Wednesday, March 30, 2016

Data Center Security


Our first key challenge is risk management which can be addressed with the layered physical security approach. Thereat to the data center can be of many forms, like third part contractors or employees who may have access to inflict unintended or intended damage. Deploying a layered security strategy can provide you feasibility to deter, detect or detain at every layer of your data center security producing the risk of breach. There are six layers of security. They are,


  • LAYER 1 – Perimeter Defense: The site perimeter is not just the border; it is the first layer of data center protection. Measure used to fortify perimeter security include Video Surveillance, fence, limited entry points with access control, physical security barriers such as anti-ram fencing gates and guard station with security personnel these are all decided to deter the intruders. Car trap and security personnel can delay the intruders.
  • LAYER 2 – Clear Zone: The second layer of the security addresses the space between the perimeter and the building exterior. These area is monitored by intrusion detection sensors and video surveillance to identify breaches.
  • LAYER 3 – Facility Facade/Reception Area: The third layer is the highest level of perimeter security. We have the opportunity to prevent the unauthorized access into the facility.
  • LAYER 4 – Hallway/Escorted Area/ Gray Space: The fourth layer of the security, validates access rights of authorized individuals into specific environments such as the data hall, network operation center, power and cooling facility areas.
  • LAYER 5 – Data Center Room: As you enter the data hall the fifth layer of security is the selective profile of authorized staff, contractors and visitors.
  • LAYER 6 – Data Center Cabinet: The sixth layer of security provides the controlled access and accountability directly at the equipment location. The interoperability of these six layers mitigates your risk of an effective and efficient protection of the facilities critical data.

Attacks can also come outside in. And today the most popular attacks are the ones that target web applications. Hackers know that the web apps are full of vulnerabilities and can lead to very profitable exploitation. And another popular data center attacks strategy is Distributed Denial of Service (DDoS), where the attacker generates massive amounts of traffic to overwhelm and paralyze your systems. Also another common attack is AppDos attacks which targets specific application. These types of attacks can be prevented by the effective use of firewalls. Also there are different use case for firewall technology. In campus branch the next gen firewall will be deployed. Intrusion Prevention System (IPS) which relies on repeating and other intelligent data source, to provide additional defense. And there is an Application visibility control where we can see and control the internet apps and content the employees are accessing. And finally, there is an active directory integration where the identities can be managed and controlled.

Posted by at No comments:

Tuesday, March 22, 2016

Power Usage Effectiveness (PUE)

PUE is an acronym from Power Usage Effectiveness. It is the measurement of the energy efficiency of data centers physical infrastructure such as the power and cooling equipment. PUE is not a measure of how efficient the IT equipment is, rather it is the metric to quantify the overhead power that is consumed in supporting the IT equipment. According to the recent study, USA data center energy consumption is 2% of total USA energy consumption. This is equivalent to the energy consumption of 7 million households.

The formula to calculate PUE is, take all the energy or power that is used to operate the data center and divided by the amount of energy consumed by the IT equipment’s like servers, network switches and storage devices.


For example, let’s consider this 2N redundant data center. 47 percent of the electrical power entering the facility actually powers the IT load and the rest is consumed or converted to heat by the power, cooling and lighting equipment. This include devices like UPS, transformers, generators, chillers, pumps, fans, etc.… Let’s consider the total data center power consumed is 1000 kw and 470 kw is by the IT load. So the PUE of this data center is 2.13.



The theoretical best PUE that can be achieved is 1. That is, every watt consumed by the data center is consumed directly by the IT equipment. If the PUE is 3 or more, then the data center is considered as in efficient. According to the Uptime Institute Data center survey, the average PUE is between 1.8 and 1.9.

Few ways to lower the PUE level.
  • First step is to know the PUE of your data center. If it is not determined, then have the energy assessment performed by the data center specialist. They can also provide the specific recommended improvements that often pay the cost of the assessment within a year. In many data center, the cooling systems uses more power than the IT equipment’s. So the improvements to cooling will generally have the biggest impact on the PUE in overall energy saving.
  • Keep hot air and cold air from mixing. Since this mixing makes the cooling system very inefficient. So make use of containment solution like hot aisle or cold aisle containment or vertical docks which are very effective in separating the hot or cold air streams.
  • Raise the temperature set point in the data center. The new ASHRAE guideline recommend rack temperature can be as high as 80°F or 27°C.
  • Finally, calculate and manage PUE on a constant basis. This can be done by installing the meters and monitoring software.
     Reference: https://www.youtube.com/watch?v=BiglstCxGDI
Posted by at No comments:

Wednesday, March 16, 2016

Selecting a Rack PDU

In this blog, we shall discuss about the configuration option and what rack PDUs are best for your data center. While deploying PDUs we have to consider the following things, What kind of power do you have? How much power do you need? How much power do you draw? What plug types do you have? How much room do you need for the future? What do you need for the future? Will you add more devices to the rack? Will you need more power in the future? In many companies some of these answers to these question will come from Facilities group, while the other answers come from IT group.

In order to calculate the power which is being used by our server and storage devices, we can add the AMP drawn of all the equipment’s that has been plugged to the PDUs. The amp drawn information can also be gathered by several ways. The equipment manufacturer provides the ‘Name Plate’ or ‘Face Plate’ power ratings. These power ratings are often calculated for the worst case scenarios. Most manufacture offer power sizing tool or capacity planning tool to calculate the power used. Intelligent rack PDUs that monitors power consumption of the server can be a valuable source for calculating the amps drawn by new servers. Power monitoring can be done on whole PDU level, individual outlet or groups of outlet.
      
