There is no better time to announce a world-record TPC-C benchmark result with Oracle than right before Oracle Open World 2012. The Cisco UCS C240 M3 Rack Server with two Intel® Xeon® E5-2690 2.9 GHz Processors and 768 GB memory running Oracle Database 11g Standard Edition achieved the best 2-Processor performance record of 1.6 Million transactions-per-minute  beating the nearest competition, the IBM Flex System x240 Server with identical Intel processor and memory footprint running DB2 , by 7% better performance and 11% lower price-performance. This benchmark result is yet another demonstration of the performance and price-performance advantages of Cisco UCS for running enterprise applications.
This result also demonstrate a 53% improvement in performance from the previous generation of servers (see chart 1)  and in line with Moore’s Law (see chart 2). (Yes, TPC-C trend has been in line with Moore’s Law) .
Chart 1: TPC-C: 53% improvement from Cisco UCS M2 to M3 Generation
Chart 2: Transaction Rate vs. Moore’s Law
As of 9/27/2012. Source: Transaction Processing Performance Council (TPC), www.tpc.org.
The Transaction Processing Performance Council (TPC) is a non-profit corporation founded to define transaction processing and database benchmarks and to disseminate objective and verifiable performance data to the industry.
Often referred to as the flagship server benchmark that measures online transaction processing performance, TPC-C simulates a complete compute environment where a population of users runs transactions against a database. TPC-C is not limited to the activity of any particular business segment, but rather represents any industry that must manage, sell, or distribute a product or service. The primary metrics are the transactions per minute (expressed as tpmC) and the associated price per transaction (expressed as $/tpmC).
In this last part of this series I will discuss the top customer priority of visibility. Cisco offers customers the ability to gain insight into what’s happening in their network and, at the same time, maintain compliance and business operations.
But before we dive into that let’s do a recap of part two of our series on Cisco’s Secure Data Center Strategy on threat defense. In summary, Cisco understands that to prevent threats both internally and externally it’s not a permit or deny of data, but rather that data needs deeper inspection. Cisco offers two leading platforms that work with the ASA 5585-X Series Adaptive Security Appliance to protect the data center and they are the new IPS 4500 Series Sensor platform for high data rate environments and the ASA CX Context Aware Security for application control. To learn more go to part 2 here.
As customers move from the physical to virtual to cloud data centers, a challenge heard over is over is that they desire to maintain their compliance, security, and policies across these varying instantiations of their data center. In other words, they want to same controls in the physical world present in the virtual – one policy, one set of security capabilities. This will maintain compliance, overall security and ease business operations.
By offering better visibility into users, their devices, applications and access controls this not only helps with maintaining compliance but also deal with the threat defense requirements in our overall data center. Cisco’s visibility tools gives our customers the insight they need to make decisions about who gets access to what kinds of information, where segmentation is needed, what are the boundaries in your data center, whether these boundaries are physical or virtual and the ability to do the right level of policy orchestration to maintain compliance and the overall security posture. These tools have been grouped into three key areas: management and reporting, insights, and policy orchestration.
In part one of our series on Cisco’s Secure Data Center Strategy, we did a deeper dive on segmentation. As a refresh, segmentation can be broke into three key areas. The first, the need to create boundaries is caused because perimeters are beginning to dissolve and many environments are no longer trusted forcing us to segment compute resources, the network and virtualized attributes and environments. Along with segmenting physical components, policies must be segmented by function, device, and organizational division. Lastly, segmenting access control around networks and resources whether they are compute, network, or applications offers a higher level of granularity and control. This includes role-based access and context based access. Ensuring policy transition across the boundaries is of primary concern. To learn more on segmentation go here.
Today we will dive deeper into Cisco’s security value-add of threat defense.
Technology trends such as cloud computing, proliferation of personal devices, and collaboration are enabling more efficient business practices, but they are also putting a strain on the data center and adding new security risks. As technology becomes more sophisticated, so are targeted attacks, and these security breaches, as a result, are far more costly. The next figure is from Information Weeks 2012 Strategic Security Survey and illustrates top security breaches over the previous year.
Last week Cisco announced several new products in it’s Defending the Data Center launch. These included the Cisco Adaptive Security Appliance Software Release 9.0, Cisco IPS 4500 Series Sensors, Cisco Security Manager 4.3, and the Cisco ASA 1000V Cloud Firewall, adding enhanced performance, management, and threat defense capabilities. Core to this launch was also Cisco’s new strategy for developing Secure Data Center Solutions, a holistic approach similar to what Cisco previously did with Secure BYOD. This new strategy integrates Cisco security products into Cisco’s networking and data center portfolio to create validated designs and smart solutions. Organizations that lack bandwidth and resources or the know how to test and validate holistic designs can simply deploy template configurations based on pre-tested environments that cover complete data center infrastructures. These designs enable predictable, reliable deployment of solutions and business services and allow customers infrastructures to evolve as their data center needs change.
In developing this strategy we interviewed numerous customers, partners and field-sales reps to formulate the role of security in the data center and how to effectively get to the next step in the data center evolution or journey, whether you are just beginning to virtualize or have already advanced to exploring various cloud models. Three security priorities consistently came up and became the core of our strategy of delivering the security added value. They are Segmentation, Threat-Defense and Visibility. This blog series, beginning with segmentation, will provide a deeper dive into these three pillars.
Segmentation itself can be broken into three key areas. Perimeters are beginning to dissolve and many environments are no longer trusted, forcing us to segment compute resources, the network, and virtualized environments to create new boundaries, or zones. Along with segmenting physical components, policies must include segmentation of virtual networks and virtual machines, as well as by function, device, and logical association. Lastly, segmenting access control around networks and resources whether they are compute, network or applications offers a higher level of granularity and control. This includes role-based access and context based access. Let’s discuss even deeper.
It’s that time of year again. Time to gather new supplies and prepare for the inevitable dodgeball match. Sure, it is the start of the school year, but also VMworld 2012! Find Cisco at Booth 1213 and beyond. Here’s what’s happening: