On Monday, October 11, Compaq, Hewlett Packard, IBM, Intel and Microsoft announced the launch of a new alliance, the Trusted Computing Platform Alliance. The Alliance has chartered itself with the mission of developing a new hardware and software specification to enable technology companies to use a more trusted and secure personal computer platform based on common standards. Alliance Chairman, David Chan of Hewlett-Packard says, "This workgroup was formed to define the necessary set of capabilities for a security subsystem that would allow a system integrator and solution provider to establish trust on a hardware platform." The Alliance also stated that "personal computers lack a standard set of system hardware-based functions needed to establish trust on the platform."
The cited mission is somewhat nebulous. Are they trying to help Microsoft learn how to secure their widely publicized operating system security holes? Are they trying to develop or certify a PKI (Public Key Infrastructure) solution? Or are they trying to develop desktop and server security standards for systems integrators and solution providers? Whatever their mission is, they plan on creating a proposal for a security specification of sorts by the second half of 2000. Their plan is to make the specification available through licensing subject to proper verification and implementation.
Market Impact
In a world of co-existing truths, it is likely that there are multiple purposes behind this alliance. Microsoft needs to gain consumer confidence in the security of its operating systems, and having two high profile Unix vendors, HP and IBM, on its side is certainly a good starting point. Compaq, HP, and IBM all want to sell servers, and without the confidence of a secure operating system, many organizations today who want a turnkey commercial off-the-shelf server solution are turning to vendors like Sun Microsystems and Novell. E-commerce is the prevailing internet market driver, and without security, financial transactions are a risk and a liability that smart businesses and organizations are not willing to take.
Though the Alliance may be hedging towards putting more security in the BIOS, there are no easy and quick short-cuts to securing information technology infrastructure. Most security experts agree that using a layered security model is the best approach. A layered model secures an organization's network, operating systems, and applications. According to Marcus Ranum, CEO of Network Flight Recorder, and the person most often credited for developing the first firewall, "What it seems they're saying is that they're going to develop hardware specs and BIOS extensions that will enable certain security services to the operating system. That's nice but if the operating system isn't good, security-wise, it won't matter what the hardware provides."
If nothing else, the formation of this alliance is sure to heighten security awareness in the information technology sector as a whole. Elias Levy, Chief Technical Officer of Security Focus and moderator of the well-known Bugtraq security mailing list says, "The alliance is a good idea and has potential. There is a great need to build security features into the basic structure of the computer and the operating system. Only when these features become universal will application writers start making use of them benefiting the end user. Although it is still too early to tell what the exact deliverables are that the alliance hopes to produce, it is encouraging to see these important companies at least attempting to solve some these security issues."
User Recommendations
The Alliance invites other companies to participate in helping to architect its mission. If your organization has anything to offer the Alliance, applications for membership are currently being accepted. With such a lofty agenda, and aggressive delivery intentions, the Alliance will certainly need all the help it can get. In the meantime, users should not hold their breath. The first step to take in securing an organization's network is to have a security vulnerability assessment done as soon as possible. In light of the rapidly increasing network and system security break-ins, it would behoove any organization that has confidential information on its network to analyze their risks and take due precaution as soon as possible.
SOURCE:
http://www.technologyevaluation.com/research/articles/compaq-hp-ibm-intel-and-microsoft-create-new-pc-security-alliance-15289/
Compaq, HP, IBM, Intel and Microsoft Create New PC Security Alliance
Compaq's 8-CPU Intel Servers: the New "Big Iron"
In late August, 1999, Compaq started shipments of its eight-CPU Intel servers, the ProLiant 8000 and 8500. The ProLiant 8X00 series is part of the next generation of Intel servers (along with offerings from Dell, HP, IBM, and others) which utilize the Profusion chipset. (This chipset allows servers to break through the previous limitation of four CPUs for the Intel architecture.) Although both products are geared toward the enterprise computing segment, they address different areas within that segment the PL8000 can function either as a standalone or in a rack, the 8500 must be racked, and needs other hardware (primarily disk drives) to support its configuration. Whichever model is chosen, these products are aimed at large datacenter/data warehouse environments, as well as other large-scale computing environments. This product will also be used to consolidate and upgrade existing servers.