     Few rack PDUs allow remote power management for monitoring the usage of power. Power outlet cycling is ideal for data center without 24 hours’ staff coverage or devices deployed in remote locations. The ability to schedule power off in an outlet allows to easily enforce IT power policies such as switching off all non-production servers after 6 PM.

     Some intelligent rack PDUs also perform environmental monitoring. With temperature and humidity monitoring, we can identify hot and cold spots in data center or within the rack. By identifying the cold spots where over cooling is taking place, we can increase the temperature on our Computer Room Air Conditioner (CRAC) units. If the space is available in the rack, then we can also add additional servers to that rack. By locating the hot zones in our data center, we can identify the cooling needs that prevent the downtime and damage to our equipment. We can receive alerts by having sensors all over the colocation floor.
     
     Over Cooling and Over Provisioning of the data center will lead to the increase in the operational cost and its harmful to the environment. With rise in cooling and power cost, the ability to monitor and control your power usage helps to promote a cost effective and greener data center. 
Posted by at 1 comment:

Wednesday, March 9, 2016

Rack Power – Power Distribution Units (PDU)

Today’s Data center are filled with power and storage devices with increase in power needs. We have to select the best rack Power Distribution Units (PDU) for that environment. In this blog, I will share some basic power terms and few details about rack PDU

  • Ampere (Amp): It measures the amount of electrical current flowing through a circuit during a specific time period. It is also known as Amps. 
  • Volt (V): It is equal to the difference of electric potential between two points on a conducting wire. 
  • Volt-Amps (VA): It is the voltage multiplied by amps (Voltage * Amps). This rating is the apparent power, which represents the maximum power that a device can draw. Kilovolt-Amps (KVA) is the measure of VA in thousands. i.e. 2000 VA = 2KVA. 
  • Watt (W): It is the measure of real power drawn by load equipment. It is used as the measurement of both power and heat generated by the equipment. 
  • Power Factor: It is the ratio of real power to the apparent power. In other words, it can also be described as the power that is being being supplied Vs the power that is consumed. Most modern IT equipment has the power factor of 1, which means that the equipment efficiently uses the power supply and factors less than 1 signifies the less efficient equipment. 
  • Circuit Breaker: It is a switch that protects electrical equipment from damage caused by overload or short circuit.


Data Center power is distributed with 208V single phase, high line power. Also it can be distributed with three phase power. Three phase power is used because of its efficiency and power delivering. The National Electrical Code (NEC) is the United States standard for safe insulation of electrical wire in an equipment. It states that, PDU cannot allow a continuous measure load that exceeds more than 80 % of the connector or cable rating. NEC defines the continuous load as 3 hours or longer. This is sometimes referred to as Derated Load, i.e. a 30 AMP rack PDU can only carry a maximum continuous load of 24 AMP. The NEC rated load on a rack PDU needs to be considered when data center operators want to provide power redundancy for their equipment. Without power redundancy, if the rack PDU fails the all equipment’s will shut down. To prevent this all important servers and infrastructure equipment should have multiple power supply and plugins to at least two different PDUs. Best practice is, never go above 50% of the PDU capacity. This is called PDU power balancing and provides power redundancy.  

 In my next blog, I will share some details about how to select the rack PDU for your data center. Stay Tuned.......

Posted by at No comments:

Saturday, March 5, 2016

Data Center Cooling

In data center’s, we might think that most of the heat is being produced by the servers, but that’s not correct. Because large amount of heat is being produced by the communication equipment. The main purpose of the data center cooling technology is to provides the stable environmental conditions for the Information Technology Equipment’s (ITE). In this blog, we shall discuss more about the data center cooling and the equipment’s that are being used to cool the data center.
           Most of the data centers operates in a temperate range between 65°F to 75°F. To attain this temperate, we can use cooling devices like Computer Room Air Conditioner (CRAC) or Computer Room Air Handler (CRAH) or Chiller or Economizer. There are two different types of CRACs, namely External Chiller Plant and Compressorized Chiller. CRAC units pull hot air from the top of the room and push the conditioned air to the space below the raised floor. Using perforated tiles, cold air is pushed to the front of the server. We should also prevent the mixing of hot and cold air. This can be done by using the Hot Aisle containment system, where the hot exhaust air is contained and returned to the air handlers. The complete mechanism of hot aisle containment system is shown in Figure 1.

      
(Figure 1 - Hot Aisle Containment System)

                CRAH is a device which is used to deal with the heat that are produced by the IT equipment’s. It uses fans, cooling coils and water chiller system to remove the heat from the data center. Chillers normally remove the heat from one equipment and deposit it into another element. Without chillers the temperature would quickly rise which corrupts the mission critical data and destroy hardware equipment. All these devices consume large amounts of electricity and would require dedicated power supply. We can save these energy cost by using the Economizer. It can be used in areas where winters have very cold temperature, like less than 40°F. These economizer fetches the cold air from outside and circulate into the data center. Exhaust openings and fans can be used to remove the hot air from the data center. This indeed helps to cool the IT equipment and reduce the power load on the chillers.
          The American Society of Heating, Refrigeration and Air-Conditioning Engineers (ASHRAE) standard is the widely recognized air conditioning standard. According to ASHRAE, the average temperature of the data center should be between 65°F to 85 °F and the humidity should be maintained between 42°F DP to 59°F DP. Nowadays, most of the data centers are switching to computational fluid dynamics which helps in reducing the cooling cost. In my next blog, I will share other important aspects of the data center.

Reference: https://journal.uptimeinstitute.com/a-look-at-data-center-cooling-technologies/


Posted by at 1 comment:
Subscribe to: Posts (Atom)