protocol, because the data are guaranteed to arrive non-corrupted, point to point with no hops, and no store and forward. Ethernet, on the other hand, was designed to span great distances, commonly dropping packets, with a built-in retry capability for packet loss, while surviving any communication loss.
What if your rack-level resources could communicate securely over native PCIe, keeping the entire data plane communicating strictly over PCIe, without the need to resort to Ethernet or InfiniBand? What if instead of forcing your data through all these low-level translation steps, it could safely “travel” over one network, the native PCIe interconnect that all your data center resources “speak and understand”? Think about the multiple hardware and software layers you could skip!
That is what GigaIO’s FabreX™ does as a native PCIe fabric for the ultimate in network security. With our recomposable dynamic infrastructure, running end-to-end PCIe, you no longer need a “sea of NICs” in the rack. So you not only reduce your CapEx by not needing to buy extra adapters and switches, as you would with other composable infrastructure vendors, but you actually increase the data center network’s overall security while improving resource utilization and performance.
Indiscriminate hacking and malware proliferate primarily due to access vectors that open networks (like Ethernet) provide. Deploying FabreX could be an essential tool in keeping your data center secure.
In addition, have you ever heard of PCIe hackers? Didn’t think so. So you can see how deploying FabreX could be an essential tool in keeping your data center secure.
A good analogy is the relative security vulnerability of Windows vs. Linux: for years, Windows malware was prevalent, but quite limited with Linux, because obscurity begets security. Today, Linux has become more popular, but its fundamental security posture remains more secure, some would argue, because of its open-source nature. A similar argument can be made about the PCIe standard. With PCIe, whose packet traffic, by definition, will never find its way outside the data center on a WAN, you can sleep a little bit easier having added this extra hardening layer to your security apparatus.