Friday Nov 06, 2015

Webinar: Why Software In Silicon?

Oracle Academy is offering an exciting opportunity to learn about the design principals behind the revolutionary Software in Silicon technology which is at the core of Oracle's SPARC M7 microprocessor chip design.  In this LIVE panel discussion with senior executives from the software and hardware side of Oracle's systems business, you will gain insights into the strategy and thinking behind Oracle’s dramatic re-design of computer chip architecture, as well as be able to ask questions to be addressed live by the panel members.

Course Title:    What Happens When Software Moves Into Silicon (Webinar Replay)
Target Audience:  University students, Oracle customers & partners
Event Date:    November 11, 2015
Event Time:    9:00-10:00am (Pacific Time)

Putting software onto the computer chip (Software in Silicon) is a revolutionary new technology which will fundamentally change the way computer systems are built in the future.  For over five years now Oracle has been investing in improving the Oracle software applications by embedding software technology into the microprocessor -- for better performance, lower cost, higher system availability, and most important of all -- securing the cloud from intruders. Oracle processor engineers have worked closely with their software engineers, in particular the database experts, in hard-wiring capabilities specific to application processes and performance onto the processor—hence the “Software in Silicon” moniker. This webinar will explore what happens when software moves into silicon, as well as providing practical examples of innovative features this new technology brings to the market.

Here are a couple of pre-webinar viewings to wet your appetite:

Forbes: The Breakthrough Technology That Will Turbocharge Big Data And Cloud Computing
Forbes: 10 Reasons Software On Silicon Redefines Enterprise Computing
Youtube (start at 0:00): M7 - Breakthrough Processor and System Design with SPARC M7

Tuesday Nov 03, 2015

OpenWorld 2015 Recap - Secure Cloud

Even if you attended all 5 days of Oracle OpenWorld (OOW) 2015 this past week, there was WAY more content and goings on over the span of 5 days than one could possibly hope to keep track of. 

But if I had to sum it all up in two words for our partners, it would be "Secure Cloud".

"We are in the middle of a generational shift in computing that is no less important than our shift to personal computing..."  Larry Ellison, Oracle OpenWorld Keynote

Looking like he was nearing his 40th birthday, a vibrant Larry Ellison kicked things off on Sunday night with a theme around Cloud, which pretty much set the tone for the week to come, and followed with more than a dozen announcements around Oracle Cloud services and capabilities.  The cloud drum beat continued throughout the week with pretty much all of the executive keynote presentations.  Here are just a couple of quotes I captured in the few I was able to catch:

- “cloud is the biggest change happening to infrastructure in 25 or so years...”  Dave Donatelli
 - “having a public cloud is a requirement for future success...”  Dave Donatelli
 - "we now have virtually 100% of our portfolio rewritten, rebuilt, and modernized for the cloud…” Mark Hurd

Mark Hurd's Monday morning keynote (Vision 2025: Digital Transformation in the Cloud) included a series of IT predictions for 2025:

 - 80 percent of all production apps will be in the cloud. (Today, Hurd noted, it's about 25 percent.)
 - 100 percent of dev tests will be in the cloud.
 - Virtually all enterprise data will be in the cloud.
 - Enterprise clouds will be the most secure IT environments.

So, lets pause here for a minute and look at just how dramatically this is changing business today.
I saw a presentation recently at an industry conference which underscored this perspective. 

4 simple examples -- think about this:

- the largest car rental company in the world has no cars (Uber)
- the largest retailer in the world has no stores (Amazon)
- the largest hotel chain in the world has no hotels (Airbnb)
- the world's most popular media owner creates no content (Facebook)

Clearly a significant power shift is taking place, and disruptors like Airbnb and Uber are leveraging IT to achieve incredible market caps and growth multiples previously unheard of!  This begs the question --- who is going to be around to supply the infrastructure for these clouds and how will they do it!?

