Datrium DVX Software

Datrium DVX and CVE-2017-5753, CVE-2017-5715 (Spectre), CVE-2017-5754 (Meltdown)

Given the current concerns regarding the latest security flaws regarding Intel and AMD processors Datrium thought it would be a good look to see if there were any issues they needed to address. The short answer is no, the software and the DataNode are unaffected and normal VMware or 3rd party server hardware patching would need to be done, however no DVX patches are needed.

Datrium DVX and CVE-2017-5753, CVE-2017-5715 (Spectre), CVE-2017-5754 (Meltdown)
Datrium has investigated impacts and mitigation options for Spectre, Meltdown, and related issues.
● Datrium DVX software is not directly affected and no action is required.
● Datrium Data Nodes are not affected and no action is required.
● 3rd party servers being used as Compute Nodes likely need to be patched with updated BIOS / firmware.
● Any Compute Nodes (Datrium or 3rd party) running ESXi should be patched with VMware fixes.
● Guest OS instances will likely need to be patched.
3rd Party Compute Nodes
3rd party servers that are being used in a DVX system should be updated based on recommendations from the server vendor. Please contact the server vendor directly for details.
VMware Patches
All Compute Nodes (both Datrium and 3rd Party) in any DVX that are running ESXi should update to the appropriate patches from VMware. For more information, please see the following link:
Guest OS
It is very likely that all guest OS instances running in DVX will need to be patched. Please contact the OS vendor directly for details and recommendations.
Performance Impacts
At this time we are unaware of any significant impact on performance from BIOS and VMware patches. However, based on reported behavior of the various fixes from VMware and server vendors, it is possible that some workloads will exhibit some non-trivial changes in performance related to guest OS patches and updates. We recommend that you work closely with your guest OS vendors to ensure performance concerns are addressed.

Cameron Joyce is a full stack engineer, having experience with all aspects of on premise datacenter, virtualization, disaster recovery, cybersecurity, and Cloud based *aaS technologies. Cameron Joyce has spent more than a decade working in managed services, and brings that experience to his role as a Sr Presales Engineer. Cameron Joyce now shares solutions to problems and new technology overviews through his blog and youtube channels.

%d bloggers like this: