• Content Count

  • Joined

  • Last visited

Everything posted by 270673

  1. Dear all, Can someone point me to drive model which satisfies the following? I have been looking myself; but without finding it. Widely available in the retail channel. I'm in northern Europe. Self Encrypting Drive / supports in-drive encryption managed via motherboard TPM and password. 2.5" regular height, large capacity. 1 TB is okay, 2 TB would be great. Priced near regular 2.5" consumer drives. WD doesn't seem to make SED drives. A shame, their 1 TB Red 2.5" looked nice. Seagate has a "Enterprise Capacity 2.5 HDD" that would work, but it costs an arm and a leg. HGST has drives that should work, like the Z5K1000. As far as I can tell, the model number of the SED version should be HTS541010A7E635. But I can't find that drive in retail where I am. Thanks!
  2. @Brian: Thanks. The model you linked to is 500 GB maximum, which is too little. But it seems their SSHD line has 1 TB, SED and a price premium that isn't too steep. If I can't find anything better, then it might be a Seagate 1 TB SSHD.
  3. A couple of observations: A- You ought to be talking to a server specialist at HP / a large HP partner about this. B- In general, SSDs get somewhat faster in larger sizes, and SSDs have orders of magnitude more IOPS than mechanical HDDs, ... so for these reasons, today it often makes less sense to separate out TempDB, SQL logs, pagefile etc on multiple volumes. Just put it all on one large, sufficiently fast volume, backed by HDD or SSD as needed. Or if you must separate, do so by cost of storage media, i.e. boot OS, apps, pagefile go on mechanical HDD, database files go on SSD. C- Lots of people use OS -> RAID controller -> SAS/SATA SSD. While this is a completely valid choice, it contains quite a lot of duplication of effort. I.e. the RAID controller emulates being a linear block device towards the OS even though it isn't; the SSD emulate being linear block device towards the RAID controller even though it isn't. Instead, investigate using just one high-uptime PCI-Express based SSD for the same workload. D- You're getting the expensive HP server which supports 4 CPU sockets in 2U. Would 2 sockets in 2U be enough? As a rough sketch, I would personally think along the lines of: A 2U, 2-socket Intel Ivy Bridge or upcoming Haswell class system For OS, pagefile and those ARCServe replication files either a: one 4-disk enterprise SAS mechanical HDD, BBU'ed, write-cached RAID 10 array of sufficient size and speed, or b: one or more read-focused, large, JBOD'ed SAS/SATA SSDs. (Choice depending on what the vendor is selling, pricing, and uptime needs.) For the database files, one highly reliable PCI-Express SSD (a.k.a. IO Accelerator) such as LSI WarpDrive, Micron Px20, Fusion-IO, etc.
  4. 270673

    SED Drives : How To ?

    You're right about that, it is a confusing topic. That said, you're missing some bits. There is "pre-boot encryption": SED generally refers to a drive which can encrypt all data ever written to it. Together with your SED drive you must have a motherboard with a TPM chip (Trusted Platform Module, Wikipedia it). The TPM chip is a crytographic co-processor and key storage device. So your motherboard TPM stores the encryption key, and your SED drive encrypts everything ever written to it with the key. This functionality is generally disabled by default, and enabled by turning on BIOS passwords. So when the PC boots from cold (from a full power off), the BIOS will ask for a password. Entering this correctly makes the TPM unlock the encryption key, and send the right key to the SED. The boot process continues. This works with all operating systems, because the operating system doesn't even know that encryption is used. For details on how to set the right BIOS passwords, you must see your motherboard/system manual. When the computer is turned off, TPMs + SED are tamper-resistant. They won't stop someone with a budget in the millions from reading your files. But they will stop a common thief or someone who can only spend tens of thousands from reading your SED drive. The Texas U article you linked to was somewhat misleading in that regard; what it claims does not hold true for modern SED drives, and certainly not for any FIPS certified SED drives. TPM + SED brings some issues of its own. If your motherboard dies, then everything on SED disks become un-readable. Business-class laptops generally have TPMs. Most desktop motherboards do not. There are some business-oriented desktop motherboards that have TPMs, but they're getting scarce. Your best bet might be a business-class desktop system from somone like Dell, Lenovo, HP, etc. There is also post-boot disk encryption, i.e. where the operating system or an application encrypts data in software. How this works will depend your operating system/software. It can be a good idea to combine SED and OS encryption. For example, use a TPM + SED for your boot drive, so that you're booting the OS from a SED drive. Then use OS-level software encryption for your data drives. The benefit is key backup -- Windows and other good OS's make it easy to back up the keys. Thus if your motherboard or SED drive dies, you can buy a new one, reinstall the OS, reload keys for the datadisks from backups, and everything is there. NB: Using encryption increases the risk of data loss. Be sure to have good backups, which are un-encrypted, or encrypted with a different system and with multiple backups of the keys used.
  5. 270673

