Earnings season is in full swingboth AMD and Intel announced 4th quarter (and annual) results recently. Both companies claimed strong quarters with robust growth. The following few paragraphs will attempt to dissect those numbers in a little more detail and provide some guidance on what these numbers say about the 2020 business outlook.

AMD EESC strong results, lots of EPYC activity

AMD quarterly results.

Trying to pull actual EPYC numbers from AMDs reporting is tricky as they are grouped with the companys embedded and semicustom businesses, which tend to be much higher volume and much lower margin.

At first glance, these numbers can seem a little mixed. Net revenue numbers look fairly flat to down across the board, while operating income looks pretty strong year over year. What this says to me is that the embedded and semi-custom business was soft, while EPYC continues to ramp in the enterprise. Consider this: Y/Y segment revenue was down 14%, while operating income was up 61%. And when looking at Q4 19 versus Q4 18, revenue was up only 7% while operating income rose 850%.

In addition to these numbers, AMD showed strength in building market momentum for EPYC with over 100 EPYC-based server platforms in market. Perhaps the strongest indicator of EPYCs momentum is this line from AMDs presentation: Dell (EMC) began shipping full portfolio of servers powered by EPYC processors Why is this so significant? One of Dell EMCs strengths is its pragmatism. Fully embracing AMD as a server silicon partner and having that manifest in a full suite of platforms is an indication that customers are asking again and again.

As difficult as it is to discern AMDs EPYC results for the past quarter, its near impossible to look at its 2020 guidance as an indicator for continued EPYC ramp. I can only go on what I hear from the industry. Demand continues to build in the enterprise market, and the addition of ex-Intel executive Dan McNamara should help in the go-to-market (GTM) drive. So expect to see EPYC continue to gain traction in the enterprise and for the numbers to (indirectly) reflect this growth.

A continued focus on building a strong channel presence is critical for EPYCs long term success. Channel programs are more than MDF and campaign budget. Its about the people, relationships and joint strategic planning that drive meaningful revenue and a run rate transactional business.

Intel DCG cloud growth is staggering enterprise and government down

Intel quarterly results.

Intels Data Center Group (DCG) had a killer quarter. Theres no other way to describe its performance after looking at the numbers. The company had a strong showing in platform (Xeon), and strong growth in adjacencies. The company saw especially strong growth in the cloud service provider (CSP) space, seeing a 48% YoY jump, accompanied by a healthy 14% growth in the comms space (no doubt buoyed by 5G rollouts).

In addition to this strong growth and record revenue, the company continued to ramp its 10nm part, codenamed Cascade Lake. Its important for the company to show a strong rollout with performance and power efficiency numbers that stand against AMDs 7nm Rome CPU. Its fending off arguably the stiffest competition it has ever faced in the datacenter.

Intels Q4 DCG numbers, along with the Q3, can indicate a couple of things. The server market contraction is reversing, and the cloud providers have resumed their buying trends. Secondly, the comms providers have resumed infrastructure acquisitions in support of 5G rollouts. And finally, the impact of cloud is being felt in the rollout of servers at enterprise and government. This trend is nothing new to anybody who has been following the server market, but the chart below clearly shows the correlation.

Intel DCG growth.

One question that pops out from looking at the above chart is whether Intel is facing pricing pressures from AMD. ASP has tracked strong relative to unit volume (UV) and has generally mapped to cloud and comms growth. However, Q4 showed a slight dip in ASP, while Cloud showed very strong growth alongside a healthy comms quarter. There could be a number of reasons for this. Still, it is an interesting break in the ASP trend given the fact that it follows the quarter in which AMDs Rome hit the market. Perhaps Intel is using pricing to hold off a competitive AMD? This could be especially interesting in the comms space, where Rome should be a good fit without the customizations required by the large cloud providers. Regardless, Intels numbers look impressive and its guidance for DCG in 2020 is high single digit growth.

What does all of this say?

While Xeon obviously had a strong quarter, digging into the numbers shows that EPYC also had a solid quarter of growth. Further, the partnerships and activities that help build a solid run rate business seem to be there for AMD, as demonstrated by Dell EMCs strong EPYC portfolio.

