Zombies Could Be Lurking in Your Data Center: Get Rid of Them
Chances are your data center could save a small fortune in electrical bills and plug some substantial security holes by powering down unused server hardware. As of the end of 2015, there were 42.8 million physical servers in the world: about a third of these servers, or 12.8 million, were on but not actually doing work. A zombie server, also referred to as a comatose server, is a physical server that’s drawing electrical current while not being used. Servers become zombies when a new server takes over its role and it’s not repurposed or decommissioned. Some servers are unused because they’re running applications no one is using. According to TSOLogic, many servers stay running because management is nervous there could be problems by powering down the systems.
Optimizing server usage by eliminating zombie servers and virtualizing under-utilized server hardware would save businesses a staggering $3.8 billion annually. According to a Wall Street Journal article, there are approximately 3.6 million servers in the United States chewing up 1.44 gigawatts of power that aren’t being used at all. The international numbers approach 10 million inactive servers consuming 4 gigawatts of energy. That’s enough energy to power every home in Chicago and New York respectively going to waste.
Is it happening in your business’ data center? One small-scale sample of 4,000 servers found 30 percent of the devices had not been accessed in six months or longer. There’s a high probability that if you have three or more servers, one of them could be eating away at your electric bill for no good reason.
Risk-averse data centers should make decommissioning unused servers a priority. These unused devices create additional ways hackers can infiltrate the network. A hacker can take advantage of an unused server to sniff network traffic to steal things like passwords and private information. Since servers generally run 24/7, automated updates that require reboots don’t automatically get installed. It’s probable that a server that isn’t being used also isn’t being maintained, so it becomes a particularly vulnerable point for a hacker to break into your network.
Bring Out Your Dead
For the sake of your data center’s security and bottom line, identify and disable any zombie servers you find. According to Network World, data center managers should run a quarterly server audit to identify and disable zombie servers. This process involves walking around the data center and search for comatose hardware as well as untagged assets. Network World also recommends opening every host in the domain, determining each host’s purpose, and insuring each device is receiving security updates. Removing unused, zombie servers from your data center has no negative effect on capabilities, so there’s little reason to delay cleaning house.
Comments are closed