    Intel 910 vs. FusionIO/ioDrive

    A belated answer, but... Keep in mind that the internal architecture of MySQL is decades old. MySQL spends a great deal of time on data locking, SQL query optimization, shuffling data between layers, etc. Thus even if your storage subsystem was "infinitely fast" and all storage commands returned instantaneously you would still be limited in how fast MySQL can go. You'll have to verify this yourself, but my hunch is that in mixed real'life workloads MySQL won't be that much faster on Fusion-IO, not enough to warrant the price. If you need more than MySQL + Intel 910 gives, then you have two main choices: Find a more scalable RDBMS (i.e. crazy expensive Oracle), or scale horizontally (partitioning over multiple MySQL instances, NoSQL, etc).
  6. I have read in a couple of places that the Samsung Magician 4.0 tool for the 840 Pro SSDs just shrinks NTFS partitions (possibly TRIM'in the left over space in a special way) when the users adjusts over-provisioning. I was planning to get a 840 Pro, change to ~20% over-provisioning, and then put it in a Linux home server. If the Magician 4 software just does a custom partition shrink, it's not so useful for me because the NTFS partition will be removed when I install Linux. (I know about the practical lifespan for modern SSDs, and that I'm probably never going to wear out the 840 in that home server. I'd still like to over-provision it more. It's a .. "because I can" kind of thing. ) Does anyone here know for sure whether Magician 4 does "true" over-provisioning (i.e. making the BIOS "see" a smaller drive), or whether there is another way of doing that with the 840 Pro? That failing, are there any other modern consumer SSDs with a reputation for superb reliability that have user-changeable overprovisioning? Thanks!
  7. @Kdawgca Thank you very much. I agree that the Plextor M5 Pro looks promising; and it has the encryption capability that I'm looking for. As you mention, it's new on the market and has a bit of a premium pricing still. I might go for that drive -- but was hoping to find something a bit cheaper.
  8. Dear all, Maybe a friendly soul can speed me on my way. I'm looking for an inexpensive SSD with Self-Encrypting Drive, a.k.a. Full Disk Encryption, a.k.a. controller AES capabilities. It is for a light-use boot drive. I was hoping for a ~120 GB SSD with a recent controller for ~100 USD, and I value reliability above all else. At first I was hoping for the new Samsung 840 (Pro/NonPro) series. But the Pro series is still a bit expensive, and besides there are anecdotal reports of premature deaths. When I look at my value favorites from the previous generation -- the Samsung 830 series, Crucial m4, Intel 330 they don't support encryption. I'm not a fan of Sandforce. I realize this is harsh, and that many people are super happy with their Sandforce based drives -- but I'm just not a fan. Is there a current favorite drive in the lower-cost but high-reliability segment, which has onboard full disk encryption? I'm perfectly willing to sacrifice performance for field-proven reliability. Thank you,
  9. 270673

    Surest way to destroy data on SSD

    Current SSD firmwares are relative immature. If you really, really need all data to be completely unrecoverable, then my personal take is to either: Ensure no data is ever written to the drive in un-encypted form. In other words, use OS-level encryption such as Windows Bitlocker or Apple Filevault 2. Wipe drive with the manufacturers disk utility after use. Physically shred the drive. (If you don't have a shredder handy, then removing the PCB and cutting through the NVRAM chips will do nicely.) I personally wouldn't try to use a microwave oven, as the microwave can be damaged. If you don't care about the microwave, then I guess it's a viable way to go -- just remove the casing first, and radiate the naked PCB for a while. Here is a security.SE thread about why many forms of software-only wiping of SSDs are potentially unreliable. If you have a 'good' SSD which has full-disk encryption (a.k.a. SED, AES), then try the secure wipe from the manufacturer's disk utility software. See above link.
  10. I'm an old hand here, from way back before the "great forum crash". Now I have been away from harddisk drives for a long time, and have no idea what to buy... I'm looking for a second HDD for my laptop, for storage. Performance is not a primary concern, the OS + main apps will be on a mSATA SSD. I'm looking for: A 'regular' height 2½ inch drive, as quiet as possible, which probably leads to it being a single-platter drive (?), and probably means it's a lower-RPM drive (5400 RPM or lower)? With regards to capacity, I want as much as I can, but within the constraints above. I'm OK with 320 GB, but a little more would be nice. Can someone speed me along, which of today's drives seem appropriate? Thank you,
  11. I'm trying to read up on Self-Encrypting Drives (SED), a.k.a. Full Disk Encryption implemented in the HDD itself. However, while I know a fair bit about cryptography, I'm having a hard time really grokking how SED is implemented end-to-end, and what the potential weaknesses are. Can anyone provide a link to a comprehensive, user-oriented tutorial on how to use SED on a laptop and desktop? What I'm thinking about right now is key management. AFAIK, the BIOS password is also used as password for the SED drive encryption. If that's so, then I'm guessing: On latops with a Trusted Platform Module (TPM), you set the BIOS password, and enter it when booting. The BIOS verifies the password against tamper-proof storage in the TPM module? And if they match, permits booting and sends the password to the SED drive, which uses it to unlock data on the drive? In the case of a desktop which doesn't have a TPM module, the BIOS password is just stored un-encrypted (or weakly encrypted) in CMOS? Thus an attacker could in principle read the CMOS password, and use it to unlock the SED drive? Another angle that might help my understanding is this: What are the main attack vectors against SED harddisks when used as boot drives on a generic SATA computer?
  12. Thanks all. I looked at StorageReviews test of the Hitachi Z5K500, and I'm still considering that drive -- even if it's slow. I was not able to find any reviews of the Seagate Momentus Thin. I think right now I will most likely wait a few weeks until it has retail availability, and then 'blindly' buy the Samsung Spinpoint M8 500 GB (HN-M500MBB). It's a single-platter 500 GB 5400 RPM drive, which I would buy on Samsungs past quiet 2½" drive reputation alone -- no reviews yet; only press releases about mass production having begun.
  13. 270673