For those looking for spikes in AMDs EESC numbers as evidence of EPYC ramp, be patient. Pardon the pun, but Rome was not built in a day. The qualification and deployment cycle of servers in the enterprise market is slow. It will take another quarter or two to see the strength of EPYCs ramp, and that will be seen through the numbers and announced wins.

Expect to see Intels continued growth in cloud and for it to find new opportunities as the AI space begins to heat up. Additionally, Cascade Lake should bolster the companys prospects for the year. Also, watch for continued EPYC growth in 2020. Methinks AMD may be a little conservative in its guidance.

Disclosure:Moor Insights & Strategy, like all research and analyst firms, provides or has provided research, analysis, advising and/or consulting to many high-tech companies in the industry, including AMD and Intel.The author does not have any investment positions in any of the companies named in this article.

Here is the original post:
What AMD And Intel Quarterly Numbers Say About Datacenter Business - Forbes

Amazon (NASDAQ:AMZN) reported blockbuster fourth-quarter resultslast week, sending the e-commerce giant's market cap back above $1 trillion. The move higher was fueled by heavy investments in one-day delivery that are already starting to pay off. As usual, the Amazon Web Services (AWS) cloud infrastructure business carried overall profitability, representing two-thirds of the company's total operating income during the quarter.

CFO Brian Olsavsky also disclosed that AWS is about to get even more profitable.

Image source: Getty Images.

On the conference call, Olsavsky noted that Amazon's guidance for the first quarter includes $800 million less in depreciation expenses due to an accounting tweak: Amazon is extending the useful life of its data center servers.

Amazon has historically estimated the useful life of its servers at three years but is now increasing that time frame to four years effective this year. The move follows the completion of a useful life study that Amazon conducted in Q4, the company notes in its10-K. Changing that estimate is expected to boost operating income in 2020 by a whopping $2.3 billion.

The adjustment does not affect any depreciation that Amazon has already recognized or cash it has already spent, but merely changes how the company accounts for depreciation of those assets going forward. Importantly, this isn't purely an accounting adjustment. Amazon has been working hard to improve the operating efficiency of its cloud infrastructure, and AWS has continued to refine its software in a way that makes its servers last longer by reducing stress on the hardware, Olsavsky added. Those improvements apply to both AWS and the server infrastructure that powers the core e-commerce platform.

"So we are essentially reflecting the fact that we have gotten better at extending the useful life here and [are] now building that into our financials looking forward," the finance chief said. The improvements will also reduce the capital intensity of the AWS business, as Amazon can extend its capital expenditure cycles and increase capital efficiency.

"We expect technology and content costs to grow at a slower rate in 2020 due to an increase in the estimated useful life of our servers, which will impact each of our segments," Amazon states in its annual report.

When companies invest in long-lived assets, instead of expensing those costs up front, those investments are capitalized and placed on the balance sheet. Management then needs to estimate the useful life of those assets and determine a depreciation method, such as accelerated or straight-line, among others.

For server infrastructure, Amazon uses straight-line depreciation over the estimated useful life; extending the useful life of an asset results in lower depreciation expense per year. With 13 years of experience under its belt, AWS continues to get even stronger as competition in the cloud infrastructure market heats up.

See more here:
How an Accounting Tweak Will Make Amazon's Most Profitable Business Even More Profitable - The Motley Fool

MUNICH, Feb. 6, 2020 /PRNewswire/ --IGEL,provider of the next-gen edge OSfor cloud workspaces, announced thenewly updated IGEL UD3 (Universal Desktop model 3) endpoint powered by the AMD Ryzen Embedded R1505Gsystem-on-chip (SoC). A versatile endpoint for accessing virtualized apps, desktops, and cloud workspaces, IGEL UD3 is designed to offer a high-performance computing experience that drives productivity and collaboration across all industries.

"We are proud to be collaborating with AMD on the launch of the new generation of the IGEL UD3," said Matthias Haas, CTO, IGEL. "We have enjoyed a very long and successful relationship with AMD, and found the AMD Ryzen Embedded R1505G SoC processor to be the best option for providing our customers with fast and secure access to their cloud workspaces."

