Dell Community

Blog Group Posts
Application Performance Monitoring Blog Foglight APM 105
Blueprint for Big Data and Analytics - Blog Blueprint for Big Data and Analytics 0
Blueprint for Cloud - Blog Blueprint for Cloud 0
Blueprint for HPC - Blog Blueprint for High Performance Computing 0
Blueprint for VDI - Blog Blueprint for VDI 0
Latest Blog Posts
  • Dell Big Data - Blog

    Meet us at Strata + Hadoop World and Let the Transformation Begin


    We are headed out to the Big Show for Big Data, the Strata+Hadoop World event being held September 27-29, in New York City. We look forward to meeting with partners and customers as we take a closer look at the customer journey and the possibilities that exist in driving Big Data Hadoop adoption. Dell EMC has integrated all the key components for modern digital transformation, taking you on a Big Data journey that focuses on analytics, integration, and infrastructure. We have a number of exciting discussions planned and invite you to attend the events or connect with our team directly at booth #501. We will have some great giveaways that you won’t want to miss out on. You can also join us throughout the conference for All Day - Facebook LIVE videos on the Dell EMC Big Data Facebook page.

  • Dell Big Data - Blog

    Hadoop World creates a stage for the new Dell EMC portfolio

    By Armando Acosta
     

    The Strata + Hadoop World conference gets under way today, Tuesday, September 26, at the Jacob Javits Center in New York City. As always, the event will be a showcase for leading-edge technologies related to big data, analytics, machine learning and the like, but this year’s event brings some added attractions.

    For starters, the conference will be the first major event to put the spotlight on the broad portfolio of Dell EMC solutions for unlocking the value of data and enabling the data analytics journey. As individual companies, both Dell and EMC had impressive product families in this space. And now that the two companies have become one newly formed company, the combined portfolio is arguably one of the best in the industry. In many ways, we’re talking about a “1 + 1 = 3” equation.

    The Dell EMC portfolio for big data and modern analytics includes integrated, end-to-end solutions based on validated architectures incorporating Cloudera distributions for Hadoop, Intel technologies, and analytic software, along with Dell EMC servers, storage, and networking.  The portfolio spans from starter bundles and reference architectures to integrated appliances, validated systems and engineered solutions. Our portfolio makes it easier for customers by simplifying the architecture, design, configuration/testing, deployment and management. By utilizing the Dell EMC portfolio, customers can minimize the time, effort, and resources to validate an architecture. Dell EMC has optimized the infrastructure to help free customers’ time to focus on their use cases.

    For customers, the Dell EMC portfolio equates to a tremendous amount of choice and flexibility in deployment model, allowing customers to buy, deploy and operate solutions for big data and modern analytics no matter where they are in their journey. From industry-leading integration capabilities to direct-attached and shared storage, from real-time analytics to virtualized environments and hybrid clouds, choice spans the portfolio. The Dell EMC portfolio is configured and tuned to provide leading performance to run analytics workloads, enabling faster decision making.

    Recent advances in the portfolio will be in the spotlight at the Dell EMC booth #501 at Strata + Hadoop World and will include use case-based solutions and validated systems for Cloudera Hadoop deployments. Our first iteration of the Hadoop reference architecture was published in 2011, when we partnered with Cloudera and Intel to develop a groundbreaking architecture for Apache Hadoop, which was then a young platform. Since then, hundreds of organizations have deployed big data environments based on our validated systems.

    The widespread adoption of simplified and cost-effective validated systems points to a broader theme that will permeate the Strata + Hadoop World conference. That is one of Hadoop as a maturing platform that is heading into the mainstream of enterprise IT and delivering proven business value.

    About that business value? Dell EMC and Intel commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study to examine the potential ROI enterprises may realize by deploying the Dell EMC | Cloudera Apache Hadoop Solution, accelerated by Intel. Based on interviews with organizations using these solutions, the TEI study identified these three-year risk-adjusted results:

    • Payback: Six months
    • Net present value (new income): $5.6 million
    • ROI: 97 percent—meaning for every $1.00 spent, $1.97 is returned

    Clearly, there are many reasons to be excited about how far we’ve come with Hadoop, and the potential to take the platform to all new levels with the Dell EMC portfolio. If you’re heading to Strata + Hadoop World, you will have many opportunities to learn more about the work Dell EMC is doing to help organizations unlock the value of their most precious commodity—their data.