    OCZ/Indilix problems?

    @Vilmalith : Sorry to hear that you're having such a crappy experience with OCZ's drives. I'm just a poweruser myself, but so far my three Vertex 2 drives have been OK. Some thoughts: Be sure to update the drives to the latest firmwares. Unfortunately this can be time consuming, because you can't jump directly from very old to brand new firmwares -- there is a specific version path you must follow. Read the updating guides in the OCZ forums for the specifics on how to do this. Be sure to run the "Performance Tool" (aka little DOS program that executes a proprietary trim implementation) from time to time (say, monthly). This helps the drive controller a great deal. But I don't think you can run the TRIM/"Performance Tool" implementation on your RAID arrays? If that's so, then I would switch to other, never SSDs, and give the old Vertex's away to friends for use as boot drives in HTPCs, gaming PCs and the alike.
  14. 270673

    Third party software RAID 5

    The RAIDCore software stack was available as a 3rd party software RAID solution for Windows, and got a glowing review on Tom's Hardware once. I don't know if that product still exists, the RAIDcore ownership has been sold and resold many times.
  15. 270673

    partitions and SSD's

    I agree with Spod's reply above regarding performance, and the benefits of using partitions for separate concerns. On the other hand, SSD drives are typically small, and splitting them up into multiple partitions wastes some space. It's a tradeoff, as always. The SSDs currently worth getting for home use, Intels 2nd generation X25-M MLC and the Indilinx controller drives such as OCZ Vertex, do not use "raid". They read & write to multiple flash lines at once, just like PCs have 2 or 3 RAM channels, but they don't use multiple controllers or anything like that. "RAID" was for a while used on cheap and nasty SSDs with bad controllers, to make them suck less. Avoid these drives. There is no clear connection between performance and drive size with SSDs. Many models perform exactly the same in all sizes. But it can also change a little, depending on the flash RAM used and its configuration in the different drive sizes. This is important -- align the partitions using diskpart or a similar tool, so that file system block boundaries are aligned with SSD page boundaries. Otherwise you get additional write amplification, and thus more wear and tear on the SSD flash. Oh, and BTW, Anandtech has recently put up an article on SSDs that's actually pretty good: http://www.anandtech.com/storage/showdoc.aspx?i=3631
  16. To the original posters question: I have the OCZ Vertex 60 GB drive, and it is ... nice. Clearly faster than traditional HDDs at booting Windows, loading programs etc. I have not used it for that long, so currently I feel it's nice but not need to have by any measure. They say you don't feel SSDs as something special, not until you try to switch back to a regular HDD, perhaps that describes me right now... The Vertex has been solid for me, but the tech is borderline immature. Some drives don't want to talk to some controllers etc. I flashed my drive to the 1275 firmware before starting to use it (warning, flashing destroys all data on drive), and have not had any problems on my Dell D630. YMMV. You could put temp files etc on a Raptor drive, as you suggest. You could also get a larger drive and just use the SSD for all system files (larger so there is a fair amount of free space on the drive, so that wear leveling can work effectively) . I'm currently using the Vertex in my laptop, with a c: partition for OS, and a D: partition using EasyCo MFT write-combining for temp files, swap, data etc. You should absolutely read the OCZ SSD forum, it is a great resource for OCZ SSD and also SSDs in general. Start with the guides marked as "sticky": http://www.ocztechnologyforum.com/forum/fo...splay.php?f=186 HTH, Jesper Mortensen
  17. 270673

