Comment Re:Security (Score 1) 62
I should make an obligatory reference to Jurassic Park.
I was guessing by the fact that they had employees accessing the building, and parking lots, that it was a facility that had some sort of access.
I should make an obligatory reference to Jurassic Park.
I was guessing by the fact that they had employees accessing the building, and parking lots, that it was a facility that had some sort of access.
Technically, it's just where you're buying the connection. Netflix are already at a shitload of peerings.
AS2096 - 170 peers - http://bgp.he.net/AS2906
AS40027 - dead since Feb 23, 2012 - http://bgp.he.net/AS40027
AS55095 - 2 BGP peers - http://bgp.he.net/AS55095
So now I'm even more confused to WTF they're bitching about.
I agree completely. When I first started using an dreaded (an old LG keyboard phone with a JavaME spun reader I had hacked on to it) I found reading a bit of a chore. It took me a few days to get really comfortable with the seemingly small and yet ultimately pricing differences. Now I regularly read books on my smartphone and tablet without a hitch, and have noticed no recall problems.
Did you look at their floorplan? There are huge wedge shaped gaps.
Or lets do math. For the sake of argument, lets say that the diagram in their virtual tour was to scale. We're also going to say that each rack is a standard 19" rack, taking up 22" each. That can be wrong, but it's what I'm using for measurement.
The entire circular structure has an area of 24,052 sq/ft.
A square structure on the same property would be 30,625 sq/ft
The circular structure wastes 6,573 sq/ft.
Each pod, with a 3' buffer on each end, and a 3' buffer between rows would have a footprint of 768.4 sq/ft. Since I only included one aisle buffer on each (since they share common aisle), add one more aisle at 102 sq/ft.
The total datacenter rack space is really 3,944 sq/ft.
In the difference between the round and square structure, you could put all the racks and aisles. and still have 26,681 sq/ft.
Or about the size of two Olympic size swimming pools.
Or 0.017 LoC.
Or 53,362 bread boxes one layer deep.
Or you could tile the floor of the wasted space with approximately 106,724 AOL CDs, which coincidentally is about half of the total number of AOL CDs received in Centennial, Colorado in one bulk mailing. Unfortunately, it will be very ugly, because you're trying to tile a square floor with round objects which has lots of wasted space.
I could dazzle you with more numbers, but you've already started cursing me, and I really don't care.
(really? Cogent? really really? Well done, Netflix. Not pinching any pennies, at all)
It seems most people either don't know about who's service is how good, or they ignore it.
But hey, they could have gone with Internap. Did they ever lay any of their own fiber, or are they still pushing traffic over the cheapest possible transit?
So?
I used to run a big adult site. We wanted servers closer to the customers for speed. We made enough that we didn't really care about the connection costs. We'd put up server farms around the world where it suited our customers best.
We owned every piece of equipment in our cabinet or cage (depending on the location). The provider equipment ended at the fiber they dropped to us, and the power outlets.
Netflix was hosted with Amazon for a while. A couple years ago, they claimed to have started their own CDN.
Their own CDN site talks about putting Netflix gear out for free. So they are basically saying they want the free ride. No one gets rack space, power, and connections for free. The right thing to do would be to lease the space like everyone else does.
But hey, they're loving to cry about being treated unfairly. They are the loudest ones about it. Honestly, other than speed complaints that are usually a fault, not a conspiracy, I don't know of anyone else talking about the same thing.
It is possible that the world is ganging up on Netflix. It happened to Cogent, more than once. That was mostly they refused to pay on their contractual obligations.
I walked away from crunchy rule systems years ago. Go Fudge go!
Disclosure: I'm a professional Penetration Tester
We find plenty of this sort of setups at our customers. Customers set up VPNs, have a password policy and a virus scanner. They have firewalls and keep user policies restricted. Then we come and we trojan someone, or find a weak WiFi password or whatever we use to get a foothold inside their network all it takes is one little mistake and we're "in". Once we get there, we log keyboards, get password hashes from network or system memory and start to pivot all over the place. Usually, our software will trigger virus alerts, but staff doesn't react to those "in a timely fashion" and we get to keep going even though alarms are going off on several computers. We could cloak our malware and sometimes we do, but usually it's too much trouble and we get domain admin passwords within a few days and rule the network in such a way that admins wouldn't be able to get rid of us if we would rootkit and backdoor properly.
It takes more than some policies and a VPN these days. You need IDS, proper procedures, layered security and skilled, motivated staff that knows how to deal with security incidents. You need properly trained and aware users that aren't afraid to admit they messed up and that have no problem reporting others doing wrong either. Don't trust on a single technical measure, but implement them all and make sure you test and train on a regular basis. Get a data classification policy and protect data according to that policy. That means that stuff like SSNs and anything that can be used for identity theft should get extra layers of protection and alerting implemented. If you don't do all this, a serious intruder will usually get what they want.
You can't fly. You can't for, but you can jump off a skyscraper and flap your arms.
If the ISP is redirecting every port coming from your IP, it doesn't matter what protocol you use. Instead of getting the "hotel" like page, you get nothing.
As described, after looking at their materials, I don't see an advantage to the radial design over a grid design. There is nothing to that which would improve airflow, and it leaves huge underutilized areas.
On the other hand, a traditional grid design optimizes the space, and it would still allow for the same airflow.
It's not a matter of being round, or having dead space, it's simple things we teach children. Square boxes don't fit through round holes. Round objects don't stack optimally.
One of the Equinix datacenters in Los Angeles (previously Pihana Pacific) has all of it's cooling on one side of the room, and returns on the other side. Each row is basically a wind tunnel. There is no appreciable temperature difference between the two sides. Both the front and back of the cabinets have the same airflow, and maintain roughly the same temperature.
As far as the total power load, they could keep the load the same, and have almost half of the building for just storage.
Of course, a square building that the industry uses as a standard for this kind of work, would not make the news. No one would be talking about it.
I guess if they have money to burn and real estate to waste, it doesn't matter what shape they make it or how much space is underutilized.
Did you notice that he talked about the doors to the warm side? Controlled and logged access. And just a couple seconds later he says the top of the pods are all open to the common upper area. I'd hope they'll have something in the way, but I doubt it would be anything that bolt cutters (or just tin snips) and a few minutes would have a problem with.
Particle filtration does not mean it dehumidifies.
You can take a look at their official page. http://www.ohsu.edu/xd/about/initiatives/data-center-west.cfm
The tour video and text talk about plants outside filtering. The video around 3 minutes, shows additional filtering inside.
I suspect prevailing winds will really screw with the site cooling.
The "Virtual tour" has more details than the rest. Nothing about humidity.
Their security seems odd. They talk about the security being very strict. The video shows the inside of each "pod" to be open to the common hot air area in the upper part of the roof. So they have security, but you can get around it by not going through the doors. {sigh}
I never got the idea of sticking square boxes in a round hole. They're wasting a lot of good real estate by leaving all that extra space between the servers.
It seems like it was drawn up with an ideal world in mind, which usually doesn't translate well to the real world.
Memory fault - where am I?