Compaq's main competitors in this space are Dell, HP, and IBM. There are other vendors producing eight-way Intel servers (e.g. Unisys, Hitachi), but we do not believe they will be (serious) market share competitors. (Market share figures for Intel servers is shown in Table 1 and Graph 1.) In general, the Intel server market is growing, and these products will satisfy pent-up demand, but we do not expect the volumes to be significant (when compared to four-way servers) until next year.
Compaq is positioning the ProLiant 8X00 series to address a number of markets:
1.
External to the customer: ERP, E-commerce
2.
Internal to the customer: mail and messaging, terminal servers
3.
General: Data warehousing, datacenters
Compaq is highlighting a number of areas where it feels it has a competitive advantage: Performance, price/performance, and technology. In addition to their traditional strength in price/performance and performance, Compaq has an inside track on Profusion's design, due to their co-development efforts with Intel and Corollary (developer of Profusion, bought by Intel in 1996). Since this chipset is the heart of the eight-way architecture, Compaq has gained a short term advantage.
Because of the relatively low price approximately $20K base price (vs. $7-$8K for a four-CPU base unit) -some "cannibalization" of four-CPU markets is expected.
Although the eight-way servers (in general) are now the "biggest kid on the [Intel] block", this position is expected to last only until Merced/McKinley arrive 12 months from now for Merced (80% probability), two years for McKinley (60% probability). Since McKinley, not Merced, is expected to provide the performance leap, this should give the current eight-way servers approximately 18-24 months at the top of the Intel scale. After that, these systems become "mid-range" products. Until Merced ships, we expect the worldwide market size for eight-way servers to be approximately $5-$8 Billion. (Note: Merced will not immediately "cannibalize" the market for eight-way servers, because of the change from the current IA-32 architecture to Merced's IA-64 architecture. This change will effect much more than hardware, and therefore migration will not be immediate.)
Product Strengths
8000:
Feature Set/Flexibility: The ProLiant 8000 is presently the only eight-way server from the "Big Four" server manufacturers which can stand alone all the others (including the ProLiant 8500) are rack-based. (So is the 8000, at 14U high, but there is a tower conversion kit for it.) Additionally, the 8000 can house up to 21 disk drives, allowing lots of raw storage space, but also providing the flexibility for a large RAID setup.
Price/Performance:Based on present $/tpmC results from the TPC, Compaq continues to be a price/performance leader ($18.70/tpmC). We expect this leadership to continue, with the only serious competition expected to be from Dell. The raw performance numbers are also very good (>40,000 tpmC), but we expect Dell to post similar numbers within three months (60% probability).
8500:
Storage: The 8500 has four hot-swappable hard drive bays, more than any major competitor (except the ProLiant 8000). Although it is not a targeted application, this capability does allow the customer to have an internal RAID setup.
Serviceability: The 8500 is almost completely modular: all of the major components Main Logic Board (MLB), power supplies, fans, I/O cards, hard disk drives - can be swapped (by the customer) quickly, without tools. This also allows a customer to install a 20-lb. chassis at the top of a six-foot-high rack and add subunits one at a time this is in contrast to trying to mount a 100+ lb. unit, as has been typical in the industry.
Price/Performance: The 8500's figures ($18.46/tpmC) are even better than the 8000, and are approximately $1.50/tpmC better than the Unisys Aquanta E2085. However, we expect Dell to post figures similar to Compaq's within three months.
Size: At 7U high, this system is the same size as Compaq's four-way offerings (except the PL 6400R), and thus capable of a "box upgrade" (euphemism for "pull out the old system box, put in one of these") for earlier ProLiant models, or for systems made by Dell and HP. IBM, at 8U high, is at a competitive disadvantage here.
