Computer appliance

Last updated
Cobalt Qube 3 - a computer server appliance (2002, discontinued) Cobalt Qube 3 Front.jpg
Cobalt Qube 3 - a computer server appliance (2002, discontinued)

A computer appliance is a computer system with a combination of hardware, software, or firmware that is specifically designed to provide a particular computing resource. Such devices became known as appliances because of the similarity in role or management to a home appliance, which are generally closed and sealed, and are not serviceable by the user or owner. The hardware and software are delivered as an integrated product and may even be pre-configured before delivery to a customer, to provide a turn-key solution for a particular application. Unlike general purpose computers, appliances are generally not designed to allow the customers to change the software and the underlying operating system, or to flexibly reconfigure the hardware.

Contents

Another form of appliance is the virtual appliance, which has similar functionality to a dedicated hardware appliance, but is distributed as a software virtual machine image for a hypervisor-equipped device.

Overview

Traditionally, software applications run on top of a general-purpose operating system, which uses the hardware resources of the computer (primarily memory, disk storage, processing power, and networking bandwidth) to meet the computing needs of the user. The main issue with the traditional model is related to complexity. It is complex to integrate the operating system and applications with a hardware platform, and complex to support it afterwards.

By tightly constraining the variations of the hardware and software, the appliance becomes easily deployable, and can be used without nearly as wide (or deep) IT knowledge. Additionally, when problems and errors appear, the supporting staff very rarely needs to explore them deeply to understand the matter thoroughly. The staff needs merely training on the appliance management software to be able to resolve most of problems.

In all forms of the computer appliance model, customers benefit from easy operations. The appliance has exactly one combination of hardware and operating system and application software, which has been pre-installed at the factory. This prevents customers from needing to perform complex integration work, and dramatically simplifies troubleshooting. In fact, this "turnkey operation" characteristic is the driving benefit that customers seek when purchasing appliances.

To be considered an appliance, the (hardware) device needs to be integrated with software, and both are supplied as a package.[ citation needed ] This distinguishes appliances from "home grown" solutions, or solutions requiring complex implementations by integrators or Value-added resellers (VARs).

The appliance approach helps to decouple the various systems and applications, for example in the data center. Once a resource is decoupled, in theory it can be also centralized to become shared among many systems, centrally managed and optimized, all without requiring changes to any other system.

Tradeoffs of the computer appliance approach

The major[ citation needed ] disadvantage of deploying a computer appliance is that since they are designed to supply a specific resource, they most often include a customized operating system running over specialized hardware, neither of which are likely to be compatible with the other systems previously deployed. Customers lose flexibility.

One may believe that a proprietary embedded operating system, or operating system within an application, can make the appliance much more secure from common cyber attacks. However, the opposite is true. Security by obscurity is a poor security decision, and appliances are often plagued by security issues as evidenced by the proliferation of IoT devices. [1]

Types of appliances

A Niksun network security appliance, being used by the U.S. Army (2016) US Army using NIKSUN Appliance 2016.jpg
A Niksun network security appliance, being used by the U.S. Army (2016)

The variety of computer appliances reflects the wide range of computing resources they provide to applications. Some examples:

Storage appliances
provide massive amounts of storage and additional higher level functionality (ex: Disk mirroring and Data striping) for multiple attached systems using the transparent local storage area networks computer paradigm. [2] [ irrelevant citation ]
Network appliances
are general purpose routers [3] which provide firewall protection, Transport Layer Security (TLS), messaging, access to specialized networking protocols (like the ebXML Message Service) and bandwidth multiplexing for the multiple systems they front-end. [4]
Backup and disaster recovery appliances
computer appliances that are integrated backup software and backup targets, sometimes with hypervisors to support local DR of protected servers. They are often a gateway to a full DRaaS solution.
Firewall- and Security appliances
computer appliances that are designed to protect computer networks from unwanted traffic.
IIoT and MES Gateway appliances
Computer appliances that are designed to translate data bidirectionally between control systems and enterprise systems. Proprietary, embedded, firmware applications running on the appliance use point-to-point connections to translate data between field devices in their native automation protocols and MES systems through their APIs, ODBC, or RESTful interfaces.
Anti-spam appliances
for e-mail spam
Software appliances
a software application that might be combined with just enough operating system (JeOS) for it to run on industry standard hardware or in a virtual machine. In essence, the software distribution or the firmware that is running a computer appliance.
Virtual machine appliances
consist of a "hypervisor style" embedded operating system running on appliance hardware. The hypervisor layer is matched to the hardware of the appliance, and cannot be varied by the customer, but the customer may load other operating systems and applications onto the appliance in the form of virtual machines.

Consumer appliances

A Linksys wireless router sitting atop a Comcast cable modem in a home setting (2006) Linksys BEFW11S4 on Comcast cable modem 20060327.png
A Linksys wireless router sitting atop a Comcast cable modem in a home setting (2006)

Aside from its deployment within data centers, many computer appliances are directly used by the general public. These include:[ citation needed ]

Consumer uses stress the need for an appliance to have easy installation, configuration, and operation, with little or no technical knowledge being necessary.

Appliances in industrial automation

The back of a Siemens programmable logic controller (2013) Siemens Simatic S5 PG 635 pic22.JPG
The back of a Siemens programmable logic controller (2013)

The world of industrial automation has been rich in appliances. These appliances have been hardened to withstand temperature and vibration extremes. These appliances are also highly configurable, enabling customization to meet a wide variety of applications. The key benefits of an appliance in automation are:

  1. Reduced downtime - a failed appliance is typically replaced with a COTS "commercial off-the-shelf" replacement and its task is quickly and easily reloaded from a backup.
  2. Highly scalable - appliances are typically targeted solutions for an area of a plant or process. As the requirements change, scalability is achieved through the installation of another appliance. Automation concepts are easily replicated throughout the enterprise by standardizing on appliances to perform the needed tasks, as opposed to the development of custom automation schemes for each task.
  3. Low TCO (total cost of ownership) - appliances are developed, tested and supported by automation product vendors and undergo a much broader level of quality testing than custom designed automation solutions. The use of appliances in automation reduce the level of testing needed in each individual application.
  4. Reduced design time - appliances perform specific functions and although they are highly configurable, they are typically self documenting. This enables appliance based solutions to be transferred from engineer to engineer with minimal need for training and documentation.

Types of automation appliances:[ citation needed ]

  1. PLC (programmable logic controller) - Programmable logic controllers are appliances that are typically used for discrete control and offer a wide range of Input and Output options. They are configured through standardized programming languages such as IEC-1131.
  2. SLC (single loop controller) - Single loop controllers are appliances that monitor an input variable and effect change on a control output (manipulated variable) to hold the input variable to a setpoint.
  3. PAC (programmable automation controller) - Programmable automation controllers are appliances that embody properties of both PLCs and SLCs enabling the integration of both analog and discrete control.
  4. Universal gateway - A universal gateway appliance has the ability to communicate with a variety of devices through their respective communication protocols, and will affect data transactions between them. This in increasingly important as manufacturing strives to improve agility, quality, production rates, production costs and reduce downtime through enhanced M2M (machine to machine) communications.
  5. EATMs (Enterprise Appliance Transaction Modules) - Enterprise appliance transaction modules are appliances that affect data transactions from plant floor automation systems to enterprise business systems. They communicate to plant floor equipment through various vendor automation protocols, and communicate to business systems through database communication protocols such as JMS (Java Message Service) and SQL (Structured Query Language).

Internal structure

There are several design patterns adopted by computer appliance vendors, a few of which are shown below. Since the whole concept of an appliance rests on keeping such implementation details away from the end user, it is difficult to match these patterns to specific appliances, particularly since they can and do change without affecting external capabilities or performance.

  1. Special chip - the vendor builds an ASIC, without any separate "software" or operating system. The appliance has a limited interface, usually terminal console or web-based, to allow some basic configuration by the IT staff. The manufacturer often provides some way of accessing deeper configuration mechanisms. Azul Systems' Vega 3 Java Compute Appliance is an example; special hardware modifications to the chip enable Java application scaling.
  2. Special software kernel - the vendor uses or creates a general-purpose computer, and designs a new operating system that integrates the application into the operating system. Cisco's IOS is an example; the Unix-like operating system has firewall functions and network/firewall configuration commands built into it. Sometimes, the device is also sealed, so the consumer has no access to reinstall the operating system or replace it with another operating system. The consumer may also be restricted to a small group of configuration commands, while the more detailed and lower level functions of the operating system are only available to the vendor. The more this "locked down" approach is carried out, the closer this type of device comes to appearing like an ASIC device.
  3. Specialized application - off-the-shelf computers and operating systems are used, but the user interface and "box" are designed so the user cannot access anything on the computer, except for the application interface that the vendor has created. Since the underlying computing architecture is locked down and essentially invisible, it becomes difficult to discern that the device really functions on top of general purpose hardware and operating systems. Linux, and BSD to a lesser degree, has become the operating system of choice for this type of appliance. Recently the term software appliance has also been used to describe such a pre-packaged, black-box combination.
  4. Virtual appliance - here the hardware itself has disappeared entirely and become a so-called virtual appliance (also known as a virtual software appliance) using any one of a number of virtual machine technologies. Within this virtual machine is essentially the same stack of software plus the operating system as in the "specialized application" alternative.

Sometimes, these techniques are mixed. For example, a VPN appliance might contain a limited access software firewall running on Linux, with an encryption ASIC to speed up VPN access.

Some computer appliances use solid state storage, while others use a hard drive to load an operating system. Again, the two methods might be mixed—an ASIC print server might allow an optional hard drive for job queueing, or a Linux-based device may encode Linux in firmware, so that a hard drive is not needed to load the operating system. [5]

See also

Related Research Articles

<span class="mw-page-title-main">Firmware</span> Low-level computer software

In computing, firmware is a specific class of computer software that provides the low-level control for a device's specific hardware. Firmware, such as the BIOS of a personal computer, may contain basic functions of a device, and may provide hardware abstraction services to higher-level software such as operating systems. For less complex devices, firmware may act as the device's complete operating system, performing all control, monitoring and data manipulation functions. Typical examples of devices containing firmware are embedded systems, home and personal-use appliances, computers, and computer peripherals.

<span class="mw-page-title-main">Embedded system</span> Computer system with a dedicated function

An embedded system is a computer system—a combination of a computer processor, computer memory, and input/output peripheral devices—that has a dedicated function within a larger mechanical or electronic system. It is embedded as part of a complete device often including electrical or electronic hardware and mechanical parts. Because an embedded system typically controls physical operations of the machine that it is embedded within, it often has real-time computing constraints. Embedded systems control many devices in common use. In 2009, it was estimated that ninety-eight percent of all microprocessors manufactured were used in embedded systems.

Appliance may refer to:

<span class="mw-page-title-main">Network-attached storage</span> Computer data storage server

Network-attached storage (NAS) is a file-level computer data storage server connected to a computer network providing data access to a heterogeneous group of clients. The term "NAS" can refer to both the technology and systems involved, or a specialized device built for such functionality.

A hypervisor is a type of computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine. The hypervisor presents the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems. Unlike an emulator, the guest executes most instructions on the native hardware. Multiple instances of a variety of operating systems may share the virtualized hardware resources: for example, Linux, Windows, and macOS instances can all run on a single physical x86 machine. This contrasts with operating-system–level virtualization, where all instances must share a single kernel, though the guest operating systems can differ in user space, such as different Linux distributions with the same kernel.

A virtual storage area network is a logical representation of a physical storage area network (SAN). A VSAN abstracts the storage-related operations from the physical storage layer, and provides shared storage access to the applications and virtual machines by combining the servers' local storage over a network into a single or multiple storage pools.

A software appliance is a software application combined with just enough operating system (JeOS) to run optimally on industry-standard hardware or in a virtual machine. It is a software distribution or firmware that implements a computer appliance.

A virtual appliance is a pre-configured virtual machine image, ready to run on a hypervisor; virtual appliances are a subset of the broader class of software appliances. Installation of a software appliance on a virtual machine and packaging that into an image creates a virtual appliance. Like software appliances, virtual appliances are intended to eliminate the installation, configuration and maintenance costs associated with running complex stacks of software.