    In the meantime, you can learn more at Dell.com/Hadoop.

     

    Armando Acosta is the Hadoop planning and product manager and Subject Matter Expert at Dell EMC.

     

     

     

  • Dell TechCenter

    Managing your Linux infrastructure with Ansible Part 2

    A couple of months ago I wrote a blog introducing Ansible and explained the type of tasks that can be easily automated with Ansible. Here I provide an overview of the most important concepts and share useful tips learned from experience in the past few months.

    Tasks: A task is the smallest unit of work. It can be an action like “Install a database”, “Install a web server”, “Create a firewall rule” or “Copy this configuration file to that server”.

    Plays: A play is made up of tasks. For example, the play “Prepare a database to be used by a web server” is made up of tasks: 1) “Install the database package” 2) “Set a password for the database administrator” 3) “Create a database” and 4) “Set access to the database”.

    Playbook: A playbook is made up of plays. A playbook could be “Prepare my web site with a database backend”, and the plays would be 1) “Set up the database server” and 2) “Set up the web server”.

    Roles: Roles are used to save and organize playbooks and allows sharing and reuse of existing roles. Following the previous examples: if you need to fully configure a web server, you can use roles that others have written and shared. Since roles are highly configurable (if written correctly) they can be easily re-used to suit any given deployment requirements.

    Ansible Galaxy: Ansible Galaxy is an online repository where roles are uploaded so they can be shared with others. It is integrated with GitHub, so roles can be organized into git repositories and then shared via Ansible Galaxy.

    These definitions can be depicted as shown below:

    Please note this is just one way to organize what we want to do. We could have split up installation of the database and the web server into separate playbooks and into different roles. Most roles in Ansible galaxy install and configure individual applications. For example, here is one for installing mysql and another one for installing httpd.

    Tips for writing plays and playbooks

    The best source for learning Ansible is the official documentation site. And as usual, online search is your friend. I recommend starting with simple tasks like installing applications or creating users. Once you are ready, follow these guidelines:

    • When testing, use a small subset of servers so that your plays execute faster. If they are successful in one server, they will be successful in others (assuming there aren’t any hardware dependencies in your playbooks).
    • Always do a dry run to make sure all commands are working (run with --check-mode flag).
    • Test as often as you need to without fear of breaking things. Tasks describe a desired state, so if a desired state is already achieved, it will simply ignore it.
    • Be sure all host names defined in /etc/ansible/hosts are resolvable.
    • Because communication to remote hosts is done using SSH, keys have to be accepted by the control machine, so either 1) exchange keys with remote hosts prior to starting or 2) be ready to type in “Yes” to accept SSH key exchange requests for each remote host you want to manage.
    • Although you can combine tasks for different Linux distributions in one playbook, it’s cleaner to write separate playbook for each distro.

    Next up

    In my next blog, I will share a role for adding the official Dell repositories for installing OpenManage Server Administrator and Dell System Update on RHEL and Ubuntu operating systems.

  • Network, SRA and Email Security Blog

    Three Tough Questions You Must Ask About HTTPS to Avoid Cyber Attacks

    Preventing your organization from being the victim of an inevitable cyber-attack is paramount so it is important for us to kick off this blog with an important risk question. 

    Do you know whether or not your organization‘s firewall is inspecting HTTPS traffic traversing its networks? 

    I have polled this question on numerous webinars I have conducted over the past year.  The results consistently showed the majority of organizations have yet to perform HTTPS inspection as part of their defense strategy.  With HTTPS on the rise, accounting for nearly two-third of your organization’s internet traffic today, hackers have expanded their craft to use the protocol to obfuscate their attacks and malware from security systems. Your timely response to this new threat could mean the difference between experiencing a material breach versus successfully adverting one. Of course, the latter would be desirable. So, should you have the slightest doubt about your organization’s security posture to deal with encrypted threats, I want you to immediately pause and resume reading this post after you have spoken to your IT security leaders.  I’d like you to raise your concerns about the potential millions of intrusions and tens of thousands of malware attacks launched against your organization each and every hour - many of which are likely new versions of ransomware delivered inside of HTTPS sessions.  If the firewall is not inspecting this traffic, it would not have the ability to understand what is inside that traffic – whether a file is benign or malicious, credit cards being stolen or financial and health records were being shared with an external system.  I hope you return to this blog with a sigh of relief that your organization is not among the majority of respondents that do not.    

    You got the good news that your organization is inspecting HTTPS traffic. The next logical question is “Has your organization experienced frequent network service disruptions or downtime as a result of a total collapse of your firewall performance when inspecting HTTPS traffic?”

    Inspecting encrypted traffic is not without its set of big challenges.  There are two key components of HTTPS inspection that severely impact firewall performance - establishing a secure connection and decrypting and later re-encrypting packets for secured data exchange.  Unlike inspecting internet traffic in plain text, encrypted traffic introduces six additional compute processes that must occur before data is sent back and forth between a client’s browser and the web server over an HTTPS connection.  Each process is highly complex and compute-intensive.  Most firewall designs today don’t provide the right combination of inspection technology and hardware processing power to handle HTTPS traffic efficiently. They often collapses under the load and subsequently disrupt business-critical operations.  According to NSS Labs, the performance penalty on a firewall when HTTPS inspection is enabled can be as high as 81 percent. In other words, your firewall performance is degraded to a level that it is no longer usable. 

    This leads us to the final and most important question “How can you scale firewall protection to prevent performance degradation, lag and latency of your network when inspecting HTTPS traffic?”

    The right answer begins with the right inspection architecture as the foundation. Most modern firewalls today have deep packet inspection (DPI) capability claiming to solve many of the above security and performance challenges. However, not all firewalls perform equally or as advertised in the real world. In fact, many of them have inherent design inefficiencies that reduce their ability to handle today’s massive shift towards an all-encrypted Internet.  You have one of two choices when it comes to inspection technology. These are Reassembly-Free Deep Packet Inspection (RFDPI) and Packet Assembly-based. Each uses different inspection method to scan and analyze data packets as they pass the firewall. You will quickly discover the performance of most firewalls will collapse under heavy HTTPS load. To avoid a post-deployment surprise, my recommendation is to do your due diligence. Thoroughly qualify and measure all firewalls under consideration and select one that meets both your desire level of performance and security effectiveness without hidden limitations.  These are fundamental metrics that you want to heavily scrutinize when selecting a firewall to perform HTTPS inspection. Establishing the right firewall foundation will give you the agility to scale your security layer and solve the performance burden of inspecting HTTPS traffic inside your data center operations.   

    Uncovering evasive threats hiding inside encrypted network traffic is central to the success of your network defense.  For more detail information, read our Executive Brief titled, “The Dark Side of Encryption - Why your network security needs to decrypt traffic to stop hidden threats.”

  • Dell TechCenter

    13G PowerEdge Server Performance Sensitivity to Memory Configuration

    Author: Bruce Wagner, September 2016 (Solutions Performance Analysis Lab)

     

    The goal of this blog is to illustrate the performance impact of DDR4 memory selection. Measurements were made on a Broadwell-EP CPU system configuration using the industry standard benchmarks listed in the following table 1.

     

    Table 1: Detail of Server and Applications used with Intel Broadwell processor

    Server

    Dell PowerEdge R630

    Processor

    2 x E5-2699 v4 @2.2GHz, 22 core, 145W, 55M L3 Cache

    Memory

    DDR4 product offerings including:

    8GB 1Rx8 2400MT/s RDIMM (DPN 888JG)

    32GB 2Rx8 2400MT/s RDIMM (DPN CPC7G)

    64GB 4Rx8 2400MT/s LR-DIMM (DPN 29GM8)

    Power Supply

    1 x 750W

    Operating System

    Red Hat Enterprise Linux 7.2 (3.10.0-327.el7.x86_64)

    BIOS options

    Memory Operating Mode – Optimizer

    Node Interleaving – Disabled

    Snoop mode – Opportunistic Snoop Broadcast

    Logical Processor – Enabled

    System profile – Performance

    BIOS Firmware

    2.1.7

    iDRAC Firmware

    2.30.30.30

    SPECcpu2006

    Intel optimized 16.0.0.101 linux64 binaries (http://www.spec.org/cpu2006)

    STREAM

    v5.10 source from https://www.cs.virginia.edu/stream/

    Intel Parallel Studio 2016 update2 compilation

     

    Table 2 and figure 1 detail the memory subsystem within the 13G PowerEdge R630 as containing 24 DIMM sockets split into two sets of 12, one set per processor. Each 12-socket set is organized into four channels with three DIMM sockets per channel.