Optimized for Productivity, Flexibility and EfficiencyLeveraging the powerful AMD Ryzen Embedded R1505G SoC with Radeon Vega 3 Graphics and extensive connectivity options, IGEL UD3 provides a secure, high performance computing experience for a broad range of demanding tasks across all industries.

Key features available with IGEL UD3 include integrated WiFi and Bluetooth. Both features are optional and this is the first time IGEL has them integrated into its endpoint hardware. Additional configurable connectivity options designed to offer flexibility, seamless integration and ease of use across a broad range of use cases include integrated smart card readers and VESA mount. IGEL UD3 also features support for two 4K displays, SuperSpeed USB Type-C and standard legacy ports for convenience and productivity.

"One of the things we are most excited about with the new UD3 offering is the optimization of the processor for maximum energy efficiency," said Haas. "Conserving energy is important to us. That's why we are the only endpoint device manufacturer to have taken an extra step to implement a customized version of the AMD Ryzen Embedded R1505G SoC, which has a low 10W TDP at 2.0GHz base and up to 2.7GHz boost frequency."1

Secure "Chain of Trust" Safeguards Cloud WorkspacesIGEL and AMD have extended the secure "chain of trust" which extends all the way to the target server or cloud, with a step before the Unified Extensible Firmware Interface (UEFI) boot, to include the AMD Secure Processor technology, a hardware-based security processor built right into the AMD Ryzen Embedded R1505G SoC. Putting the protection right on the processor, this integration leverages a dedicated security system,initiating IGEL's secure chain of trust at the physical hardware layer.

The AMD Ryzen Embedded processor checks whether the UEFI binary is cryptographically signed by IGEL, verifying if the UEFI binary is authentic and not manipulated. The UEFI then checks the bootloader for a UEFI Secure Boot signature. Next, the bootloader checks the IGEL OS Linux kernel, and if the OS partitions signatures on disk are correct, IGEL OS is initiated and the partitions are mounted. Finally, for users connecting to a VDI or cloud environment, access software such as Citrix Workspace App or VMware Horizon 7 checks the certificate of the connected server, thus creating a complete "chain of trust."

"We are pleased to work together with IGEL to integrate this low power AMD Ryzen Embedded R1505G into the newly optimized generation of IGEL UD3," said Stephen Turnbull, director of product management and business development, Embedded Solutions, AMD. "Together, AMD Ryzen Embedded processors and IGEL endpoints offer advanced performance, power efficiency and security features that begin where it all starts at the processor level."

New UD3 the First IGEL Hardware to Feature Teradici's PCoIP UltraThough IGEL OS has supported PCoIP Ultra since June 2019, the IGEL UD3 is the first IGEL endpoint hardware to be optimized for remote cloud connectivity with Teradici's PCoIP Ultra Software Client for Linux. With PCoIP Ultra and the UD3, end-users benefit from greater flexibility of choice with the ability to securely connect with Teradici Cloud Access Software for a rich, high-fidelity user experienceto any cloud, including AWS (including Amazon WorkSpaces), Microsoft Azure and Google Cloud.

Availability and SupportIGEL UD3 is part of IGEL's family of Universal Desktop endpoints, and designed for virtual desktops and cloud workspace environments. IGEL UD3 with the AMD Ryzen Embedded R1505G SoC will be generally available starting in May 2020 through IGEL's network of Platinum- and Gold-level Partners, Authorized IGEL Partners (AIPs) and resellers.

For more information on the IGEL UD3 with the AMD Ryzen Embedded R1505G SoC,read the info sheet "AMD and IGEL optimize the AMD RyzenTM embedded R1505G system-on-chip for the IGEL UD3."You can learn more about IGEL's next-gen endpoint hardware design here.For more information on IGEL OS, visit https://www.igel.com/igel-os-universal-desktop-operating-system/.

IGEL on Social MediaTwitter: http://www.twitter.com/IGEL_TechnologyFacebook:www.facebook.com/igel.technologyLinkedIn: http://www.linkedin.com/company/igel-technologyYouTube: http://www.youtube.com/user/IGELTechnologyTV IGEL Community: http://www.igel.com/community

AMD, the AMD Arrow logo, Ryzen, and combinations thereof are trademarks of Advanced Micro Devices, Inc. Other product names used in this publication are for identification purposes only and may be trademarks of their respective companies.

1Max boost for AMD Ryzen processors is the maximum frequency achievable by a single core on the processor running a bursty single-threaded workload. Max boost will vary based on several factors, including, but not limited to: thermal paste; system cooling; motherboard design and BIOS; the latest AMD chipset driver; and the latest OS updates.

About IGELIGELprovides the next-gen edge OS for cloud workspaces.The company's world-leading software products include IGEL OS,IGEL UD Pocket (UDP) and IGEL Universal Management Suite (UMS). These solutionscomprisea more secure, manageable and cost-effective endpoint managementand controlplatform across nearly any x86 device.Easily acquired via just two feature-rich software offerings, Workspace Edition and Enterprise Management Pack IGEL software presents outstanding value per investment.Additionally, IGEL's German engineered endpoint solutions deliver the industry's best hardware warranty (5 years), software maintenance (3 years after end of life) and management functionality. IGEL enables enterprises tosave vast amounts of money by extending the useful life of their existing endpoint devices whileprecisely controllingall devices running IGEL OS from a single dashboard interface. IGEL has offices worldwide and is represented by partners in over 50 countries. For more information on IGEL, visit http://www.igel.com.

SOURCE IGEL

Homepage

Read the original post:
IGEL Teams with AMD to Optimize the UD3 Endpoint for Cloud Workspaces - PRNewswire

(Image: Stockfresh)

High percentage of IaC template misconfigurations in cloud deployments vulnerable to attack

Print

Read More: GitHub Infrastructure infrastructure as code Palo Alto Networks security

In the age of cloud computing where infrastructure needs to be extended or deployed rapidly to meet ever-changing organisational needs, the configuration of new servers and nodes is completely automated. This is done using machine-readable definition files, or templates, as part of a process known as infrastructure as code (IaC) or continuous configuration automation (CCA).

A newanalysis by researchers from Palo Alto Networksof IaC templates collected from GitHub repositories and other places identified almost 200,000 such files that contained insecure configuration options. Using those templates can lead to serious vulnerabilities that put IaC-deployed cloud infrastructure and the data it holds at risk.

Just as when you forget to lock your car or leave a window open, an attacker can use these misconfigurations to weave around defences, the researchers said. This high number explains why, in a previous report, we found that 65% of cloud incidents were due to customer misconfigurations. Without secure IaC templates from the start, cloud environments are ripe for attack.

There are multiple IaC frameworks and technologies, the most common based on Palo Altos collection effort being Kubernetes YAML (39%), Terraform by HashiCorp (37%) and AWS CloudFormation (24%). Of these, 42% of identified CloudFormation templates, 22% of Terraform templates and 9% of Kubernetes YAML configuration files had a vulnerability.

Palo Altos analysis suggests that half the infrastructure deployments using AWS CloudFormation templates will have an insecure configuration. The report breaks this down further by type of impacted AWS service Amazon Elastic Compute Cloud (Amazon EC2), Amazon Relational Database Service (RDS), Amazon Simple Storage Service (Amazon S3) or Amazon Elastic Container Service (Amazon ECS).

For example, over 10% of S3 storage buckets defined in templates were publicly exposed. Improperly secured S3 buckets has been the source of many publicly reported data breaches in the past.

The absence of database encryption and logging, which is important to protect data and investigate potential unauthorised access, was also a commonly observed issue in CloudFormation templates. Half of them did not enable S3 logging and another half did not enable S3 server-side encryption.

A similar situation was observed with Amazons Redshift data warehouse service. Eleven percent of configuration files produced Redshift instances that were publicly exposed, 43% did not have encryption enabled, and 45% had no logging turned on.

Terraform templates, which support multiple cloud providers and technologies, did not fare any better. Around 66% of Terraform-configured S3 buckets did not have logging enabled, 26% of AWS EC2 instances had SSH (port 22) exposed to the internet and 17% template-defined AWS Security Groups allowed all inbound traffic by default.