<span class="mw-page-title-main">PikeOS</span> Real-time operating system

PikeOS is a commercial hard real-time operating system (RTOS) featuring a separation kernel-based hypervisor. This hypervisor supports multiple logical partition types for various operating systems (OS) and applications, each referred to as a GuestOS. PikeOS is designed to facilitate the development of certifiable smart devices for the Internet of Things (IoT) by adhering to the high standards of quality, safety, and security across different industries. In instances where memory management units (MMU) are not present but memory protection units (MPU) are available on controller-based systems, PikeOS for MPU is designed for critical real-time applications and provides up-to-standard safety and security.

The following is a timeline of virtualization development. In computing, virtualization is the use of a computer to simulate another computer. Through virtualization, a host simulates a guest by exposing virtual hardware devices, which may be done through software or by allowing access to a physical device connected to the machine.

Desktop virtualization is a software technology that separates the desktop environment and associated application software from the physical client device that is used to access it.

Hardware virtualization is the virtualization of computers as complete hardware platforms, certain logical abstractions of their componentry, or only the functionality required to run various operating systems. Virtualization hides the physical characteristics of a computing platform from the users, presenting instead an abstract computing platform. At its origins, the software that controlled virtualization was called a "control program", but the terms "hypervisor" or "virtual machine monitor" became preferred over time.

Infrastructure as a service (IaaS) is a cloud computing service model by means of which computing resources are supplied by a cloud services provider. The IaaS vendor provides the storage, network, servers, and virtualization. This service enables users to free themselves from maintaining an on-premises data center. The IaaS provider is hosting these resources in either the public cloud, the private cloud, or the hybrid cloud.

In computing, network virtualization is the process of combining hardware and software network resources and network functionality into a single, software-based administrative entity, a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.

A virtual security appliance is a computer appliance that runs inside virtual environments. It is called an appliance because it is pre-packaged with a hardened operating system and a security application and runs on a virtualized hardware. The hardware is virtualized using hypervisor technology delivered by companies such as VMware, Citrix and Microsoft. The security application may vary depending on the particular network security vendor. Some vendors such as Reflex Systems have chosen to deliver Intrusion Prevention technology as a Virtualized Appliance, or as a multifunctional server vulnerability shield delivered by Blue Lane. The type of security technology is irrelevant when it comes to the definition of a Virtual Security Appliance and is more relevant when it comes to the performance levels achieved when deploying various types of security as a virtual security appliance. Other issues include visibility into the hypervisor and the virtual network that runs inside.

In computing, virtualization or virtualisation is the act of creating a virtual version of something at the same abstraction level, including virtual computer hardware platforms, storage devices, and computer network resources.

A virtual firewall (VF) is a network firewall service or appliance running entirely within a virtualized environment and which provides the usual packet filtering and monitoring provided via a physical network firewall. The VF can be realized as a traditional software firewall on a guest virtual machine already running, a purpose-built virtual security appliance designed with virtual network security in mind, a virtual switch with additional security capabilities, or a managed kernel process running within the host hypervisor.

<span class="mw-page-title-main">StarWind Software</span> American computer storage company

StarWind Software, Inc. is a privately held Beverly, Massachusetts-based computer software and hardware appliance company specializing in storage virtualization and software-defined storage.

Software-defined storage (SDS) is a marketing term for computer data storage software for policy-based provisioning and management of data storage independent of the underlying hardware. Software-defined storage typically includes a form of storage virtualization to separate the storage hardware from the software that manages it. The software enabling a software-defined storage environment may also provide policy management for features such as data deduplication, replication, thin provisioning, snapshots and backup.

<span class="mw-page-title-main">Qubes OS</span> Security-focused Linux-based operating system

Qubes OS is a security-focused desktop operating system that aims to provide security through isolation. Isolation is provided through the use of virtualization technology. This allows the segmentation of applications into secure virtual machines called qubes. Virtualization services in Qubes OS are provided by the Xen hypervisor.

References

  1. "The security and privacy issues that come with the Internet of Things". Business Insider .
  2. SAN Data Center Archived 2005-05-02 at the Wayback Machine - Network World
  3. Routers Archived 2011-09-09 at the Wayback Machine - About.com
  4. Definition of:network appliance - Pcmag.com
  5. Smith, Bob; Hardin, John A; Phillips, Graham; Pierce, Bill (2007). Linux Appliance Design: A Hands-On Guide to Building Linux Appliances. No Starch Press. pp. xvii. ISBN   978-1-59327-140-4 . Retrieved 2008-05-06.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.