Dave Donatelli even played into this point by highlighting key events in the IT industry that are happening because of this shift to the cloud:

- IBM sells its x86 server business to Lenova for $2.3B and pays GlobalFoundries $1.5B to take chip unit
- Dell, Riverbed, Veritas  — all go private
- HP splits in two in a sign of changing times for hardware giants
- Dell buys EMC for $67B (the largest tech deal EVER)

Larry Ellison's 2nd keynote on Tuesday afternoon delivered a compelling argument that Oracle is uniquely positioned to steal this show by focusing on the cloud and shifting the focus of infrastructure to security.   "The biggest concern we have as an industry is security", said Ellison, as he unveiled the new SPARC M7 software in silicon offering.  I would recommend watching the positioning Larry used in the first 30 minutes of this keynote to understand the importance of this theme around secure infrastructure:  The Secure Cloud by Larry Ellison

Wednesday morning then featured 2 keynote presentations which dug into the meat of this infrastructure strategy by Oracle.   John Fowler (EVP for Systems) and Juan Loiza (SVP for Oracle Systems Technology) reviewed this security strategy around Oracle's all-new family of SPARC systems built on the revolutionary 32-core, 256-thread SPARC M7 microprocessor with "Always On" Security in Silicon.  Don't miss the replay on this presentation (below), which provides a detailed overview of how the new SPARC M7 processor-based systems, including the Oracle SuperCluster M7 engineered system, SPARC T7 and M7 servers, and Oracle Solaris 11.3, are designed to seamlessly integrate with existing infrastructure and include Always On security for the cloud.  Here is a ~1 minute segment of John Fowler's representation of the Heartbleed and Venom threats and how SPARC M7's Silicon Secured Memory protection can prevent them.

- The New Era of Secure Computing and Convergence with Oracle Systems by John Fowler and Juan Loiza

Oracle has plenty of customer and partner testimonies on these new systems, 20 new world record benchmarks, and videos from partners and customers which demonstrate why these new servers are such a very big deal to the infrastructure needs of the secure cloud (see summary here).  But returning to Ellison's comments on Tuesday afternoon, the powerful message is around the dramatic innovations Oracle has made with software in silicon on the SPARC M7 processor, especially around the topic of Security.

At Oracle, we think the strategy of pushing software features into silicon is how to get ahead of the bad guys, and new features like Silicon Secured Memory (always on memory protection in hardware) is something our customers see as a clear differentiator for infrastructure in the cloud.  Security has become a #1 concern of our customers.  "We think that going forward, customers are going to be more interested in how a system and application runs encrypted, than you are going to want to know how it runs in the clear, because that's how you are going to be running your datacenter."   John Fowler, EVP, Systems

Why not try it out and see for yourself?
Oracle now offers partners, customers and university researchers access to a Software in Silicon Cloud, which provides developers a secure and ready-to-run virtual machine environment to install, test, and improve their code in a SPARC M7/T7 system running Oracle Solaris.

Saturday Mar 07, 2015

Stopping Security Breaches with a Revolution in Chip Design

Perhaps the most significant value to customers of Oracle’s recently announced SPARC M7 chip  design is the enhanced security it provides.

You only have to browse the daily news headlines to understand just how important security is to Oracle’s enterprise customers today.  Names like Target, Home Depot, Wal-Mart, JP Morgan Chase, Apple and many more immediately come to mind.  Top-level executives are losing their jobs over this.   To quote a March 6, 2015 Fortune Magazine article on “5 Huge Cyber-security Breaches”,

“Hackers have been slipping through corporate computer defenses like they’re Swiss cheese.”

At the Hot Chips Conference in August of 2014 Oracle unveiled the next generation SPARC M7 processor,  a revolutionary change in its microprocessor design, highlighting an architecture advancement called “Software in Silicon.”   SPARC engineers collaborated with Oracle’s software engineers to hardwire specific software techniques directly onto the SPARC M7 chip.  And don’t think this happened over night -- this has been ongoing work between hardware and software teams for a good portion of the 5 years since Oracle purchased Sun Microsystems, along with the rights to the SPARC microprocessor.