    Complete and thorough HDD erase

    For secure HDD erasing, I have for a long time been using DBAN from "The Ultimate Boot CD". It's beginning to show it's age though, it often fails to work with modern chipsets / SATA controllers. In some cases swithing the BIOS away from ACHI and over to plain ATA mode may help. Lately, I have begun to use Truecrypt to format the drive with whole-drive encryption. For this, the drive needs to be attached to a PC with a working boot drive and Windows installation. Based on the time Truecrypt takes for format the drive, and their security mindset, I'm pretty sure that every sector of the drive gets completely overwritten. In my opinion, one should not go overboard about disk wiping. If the NSA wants your secrets, then they probably can get them -- but for the common data thief and the kind of issues normal persons need security against, wiping the entire drive twice should suffice. /Jesper Mortensen
  18. Hi all, I read the very good, knowledgeable discussion in the Solaris ZFS thread. This discussion briefly touched on harddisks versus tape as backup media. This reminded med of a Powerpoint I noted a while back, which may be of interest to some on this board. "Tape is Dead, Disk is Tape, Flash is Disk, RAM Locality is King", available at: http://research.microsoft.com/~Gray/talks/Flash_is_Good.ppt It's a quick read, perhaps nothing new for some users here. The title pretty well describes the central idea in the presentation. /Jesper
  19. Well, yes, but I doubt heat is the primary factor for external HDDs dying. But by all means get a nice enclosure like the Antec MX-1, which has a reasonably quiet but still effective fan. I'm not 101% sure of this, but my belief is that automatic head parking, head fly height adjustments and other technologies to protect from head crash were not used in 3.5" drives until 1-2 years ago. I have seen a friend kill an older 3.5" HD by giving it a very light knock while it was in operation -- 2.5" drives would not have failed from this. If you look at datasheets for recent 3.5" drive models, they explicitly mention head ramps etc, and in the past they didn't. I would say get a new 3.5" HDD model where the datasheet clearly mentions head ramps etc, and use a decent, silicone grommet insulated enclosure like the MX-1. And put the drive on a firm surface before powering it up, and leave it untouched during operation. :-)
  20. Exactly, for some types of data loss scenarios such as you outline, a internal drive is useless. It should be removed from the PC, and ideally there should be 2 or more generations of data copies made at different times. Keep it inside the anti-static bag it came in. This will clearly work. I prefer external enclosures such as the MX-1, because they add robustness to the drive when you handle it & connect it. If you accidentally drop a bare drive or bump it against something, then the PCB can crack very easily. SATA connectors are soldered directly onto the PCB, and are typically not robust enough for many connect/remove cycles. Not so in an enclosure; wear and tear is mostly on the cheap enclosure and its connectors, not on the expensive drive.
  21. I'm using 3 Antec MX-1 HDD enclosures myself. The fan is noticeable, but not loud, and when pushing large amounts of data it does keep the drive noticeably cooler. The eSATA implementation is good. Current drives transfer at their full speed, at least my 100+ mb/s Samsung F1 750GB isn't bottlenecked by the eSATA interface. The drive is mounted in a soft silicone rubber bed with a large fiberplastic casing around, so the drive is as well protected as it can be by a portable, low-cost enclosure. The only downsides to the MX-1 that I see are: Some of them have a fan that makes a stuttering / vibrating noise. The enclosure + external PSU get rather large and bulky. Much of the size comes from a generous clearance between the drive and plastic shell, so the space is useful in helping protect the drive if dropped. Overall, I'm very happy with the MX-1 for its price. I am going to buy more of them soon, for backup in a friends small company. /Jesper
  22. I found this user review: http://forum.notebookreview.com/showthread.php?t=246116 Looks like the 5K320 is the winner, and it also looks as if Notebook Reviews forums is the place for these discussions. -- Jesper Mortensen
  23. I tried searching, but didn't find anything recent. What is the current consensus on which large (250GB or larger) 5400 RPM SATA notebook drive to get? It is for a general-purpose Dell D630 notebook, for office use and for multimedia files. 250 GB could do, but 320+ would be better. Low noise and low power draw / good thermals are priorities... TIA Jesper Mortensen
  24. Thanks. I found this review of some other drives, and read it together with the Tech Report review: http://www.tomshardware.com/reviews/500gb-...k-hdd,1960.html I'll research a bit more, but it looks like 5K320 could be my choice. -- Jesper Mortensen
  25. Ahh, there must be more to say than just look at the SR reviews, have you noticed the frequency of reviews? I did look at the one review of the WD3200BEVT and Hitachis offering, but how about the Seagate 5400.4 and Samsungs offerings? Does anyone have info; or a link to an up to date review of the different drives? TIA, Jesper Mortensen