Other common misconfigurations found in Terraform templates include:

Kubernetes YAML files had the smallest incidence of insecure configurations, but those that did were significant. Of the insecure YAML files found, 26% had Kubernetes configurations that ran as root or with privileged accounts.

Configurations allowing containers as root provide attackers with an opportunity to own virtually any aspect of that container, the Palo Alto researchers said. This also makes the process of performing container escape attacks easier, thus opening the host system to other potential threats. Security and DevOps teams should ensure that containers do not run with root or privileged accounts.

The types of IaC template misconfigurations and their prevalence the absence of database encryption and logging or publicly exposed services is in line with the type of issues detected by Palo Alto Networks in real-world cloud infrastructure deployments in and covered in past reports:

This suggests that the use of IaC templates in automated infrastructure deployment processes without first checking them for insecure configurations or other vulnerabilities is a big contributing factor to the cloud weaknesses observed in the wild.

Cybercriminal groups often target cloud infrastructure to deploy cryptomining malware that takes advantage of the processing power paid for by the victims. However, some of these groupsare also venturing beyond cryptomininganduse hacked cloud nodes for other malicious purposes.

It is readily apparent that attackers are using the default configuration mistakes implemented by weak or insecure IaC configuration templates, bypassing firewalls, security groups, or VPC policies and unnecessarily exposing an organisations cloud environment to attackers, the Palo Alto researchers said. Shift-left security is about moving security to the earliest possible point in the development process. Organisations that consistently implement shift-left practices and procedures within cloud deployments can quickly outpace competitors. Work with DevOps teams to get your security standards embedded in IaC templates. This is a win-win for DevOps and security.

IDG News Service

Read More: GitHub Infrastructure infrastructure as code Palo Alto Networks security

Originally posted here:
Infrastructure-as-code templates are source of cloud infrastructure weaknesses - TechCentral.ie

The Government is considering putting a police cache of tens of millions of child abuse images onto Amazon's cloud network, in a move privacy advocates warned would introduce new risks for the highly sensitive data-set.

Documents seen by The Telegraph show the Home Office has launched a study into uploadingthe "child abuse image database" onto the cloud. The database was set up in 2014and is comprised of millions of images and videos seized during previous operations.

Up until now, the images have only been accessible within police premises given they have been deemed "incredibly sensitive".

However, accordingto studydocuments, there have been a"number of limitations and concerns" in having thedata-set only accessible on physical sites.

The Home Office is looking into what the challenges would be in creating a copy of the images and then putting them on a cloud server, the documents said.

Such a move would likely prompt concerns over whether the database would be at higher risk of being stolen by criminals, given previously physical access has had to be granted.

A report released last year by cyber security firmPalo Alto Networks suggested there were tens of millions of vulnerabilities across cloud server providers, with these at risk of exploited by hackers to gain access to uploaded material although that same report said the fault did not lie with cloud providers themselves, but the way their systems were used.

The Home Office appears to have held initial conversations with Amazon Web Services, the cloud arm, over the database.

Amazon's cloud servers already play host to some of the most sensitive police data, with the company having been chosen as a supplier for the police super-database set up recently, which combined criminal conviction records withintelligence information. The companyisamong the biggest investors insecurity and compliance.

It is thought the feasibility study is being conducted as a "fact-finding" exercise, and that there are currently no plans to upload the images.

However, in the documents, it said such a move would bring more flexibility, as currently police cannot access the data remotely. The Home Office declined to comment.

Privacy advocated raised concernsover whetherimages of child abuse required even more protections, given they would be a "high value target".

A spokeswoman for Privacy International said the move would remove physical access controls and introduce a "different set of risks to what is a highly sensitive database".

"As the Home Office increasingly turns to cloud providers to hold sensitive data which would constitute a high value target, the public needs a great deal of reassurance."

The group urged for a consultation to be held with children's charities and those with technical expertise into whether the risks outweighed the benefits.

"Some of the justifications for such a move include a desire to facilitate remote access to the database and permit 'innovation activity'. This indicates that a broadening of access to a greater number of individuals outside the police, which is a clear cause for concern," the spokeswoman said.

Follow this link:
Government proposal to put police child abuse image database on the cloud raises hacking fears - Telegraph.co.uk