In his keynote speech at Oracle OpenWorld 2014, Larry Ellison referred to the M7’s security feature as

the most important piece of engineering we’ve done in security in a very, very long time.” 

So back to the Swiss cheese --

One very important security innovation inherent in this new SPARC M7 microprocessor design is “application data integrity,” or ADI.  ADI makes sure that a memory area is accessed only for the purpose for which it was allocated.  Memory allocation issues are often the source of cyber-security breaches.  ADI can prevent any read or write of data beyond the breadth of the data.  And what is revolutionary is that it does it in hardware – actually in the silicon of the forthcoming SPARC M7 processor.

But that is just the tip of the iceberg.  ADI does a lot more to stop malicious attacks of valuable corporate data.  For example, stopping a security bug like Heartbleed, which is a severe memory handling vulnerability in the OpenSSL library.  Heartbleed can trick the server into sending more memory than a given user is authorized to access, with potential user names, passwords and security key information that should be protected.  When the ADI feature is enabled, it can protect against the Heartbleed bug by detecting an invalid memory access on the server.  Exactly how this works is clearly demonstrated in this short demo of this feature in action.  Check it out -- its pretty cool!

If you are a developer and you want to test this stuff out, Oracle has announced a new Software in Silicon Cloud where you can do that!  This cloud is a secure environment with ready-to-run virtual machine environments. In addition, it includes Oracle Solaris Studio 12.4, which provides a tool set that detects numerous types of memory corruption and can aid developers in quickly improving code reliability.  In fact, an upcoming Studio 12.4 update uses the Software in Silicon ADI feature to help the code analyzer work at near hardware speeds to allow developers to quickly find and fix memory errors with minimal overhead.  Check out Raj Prakash’s blog [Move Over Purify and Valgrind, There is a New Kid in Town], for some staggering numbers on how it compares to other memory access checkers.

Here are some further links to check out  --- note that we have a live webinar on this March 18th:

Monday May 26, 2014

Security Access Control With Solaris Virtualization

Numerous Solaris customers consolidate multiple applications or servers on a single platform. The resulting configuration consists of many environments hosted on a single infrastructure and security constraints sometimes exist between these environments. Recently, a customer consolidated many virtual machines belonging to both their Intranet and Extranet on a pair of SPARC Solaris servers interconnected through Infiniband. Virtual Machines were mapped to Solaris Zones and one security constraint was to prevent SSH connections between the Intranet and the Extranet. This case study gives us the opportunity to understand how the Oracle Solaris Network Virtualization Technology —a.k.a. Project Crossbow— can be used to control outbound traffic from Solaris Zones.

[Read More]

Tuesday Mar 09, 2010

Kinamik Data Integrity secures Solaris audit trails

Kinamik Data Integrity is a software company focused on data integrity, whose mission is to provide an easy answer to a tough question: how do I know the digital records I am looking at are correct?

Kinamik develops the Secure Audit Vault software solution that centralizes and preserves sensitive data; by applying a digital fingerprint to the secured records, it makes them tamper-evident and provides proof that the sealed data has not been manipulated from the moment of its creation. In a context of increasingly stringent compliance requirements, the Kinamik Secure Audit Vault helps organizations in regaining the trustworthiness of their data. The Kinamik innovative R&D has been recognized by several awards including the 2007 Red Herring Top 100 Europe.

Already a partner of Sun and Oracle --Kinamik is a member of the Sun Partner Advantage, Sun Startup Essentials and Oracle Partner Network programs--, Kinamik joined the OpenSolaris community in 2009 and contributed to Sun´s development efforts on the audit_remote plugin by collaborating in the testing processes and providing bug reports to Sun's team.

This plugin enables the secure transmission of audit trails to a remote storage, which would prevent an intruder who compromised a system from being able to delete the audit trail of that system. Kinamik developed the receiver part that allows the audit trails to be secured and stored in real time…

[Read More]

How open innovation and technology adoption translates to business value, with stories from our developer support work at Oracle's ISV Engineering.



« November 2015