Performance and Encryption Combined in Q3i from BOSaNOVA
August 21, 2007 Dan Burger
Backup and recovery operations have more than their share of critical issues that require attention. Somewhere near the top of the priority list is the need to reduce the amount of time devoted to the backup and recovery processes. A nearly constant stream of performance upgrades has leap-frogged through the marketplace promising shorter backup cycles. And while performance has blossomed, so have the red flags, which have been raised because of unrealized performance. Lost or stolen data is yet another battle and encryption is the primary defender.
“The market is dubious about backup,” says Paul Howard, the designer of BOSaNOVA‘s Q3i tape drive with built-in encryption. “IT personnel are worried about complexity.”
He’s right about that. There’s already too much complexity in the data center. Keeping things simple is the equivalent of keeping things sane.
“If you consider why people do a backup,” Howard says, “the answer is to get a restore when the chips are down. Everybody tends to forget that. You have to have something people understand. When the world is collapsing all around them, they can get in and put the system back together doing a restore. The complexity has to be in the machine and not in the way it is used.”
Earlier this month, BOSaNOVA introduced a new iteration of its Q3 encryption technology that includes a built-in LTO-3 tape drive. Previously, BOSaNOVA sold the Q3 technology, which it OEMs from the English company DISUK, as a stand-alone encryption device. The inclusion of a tape drive inside of the Q3i should make the product simpler to configure and use. Customers that don’t want to buy an integrated LTO-3 drive, or who have other existing drives, can still buy the Q3 from BOSaNOVA.
The encryption technique in the Q3 line is known as dual-lacing, a method that involves two Triple-DES encryption engines with different keys. Each key is unique to the client. It’s not a new technology, but it’s well tested in two areas where security is of the highest importance: financial institutions and the military.
The dual-interlace method adds a level of security because it requires an attack to be perfectly timed, Howard says. Attackers have to locate two points instead of one in order to initiate an attack and each point requires perfect timing. “It’s a simple way to make the algorithms more secure,” Howard says.
There is some performance overhead in the dual-lacing approach because the data is being split into two 112-bit encryption streams and that requires additional effort checking that no errors are introduced. At the end of the day all data has to be 100 percent correct. Generally speaking, it is true that encryption can have quite an impact on tape performance when formerly there was no encryption used.
The Q3i is built on LTO-3 tape drive technology, which in most instances has performance capabilities beyond what most customers are currently using. Howard believes, however, that most discussions about performance capabilities are easily misconstrued. He says every client system is different, so the throughput results will be different when doing a backup.
As you look at the older tape drive technology, Howard says, there’s plenty of hardware in use that’s not being driven at full speed because of bottlenecks within the network systems. Bottlenecks in a system will stifle performance regardless of the device’s capabilities. “A lot of products are talked about in terms of their best speed, which in reality is unattainable do to the limitations of the network systems,” he says.
“On the other hand, there are those who have driven their older technology to its limit,” Howard says in reference to getting the most out of a network. “They can usually gain performance with Q3i, especially if they are moving from a 3570. It should be a dramatic increase as long as the network system can deliver.”
It may come as a surprise to upper management, and maybe to some IT staffers, that most tape drive purchases are more expensive than necessary because more performance is bought than the system is capable of using. “Performance figures based on the drive’s capabilities leads some to conclude they can cut their backup time to two hours and it ends up taking them six hours,” Howard says. “The reason is because the tape drive is not busy most of the time.”
Predicting performance based on product specs is very inaccurate. Wide swings in performance are attributable to factors like how the data is organized. “If the database is positioned so you have a complete run of it, that will run faster,” Howard notes. “If it is fragmented across two or three spindles, that can be a problem. If the data can’t be delivered quickly, the tape drive can’t perform up to its capabilities.”
It comes down to expectations being set unrealistically high.
“You have to be realistic with people,” Howard says. “You have to be honest and say, ‘Given what you are trying to achieve, we believe the product will make this level of performance.'”
The Q3i tape drive provides read capabilities for LTO-1, -2, and -3 media and write/encryption capabilities for LTO-2 and -3 media. It is available with SCSI LVD, SCSI HVD, iSCSI, or Fibre interface to allow connection to a variety of host platforms in addition to the IBM System i, iSeries, and AS/400 systems.
The Q3i starts at $15,995 which includes a one-year warranty and technical support.
Additional information, and a specification sheet, on the Q3i can be found at this BOSaNOVA Web page.