Highlighted
aap1
1 Nickel

Re: ESA-2015-015 Question

Let me clarify some of the conversation that has been happening on this thread - I work within the Product Management team on EMC Isilon.

As a direct answer to the original question, you should work with support to request a 7.1.0.x patch for the specific vulnerability. We make calls on doing patches based on a bunch of circumstances (severity of the issue, ability to patch - sometimes a vulnerability cannot be patched, broadness of applicability etc). We fully support 7.1.0.x. For this specific instance, just the timing of the issue was such that it didn't allow us to patch 7.1.0.x releases and there isnt a set date for the patch.

Now going to a more general discussion so that there is clarity around how we think about releases. In Isilon parlance, let's understand what major and minor releases are. If we number a release 'a.b.c.d', for us, a major code family is a.b, and a minor code family is a.b.c. As an example, 7.1 is a major code release family and 7.1.0 or 7.1.1 are minor code release families within the 7.1 major families. Our general policy (and there are always exceptions as I described above) is that when a minor family reaches target code status, it succeeds all prior minor families. We continue to make changes and fixes to the target code branch. In general (and every customer has their set of constraints), we encourage customers to upgrade to the latest target code.

There are two rationales for doing this:

1. To enable customers to take advantage of the fixes we continually make

2. Efficiency from an engineering standpoint

So, when the prior posting says that 7.1.0 is not being fixed, that is an incomplete statement. We continue to make fixes on the 7.1 major release branch and specifically within the 7.1.1 minor code branch now that the latter has attained target code status. Of course, as I described earlier, you _always_ have the ability to request patches on a supported code branch through support.

Do let me know if there are follow on questions or concerns that I can help address. Thank you for being an EMC Isilon customer.

Regards

Ashish Palekar

T: @logicalblock

B: http://logicalblock.wordpress.com

0 Kudos
dynamox
6 Gallium

Re: ESA-2015-015 Question

Ashish wrote:

So, when the prior posting says that 7.1.0 is not being fixed, that is an incomplete statement.

this is not an incomplete statement, this is an incorrect statement, we agree on that ?  There is a difference in saying "will not be remediated" and  "will be remediated as soon a solution is available"

So to summarize, is Isilon committing to support 7.1.0.x until Oct 31, 2016 ?  I am not asking for new features, i am not asking for new widgets. I want to make sure you are committing to fixing bugs and address security vulnerabilities. We are paying a couple of million dollars in premium support every year. I don't have to beg for you to support something that we just bought last spring.

peglarr
2 Iron

Re: ESA-2015-015 Question

Some perspective...take it FWIW.

Ashish's comments are not only accurate but precise.  Perhaps the angst around this topic revolves around a common misconception.

When a customer buys a license for OneFS, they are buying a major version.  As Ashish says, major versions are 6.5, 7.0, 7.1, 7.2, etc.  I call these 'single-dot' releases, for obvious reasons.  The common misconception is that what you purchase as a customer is a minor, or 'double-dot' release.  You don't.  You buy single-dot releases and maintenance to them.

EMC Isilon is committed to providing service and support for the major releases.  How it accomplishes that business function is found in detail in the legal T&Cs, but in the colloquial, EMC Isilon does this via two mechanisms:

1) minor releases, aka 'double-dot', which are developed and issued periodically.  As Ashish says, examples of minor releases in the 7.1 major release train are 7.1.0 and 7.1.1.  For the last two years, EMC Isilon did two or three minor releases each year.  Starting in late 2012, we did 7.0.0, 7.0.1 and finally 7.0.2 minors for the 7.0 major.  Starting in late 2013, similarly, we did 7.1.0 and 7.1.1 minors for the 7.1 major.  Here we are in 2015.

2) maintenance releases, which are periodic updates containing fixes to minor releases.  Examples are 7.0.2.9, 7.1.0.6 and 7.1.1.2.

The operational support of the 7.1 major release is provided via the designated target code for that major.  Over time, for any given major, the target changes as EMC Isilon provides updates, enhancements and fixes.  As Ashish mentions, the target code for the 7.1 major is slated for the 7.1.1 minor, specifically at whatever triple-dot MR version is chosen by EMC Isilon Support.  7.1.1 supersedes the prior minor 7.1.0.

So in summary, you don't buy/license minor releases - you buy/license major releases.  While it is true that at some points in time, there are two minor releases in the field corresponding to the same major - there is typically one and only one designated target code for that major.  This is natural given the overlap of releases as well as the time taken by EMC Isilon support to accumulate enough runtime on a given minor to be satisfied that it's ready to be a target code for the given major.  That is a point often not understood by customers - target code designation takes time and effort, and there will be overlap while that happens.  We are at that point with the 7.1.1 minor.

Besides, you _want_ to be on 7.1.1...it's demonstrably superior - using several different relevant metrics - than its minor release predecessor.  The 7.1 OneFS major license you paid for is well-served with 7.1.1.

Finally, as Ashish said, there are always exceptions, and if you feel you have an exceptional case that requires a patch or another MR on the 7.1.0 minor, then please do work with your account team as you (Sergey) already stated you are.  In either case, you will have a fix available.

Hope that helps.  If the goal is to remediate the bug, we have you covered.

Again, take this FWIW.  As Ashish said, thank you for being an EMC Isilon customer.

Cheers

Rob

dynamox
6 Gallium

Re: ESA-2015-015 Question

Thank you Rob. Maybe having two minor releases makes sense in your development cycle but as a very very long EMC customer who is familiar with other EMC platforms (Enginuity, Flare/Dart, DDOS) this is confusing and frustrating. If i am on 7.1 and it's listed in your  EOPS document as supported, then i expect it to be supported whether i am on 7.1.1 or 7.1.0

When can we expect an announcement from Isilon about 7.1.0.x patch ?

0 Kudos
dynamox
6 Gallium

Re: ESA-2015-015 Question

Dear Isilon ..can i get an answer ?

0 Kudos
aap1
1 Nickel

Re: ESA-2015-015 Question

And the answer is that it is supported.

To clarify terminology so that I can answer your question without ambiguity:

1. Patch: Generated by customer request (akin to a Hotfix on other products)

2. Maintenance release: Collection of patches and/or other defects. This is usually planned once there is a sufficient payload.

To answer your question, we can generate a patch on 7.1.0. It is based on customer request. For scalability reasons, this gets triggered through an SR through our support. Could you please raise that SR? That way the right folks on our end are engaged and the response and release vehicles will then work through the process.

Maintenance releases are typically the ones announced. Right this minute, there isnt a sufficient payload for 7.1.0 to plan to a 7.1.0 maintenance release.

Does this help?

Regards

Ashish Palekar

@logicalblock

0 Kudos
dynamox
6 Gallium

Re: ESA-2015-015 Question

Thank you Ashish, SR 69100962 has been opened.

0 Kudos
dynamox
6 Gallium

Re: ESA-2015-015 Question

Well, after 2 months of promises i got the final word.  EMC Isilon will not be patching this bug in OneFS 7.1.0.x

You should be ashamed of yourself, EOPS for this version is Oct 31, 2016 and yet you are refusing to support this version 1.5 year ahead of that date.

If you are new to Isilon platform, this is becoming the norm for Isilon. Leave you out high and dry. Time to share this wonderful news on social media.

0 Kudos
dynamox
6 Gallium

Re: ESA-2015-015 Question

Care to comment Ashish Palekar ?

0 Kudos
dynamox
6 Gallium

Re: ESA-2015-015 Question

so no one from EMC cares to comment ?  Maybe some one can ping Ashish Palekar

0 Kudos