     

    Table 2: Memory channels

    Processor

    Channel 0 DIMM Slots

    Channel 1 DIMM Slots

    Channel 2 DIMM Slots

    Channel 3 DIMM Slots

    CPU 1

    A1, A5, A9

    A2, A6, A10

    A3, A7, A11

    A4, A8, A12

    CPU 2

    B1, B5, B9

    B2, B6, B10

    B3, B7, B11

    B4, B8, B12

     

    Figure 1: Memory socket locations

     

    Figure 2: Performance Impact of Memory Type

     

    From Figure 2 we see that a memory configuration based upon Registered DIMMs (RDIMMs) provides a comprehensive 3.1% performance advantage as compared to an equivalent sized one composed of Load-Reduced DIMMs (LR-DIMM) despite both running at 2400 MT/s. LR-DIMMs make larger capacity memory configurations possible, but their inherently higher access latency results reduced application performance. LR-DIMMs also impose a nearly 30% power consumption penalty over the equivalent size/speed RDIMM. LR-DIMM should be resorted to only when the total system memory capacity requirement dictates a 3DPC configuration.

     

     Table 3: Memory speed limits for 13G PowerEdge Models

     

     

    Figure 3: Performance Impact of DIMM Rank Organization
     

    From figure 3 we see that a 1DPC memory configuration composed of DIMMs of dual rank internal organization outperforms one composed of single rank DIMMs by 14%. This is due to DRAM’s large inherent delay when reversing read and write cycle access on a given rank leading to a significant reduction in throughput bandwidth on the memory channel. Given dual rank DIMMs or multiple DIMMs per channel, the CPU’s integrated memory controller can overlap schedule reads and writes on the memory channel to minimize RW turnaround time impact.


     

    Figure 4: Performance Impact of Memory Speed

     

     Figure 4 shows that a 2400 MT/s memory configuration provides 14% higher overall application performance than a 2133 MT/s one all other factors being the same. Modern 8Mbit 1.2V DDR4 DIMM technology is such that the higher speed incurs only a nominal increase in power consumption and thermal dissipation. 2400 MT/s DIMMs pricing and availability is also rapidly trending to be the commodity sweet spot.

     

    Figure 5: Performance Impact of DIMM Slot Population

    Figure 5 shows that a 2DPC population results in a slight 0.9% workload performance uplift over a 1DPC one attributed to the same memory controller data transfer overlap efficiency improvements as discussed for figure 3. A 3DPC result is shown to further highlight the marked performance degradation that results from the necessity to down clock the memory subsystem from 2400 MT/s to 1866 MT/s.

    Figure 6: Performance Impact of DIMM Population Balance

     

    In figure 6 we see a wide disparity in overall system memory bandwidth as a result of DIMM population balance.

    Although the default Optimizer (aka Independent Channel) Memory Operating Mode supports odd numbers of DIMMs per CPU, there is a severe performance penalty in doing so.

    The full list of memory module installation guidelines can be found within the product owner’s manual available thru www.dell.com.

    In summary, to maximize workload performance the recommendation for 13G 2 socket servers is to populate all available channels with (2) dual–rank registered, 2400 MT/s DIMMs per channel.

  • Dell Cloud Blog

    Get started and streamline your journey to cloud with Hybrid Cloud System for Microsoft

    At this year’s worldwide partner conference, Microsoft announced our partnership delivering Azure Stack as an Integrated System targeting availability of mid-2017. For Dell, this is a continuation of the partnership and joint development with Microsoft going back to the early days developing Cloud Platform Systems with a focus on delivering integrated Systems for Hybrid Cloud solutions to our customers. Azure Stack is the next phase of that partnership.

    Another key highlight from the Microsoft announcement was Microsoft’s recommendation to adopt Cloud Platform Systems (CPS) today to move forward in the cloud journey.

     

    “Customers ready to deploy an Azure-consistent cloud on their premises now should buy Microsoft Cloud Platform Solution (CPS). Customers will be able to use Azure Stack to manage CPS resources thereby preserving investments in CPS.”Mike Neil, Corporate Vice President, Enterprise Cloud, Microsoft Corporation

     

    The Dell Hybrid Cloud System for Microsoft CPS Standard (DHCS), our integrated system for CPS hybrid cloud, is a great way to get started and streamline your journey to cloud. The early steps to a hybrid cloud for customers are usually evolutionary, but still impact applications, security, infrastructure, and the operating model. The path to Azure Stack is in steps even further along that journey; so getting started with DHCS today helps with three key areas:

    1. Rationalizing applications
    2. Adopting the cloud model
    3. Getting started with hybrid

     

    So for example (area #1), most applications today are virtualized, either traditional enterprise (Exchange, SharePoint) or so-called “n-tier” such as web or databases. As a first step, you inventory the applications and assess your options based on classification of applications and data, cost, security, and so forth. By the end of this step, you have identified the applications to rehost as IaaS virtual machines (VMs) in a cloud infrastructure like DHCS, and a migration plan for the applications and data. Eventually as you re-tool yourself to rebuild some of your existing applications as cloud native or develop new cloud native applications, Azure Stack will provide you with a platform to develop and deliver them on premises. With our integrated system for Azure Stack, you can continue to run your traditional applications on DHCS while managing them from Azure Stack as IaaS VMs without having to migrate or upgrade your current investments.

     

    Area #2 is the part of your journey towards cloud having to do with adopting the cloud model. Orienting your business and operating model towards service delivery and consumption is key to getting most from cloud, and takes time and experience to achieve. Adopting multi-tenancy, self-service, metering and governance are critical first steps towards being truly cloud native. With a consumption model, you are now able to increase utilization and gain control of your resources and reduce cost risk while rapidly delivering services that your tenants need. DHCS comes ready to enable adoption of the cloud model on premises, on a software-defined infrastructure that is familiar and proven in the market today.

     

    Hybrid adoption is the final area most customers struggle with. We have identified two main hybrid use cases to get started that bring value to customers today, and integrated them out-of-the-box into DHCS. With the Backup and Site Recovery services from the Microsoft Azure public cloud, you not only get integration into Azure, but also the ability to efficiently implement a business-continuity strategy with zero CAPEX and with OPEX based on consumption for your on-premises cloud.

     

    With the Dell Hybrid Cloud System for Microsoft, you get a platform ready to rehost your applications today and deliver them as services to your tenants, enabling self-service, metering, and governance. You also get the option to consume Microsoft Azure services like Backup and Site Recovery out of the box. DHCS is built on a familiar and proven technology stack with Windows Server, System Center and Windows Azure Pack, enabling you to focus less on the workings of the technology and more on areas that transform your business as you continue to take advantage of cloud.

     

    Whether you choose to rehost the applications and adopt IaaS with DHCS or eventually re-factor applications to leverage any of the Azure platform-as-a-service capabilities, Dell will partner with you along this journey and protect your investments as you adopt DHCS today and plan for Microsoft Azure Stack tomorrow.

  • Identity and Access Management - Blog

    The Identity Access and Management Community Has Moved! Come See Our New Home.

    It's the moment we've all been waiting for!  We've launched our brand new Identity Access and Management Community!

    If you're looking for new content around One Identity solutions and more, head over to the new site!  We know you may have some questions.  How did we get here? What we are doing, when we're doing it, and why? 
    Read about all of the new features with in the new Community and learn how our community seeks to give you the information you need. Please check out our new blog.

    We promise to give you a more focused user experience in our new community where you can get the information you want through an easier navigation. If you have suggestions on how we can make our new home better, post your thoughts on our Feedback Forum.

    And if the new  IAM Community sounds intimidating, don't worry, here's "Everything you need to know to get started in the new community!"
  • Network, SRA and Email Security Blog

    We are Sparta; The Battle to Defend our Data from Invaders

    With a background in security and ancient history, I love to draw correlations between the famed battles of old and the network security struggles of the modern world. To better understand this you have to look at the data. Since our customers started using SonicWALL Capture Advanced Threat Protection (ATP) Service we now have a better look to see where attacks are coming from and how often they happen. To get a manageable sample size I thought I would narrow this down to 300 companies; one for each Spartan in the battle of Thermopylae.


    It was this legendary battle where a small force of 300 Spartans teamed up with a few thousand Greek soldiers to defend their homeland from an invading force more than 10 times their size. Every day, companies are pitched in a similar conflict with those who want to penetrate their network’s defenses to gain access to their data. Outnumbered by an onslaught of newly authored malware, companies need help keeping their data secure in the face of ransomware and other zero-day attacks. In the technology world, one of SonicWALL’s Spartans is Capture ATP, a multi-engine cloud-based isolated environment where customers can examine suspicious code, files, and executable programs.

    This ATP Service was released for general availability in August 2016 and the metadata has been coming in. One of the biggest questions our partners and customers have is about the amount of data that is sent to the cloud and the speed of the service. In short, the speed of cloud-based analysis is fast; but to help you understand, let’s take a peek at one day’s data from 300 customers in their “Battle of Thermopylae” to stay secure.

    In one day, a pool of 300 average customers can expect (rounded numbers for readability):

    • 28,800 files will not be known to the firewall and will be sent to Capture for further analysis.
    • 10,700 will be known or duplicate to the Capture service and won’t require further processing. The file verdict will be returned to the firewall and the file blocked or released per policy.
    • 18,100 will be unique and will go through pre-filtering before sandbox analysis.
    • 15,450 will be identified as good and allowed to pass through into the network.
    • 130 will be fairly new malware known by Capture pre-filter but not the firewall’s static-filters at the time of scan but will very soon.
    • After this step 2,520 (+/- 15%) will be labeled as suspicious and will be sent to Capture ATP sandboxes for analysis. Most will be identified as good and hashes are created and sent to our Capture database so we don’t have to analyze them again.
    • On this day, six were found to be never-before-seen malware (44 were found in the previous seven days; with a high of 10 and a low of 1).
    • These six were a mixture of Trojans, ransomware (Locky) and other malware.
    • In near real-time, six hashes for the newly discovered malicious files were submitted to the Capture database and all other Capture ATP subscribers are immediately protected from follow-on attacks. These files were also sent to the SonicWALL GRID team to analyze and create signatures to be added to the GAV and IPS database within 48 hours.
    • Two seconds was the median processing time per file.
    • 83% of files are analyzed with a verdict in under five seconds.
    • The total amount of data sent to the cloud for all 300 was less than 9.8 GB which is about 32.6 MB uploaded for each organization; the equivalent of watching a 10-minute YouTube video.
    • To understand the plight of the 300, they will see 2,450 new malware variants in a year which is more than eight per network.

    It stands to reason that SonicWALL Capture ATP’s multi-engine environment gives customers a powerful and fast tool to stop the most advanced persistent threats from hitting an organization’s infrastructure. To learn how you can leverage SonicWALL Capture read this technical brief on how to deliver deeper network security. Remember together, we are Sparta!

    Converse with us on Twitter or Email us.

  • General HPC

    Application Performance Study on Intel Broadwell EX processors

    Author: Yogendra Sharma, Ashish Singh, September 2016 (HPC Innovation Lab)

    This blog describes the performance analysis on a PowerEdge R930 server powered by four Intel Xeon E7-8890 v4 @2.2GHz processors (code named as Broadwell-EX). Primary objective of this blog is to compare the performance of HPL, STREAM and few scientific applications ANSYS Fluent and WRF with the previous generation of Intel processor Intel Xeon E7-8890 v3 @2.5GHz codenamed Haswell-EX. Below are the configurations used for this study.

    Platform

    PowerEdge R930

    PowerEdge R930

    Processor

    4 x Intel Xeon E7-8890 v3@2.5GHz (18 cores) 45MB L3 cache 165W

    4 x Intel Xeon E7-8890 v4@2.2GHz (24 cores) 60MB L3 cache 165W

    Memory

    1024 GB = 64 x 16GB DDR4 @2400MHz RDIMMS

    1024 GB = 32 x 32GB DDR4 @2400MHz RDIMMS

    BIOS Settings

    BIOS

    Version 1.0.9

    Version 2.0.1

    Processor Settings > Logical Processors

    Disabled

    Disabled

    Processor Settings > QPI Speed

    Maximum Data Rate

    Maximum Data Rate

    Processor Settings > System Profile

    Performance

    Performance

    Software and Firmware

    Operating System

    RHEL 6.6 x86_64

    RHEL 7.2 x86_64

    Intel Compiler

    Version 15.0.2

    Version 16.0.3

    Intel MKL

    Version 11.2

    Version 11.3

    Intel MPI

    Version 5.0

    Version 5.1.3

    Benchmark and Applications

    LINPACK

    V2.1 from MKL 11.2

    V2.1 from MKL 11.3

    STREAM

    v5.10, Array Size 1800000000, Iterations 100

    v5.10, Array Size 1800000000, Iterations 100

    WRF

    v3.5.1, Input Data Conus12KM, Netcdf-4.3.1.1

    V3.8 Input Data Conus12KM, Netcdf-4.4.0

     ANSYS Fluent  v15, Input Data: truck_poly_14m, sedan_4m, aircraft_2m  v16, Input Data: truck_poly_14m, sedan_4m, aircraft_2m

     

           Table 1: Details of Server and HPC Applications used with Broadwell-EX processors

    ____________________________________________________________________________________________________________________________________

    In this section of the blog, we have compared benchmark numbers with two generations of processors on the same server platform i.e. PowerEdge R930 as well as performance of Broadwell-EX processors with different CPU profiles and memory snoop modes namely Home Snoop (HS) and Cluster On Die(COD).

    The High Performance Linpack Benchmark is a measure of a system's floating point computing power. It measures how fast a computer solves a dense n by n system of linear equations Ax = b, which is a common task in engineering. HPL benchmark was run on both PowerEdge R930 servers (With Broadwell-EX and Haswell-EX ) with block size of NB=192 and problem size of N=340992.

      

    Figure 1: Comparing HPL Performance across BIOS profiles      Figure 2: Comparing HPL Performance over two generations of processors

    Figure 1 depicts the performance of PowerEdge R930 server with Broadwell-EX processors on different BIOS options. HS (Home snoop mode) performs better than the COD (Cluster-on-die) on both of the system profiles Performance and DAPC. Figure 2 compares the performance between four socket Intel Xeon E7-8890 v3 and Intel Xeon E7-8890 v4 processor servers. HPL showed 47% performance improvement with four Intel Xeon E7-8890 v4 processors on R930 server in comparison to four Intel Xeon E7-8890 v3 processors. This was due to ~33% increase in the number of cores and 13% increase due to new improved version of both Intel compiler and Intel MKL.  

    Stream benchmark is a synthetic benchmark program that measures sustainable memory bandwidth and the corresponding computation rate for simple vector kernels.

     

      

    Figure 3: Comparing STREAM Performance across BIOS profiles   Figure 4: Comparing STREAM Performance over two generations of processors

     

    As per Figure 3, the memory bandwidth of PowerEdge R930 server with Intel Broadwell-EX processors are same on different bios profiles. Figure4 shows the memory bandwidth of both Intel Xeon Broadwell-EX and Intel Xeon Haswell-EX processors with PowerEdge R930 server. Both Haswell-EX and Broadwell-EX support DDR3 and DDR4 memories respectively, while the platform with this configuration supports 1600MT/s of memory frequency for both generation of processors. Due to the same memory frequency supported by the PowerEdge R930 platform for both generation of processors, both Intel Xeon processors have same memory bandwidth of 260GB/s with the PowerEdge R930 server.

    The Weather Research and Forecasting (WRF) Model is a mesoscale numerical weather prediction system designed for both atmospheric research and operational forecasting needs. It features two dynamical cores, a data assimilation system, and a software architecture facilitating parallel computation and system extensibility. The model serves a wide range of meteorological applications across scales from tens of meters to thousands of kilometers. WRF can generate atmospheric simulations using real data or idealized conditions. We used the CONUS12km and CONUS2.5km benchmark datasets for this study. CONUS12km is a single domain and small size (48hours, 12km resolution case over the Continental U.S. (CONUS) domain from October 24, 2001) benchmark with 72 seconds of time step. CONUS2.5km is a single domain and large size (Latter 3hours of a 9hours, 2.5km resolution case over the Continental U.S. (CONUS) domain from June 4, 2005) benchmark with 15 seconds of time step. WRF decomposes the domain into tasks or patches. Each patch can be further decomposed into tiles that are processed separately, but by default there is only one tile for every run. If the single tile is too large to fit into the cache of the CPU and/or core, it slows down computation due to WRF’s memory bandwidth sensitivity. In order to reduce the size of the tile, it is possible to increase the number of tiles by defining “numtile = x” in input file or defining environment variable “WRF_NUM_TILES = x”. For both CONUS 12km and CONUS 2.5km the number of tiles are chosen based on best performance which is equal to 56.

      Figure 5: Comparing WRF Performance across BIOS profiles

    Figure 5 demonstrates the comparison of WRF datasets on different BIOS profiles .With Conus 12KM data ,all the bios profiles performs equally well because of the smaller data size while for CONUS 2.5KM Perf.COD (Performance System Profile with Cluster-On-Die snoop mode) gives best performance. As per the figure 5, the Cluster-on-Die snoop mode is performing 2% higher than Home snoop mode, while the Performance system profile gives 1% better performance than DAPC.

     Figure 6: Comparing WRF Performance over two generations of processors

    Figure 6 shows the performance comparison between Intel Xeon Haswell-EX and Intel Xeon Broadwell-EX processors with PowerEdge R930 server. As shown in the graph, Broadwell-EX performs 24% better than Haswell-EX for CONUS 12KM data set and 6% better for CONUS 2.5KM.

    ANSYS Fluent is a computational fluid dynamics (CFD) software tool. Fluent includes well-validated physical modeling capabilities to deliver fast and accurate results across the widest range of CFD and multi physics applications.

    Figure 7: Comparing Fluent Performance across BIOS profiles

    We used three different datasets for Fluent with ‘Solver Rating’ (Higher is better) as the performance metric. The above graph Figure 7 shows that all three datasets performed 4% better with Perf.COD (Performance System Profile with Cluster-On-Die snoop mode) bios profile than others. While, the DAPC.HS (DAPC system profile with Home snoop mode) bios profile shows lowest performance. For all three datasets ,the COD snoop mode performs 2% to 3% better than Home snoop mode and Performance system profile performs 2% to 4% better than DAPC. For all these three datasets the behaviour of Fluent is consistent.

    Figure 8: Comparing Fluent Performance over two generations of processors

     

    As shown above in Figure 8, for all the test cases on PowerEdge R930 with Broadwell-EX ,Fluent showed 13% to 27% performance improvement in-comparision to PowerEdge R930 with Haswell-EX.

    ________________________________________________________________________________________________

     

    Conclusion:

    Overall, Broadwell-EX processor makes the PowerEdge R930 server more powerful and more efficient. With Broadwell-EX, the HPL performance increses in the smae manner as increase in the number of cores in comparison to Haswell-EX. There is also increase in the performance for real time applications depending on their nature of computation. So, it can be a good choice to upgrade for those who are using compute hungry applications.

     


  • Identity and Access Management - Blog

    How to Achieve HIPAA Security Compliance

    For many organizations, compliance with data security standards doesn’t seem to be getting easier. First of all, IT security compliance efforts are forever competing for attention and funding with information-security projects, operational vulnerabilities and daily business risks. As compliance projects aren’t nearly as attractive as security breaches are scary, they often lose out in the battle for resources.

    However, in any industry where compliance is an issue, organizations will find that they no longer can afford to ignore compliance issues. Sooner or later, these organizations are going to be required to demonstrate that they have the appropriate internal controls in place to minimize the risk of fraud or data breach.

    To get ahead of the game, you need to understand and define control objectives and select solutions that ensure consistency of foundational processes, such as managing user identities, roles, group memberships and attestation reviews. Effectively managing user identities and entitlements will go a long way in satisfying multiple control objectives, which in turn will enable you to achieve and demonstrate compliance as well as automate compliance-related tasks.

    For the many healthcare-related organizations struggling to meet Health Insurance Portability and Accountability Act (HIPAA) requirements, this white paper will give you a great overview of IT security compliance from an auditor’s perspective. Although the HIPAA Security Rule represents only a portion of the data security compliance obligations faced by most organizations, it is one of the most significant. This is especially true today in light of recent, well-publicized breaches that have plagued many of today’s large healthcare organizations.