General:
Technology: As mentioned earlier, Compaq co-developed the Profusion with Corollary/Intel. This has already provided Compaq with a slight (~2-3 weeks) advantage with regard to which manufacturer ships eight-way systems first. However, we expect more significant benefit to come from the system's logic design, and any performance or feature advantages that Compaq's engineers can design into the system.
In addition, Compaq's use of "heat pipes" (a cooling technology) allows slightly greater design flexibility (and greater thermal margin) vs. the more conventional use of extruded aluminum heatsinks.
Service/Support: ProLiant servers benefit from Compaq's service/support capabilities (from the Digital acquisition). Although customer-serviceable components are becoming the norm, there is still a strong need for vendor support.
Product Challenges
8000:
No Integrated SCSI Controller Although performance issues make it desirable for customers to buy add-in SCSI controller(s), they should not be required to do so just to get a working storage subsystem.
Ergonomics The CD, floppy, and removable media devices are in the wrong place if the unit is freestanding who wants to bend that far over just to put in a CD or diskette or tape (for backup)?
8500:
No removable media devices: The box is tightly packaged, but having at least one additional media bay would be beneficial to customers.
RAM Capabilities: Profusion can support up to 32GB of RAM. Although Compaq feels customers will never need/use more than the 16GB Compaq provides, having the flexibility to expand would be helpful to a customer.
General:
PCI Slots: Compaq provides only two 66 MHz slots, half of its competition. Since the same I/O board is used in both products, this comment applies to both.
Corporate Issues: Dell has been gaining ground on Compaq, and Compaq has been "distracted" due to problems with the Digital acquisition. Those problems appear to be subsiding, and we expect Compaq to return to its former focus within 12 months (70% probability), but they are not there yet.
Vendor Recommendations
It is not yet clear that customers want both a rack and a freestanding-optional product. Since the high-end server marketplace will be dominated by rackmount systems (See TEC's Research Note: "High-End Wintel-based Rackmount Servers The Big Get Bigger" August, 1999), it is not clear that a 14U-tall rackmount-which-can-convert will have a sufficiently large market presence. People who need lots of drives can buy storage expansion enclosures to mount underneath a 7U-high server, with little (if any) feature set loss. However, since the mechanical design was just a modest repackaging of the PL 7000, Compaq probably thought the monetary risk was acceptable. Other than this issue, the product is positioned appropriately.
Compaq should modify its PCI implementation by adding more 66 MHz slots, and add at least one more slot overall. These changes will give them parity in almost every feature category, and the clear winner in others.
Compaq should leverage everything it can from the Corollary/Intel co-development relationship this can provide long term benefits, either through quicker product development or through development of more feature- and performance-rich systems.
Finally, Compaq should use its current time advantage as much as possible with an aggressive sales campaign, and consider using the expected Merced delays as a lever, while carefully balancing against the potential alienation of Intel.
User Recommendations
These products are good choices for clients who have high-end computing environments, such as data warehouses or server consolidation requirements. The feature set and hardware reliability features are excellent, and the only technology concern is based in the Profusion chipset, due to its newness. However, Compaq's co-development relationship should reduce Profusion-related concerns.
The ProLiant 8500 is a better choice for those users who either need the flexibility of mixing and matching components in a rack, or who are still unsure of what their needs are. We believe that the ProLiant 8000 is appropriate only for those users who know they need a self-contained solution, especially if it is the only server they plan to buy. If customers need more than one or two servers, then the 8500 is the better choice.
In addition, the lack of an integrated SCSI controller and small amount of 66 MHz PCI slots can be used by the customer to gain concessions in other areas.
SOURCE:
http://www.technologyevaluation.com/research/articles/compaq-s-8-cpu-intel-servers-the-new-big-iron-15170/
