SoftIron was founded on the premise that it was time to revolutionize the IT landscape with something that didn’t just build on the status quo. SoftIron delivers on-premises true private cloud, offering a user experience normally only found in the public cloud, freeing the consumer of the burden of ownership.

What does designing and manufacturing hardware have to do with true private cloud?

You cannot build a true cloud with legacy data center infrastructure. Building a true private cloud is only achievable by using infrastructure designed for the cloud. This, by the way, is something hyperscalers are well aware of. All the major hyperscalers (AWS, Azure, GCP etc.) abandoned legacy infrastructure 15 years ago. They’ve been designing, building, and using purpose-built cloud infrastructure ever since.

We knew from the outset that if we wanted to deliver a turn-key private cloud, whose set-up would be as simple as racking and powering nodes, we were going to have to innovate. And that innovation would start at the foundational level - the hardware. Hardware that has been designed from the ground up to deliver cloud infrastructure. Only by single-mindedly (some would say ruthlessly) tailoring our hardware for this one purpose are we able to deliver cloud infrastructure that is efficient, resilient and ready to meet the needs of everything from sovereign cloud to edge deployments.

Pure software solutions relying on commodity hardware can never provide the simplicity of this holistic approach to building a private cloud platform. These pure software solutions leave the consumer shouldering the responsibility of building (and even more importantly, maintaining) their own infrastructure.

The burden of hardware maintenance cannot be over-stated. Cost, complexity, scalability, and lifecycle management combine to create significant pressures, making private cloud maintenance highly prohibitive and prompting organizations to seek alternatives. With its comprehensive approach, we think the alternative is SoftIron HyperCloud.

Creating our own hardware means we can do what others cannot: deliver a public cloud experience in the private cloud

Designing hardware has required a huge commitment. It is not easy. The financial investment alone is prohibitive for most. And the time required to build an engineering team, architect new hardware, test, develop and manufacture in-house is beyond any normal funding cycle and, consequently, out of the reach of most companies.

Despite all these challenges, we knew there was no other way to simplify and streamline IT infrastructure to enable organizations to make the cloud their own. This is the only way forward. Anything else is a compromise.

Architecting a cloud solution with custom hardware at its heart permits innovation that is simply not possible by any other means.

So what does a true private cloud without compromises look like? Well - get ready to pull some rabbits out of hats. Except, that’s not quite the kind of magic we’re doing here. The magic looks a little more like this:

  • The network layer knows about the BMC, which in turn knows about the NICs and the individual compute and storage elements.

  • Security is designed right into the hardware and can be leveraged further up the stack.

  • As a single company owns the full stack, it can simplify the software and firmware upgrade process across the whole estate to a single button click.

Just like a magician will build completely custom contraptions to perform wonders onstage, our hardware lays the groundwork for HyperCloud’s crowd-stopping performance.

Customer experience is orders of magnitude better with vertically integrated consumer electronics like laptops and phones, where one vendor provides your hardware, firmware and operating system. Why not do the same for private cloud hardware?

Designing and manufacturing our own hardware is the foundation upon which the magic is built

Even companies whose core business is hardware often outsource either the design or the manufacturing of their products. That is not the case at SoftIron. All design and manufacture of our hardware is done in-house. We own all the schematics, blueprints, assembly files and source code. We control our own supply chain. We own the provenance of its products.

Building our own hardware allows us to be deterministic. We know our networking works with our storage, which works with our compute, because we designed it that way. We know on-premises cloud can be as simple as racking and powering a node. We know our solution is integrated and our customers aren’t abandoned to configure their systems. We know software and firmware upgrades happen in sync and will not break the system because that’s how we designed it to be.

We have shouldered the maintenance burden from our customers and freed them to simply consume the cloud.

Provenance is essential for mitigating security threats

As the ability to make subtle, malicious modifications to a system early in the component supply chain increases, so too does the difficulty of detecting them. These ‘hardware trojans’ possess the capacity to fundamentally alter the very foundation of the device they reside within, meaning that all layers of software-based security controls applied to the finished product may utterly fail to detect the threat. This threat may lie dormant for a considerable time before activating and fulfilling its function, triggered either by an external input, a date, or detection of a certain system event.

Compromised systems threaten the security, reliability and integrity of critical data. Some hardware trojans have the capacity to launch further attacks on previously uncompromised systems, dropping a payload of malicious code onto an otherwise secure machine. The havoc hardware trojans can potentially wreak on critical infrastructure, proprietary data and personal information is immense.

The global supply chain increases the risk of integrating hardware trojans into trusted systems. Many manufacturers who rely exclusively on components and subassemblies manufactured in countries, like China, with opaque supply chains are unable to report in detail the specific factories, staff and shipping routes used to create and deliver the components essential to their devices, or to provide visibility into pre-compiled code supplied with these subassemblies.

SoftIron’s approach addresses this issue head-on. By designing and manufacturing our own hardware, SoftIron is able to guarantee its provenance.

By embracing in-house manufacture we can guarantee that our products aren’t vulnerable to malicious modifications. We have documented custody over time of every single component that went into the finished product, with known persons or contributing entities certified at every stage of its manufacture, assembly, setup and transport.

No other cloud infrastructure provider can make similar claims. SoftIron’s ground-up approach to security and provenance is unique in the industry.

Security drives cloud repatriation

One of the principle drivers behind on-premises private cloud is data security. A lot of customer data and workloads are simply not suitable for the public cloud. Yet security is a very nuanced problem that requires dedicated teams to maintain. SoftIron was built around security. We compile all source code for embedded hardware, firmware and software that goes into each device, with known contributors and traceability.

Security is something that SoftIron takes seriously and today is a CVE numbering authority, along with being FISMA high, FedRAMP high, DoD SRG impact level 5 and FIPS 140-2 compliant.

Hardware is one of the foundations of good security. The BMC is the gatekeeper to security. It is responsible for loading the UEFI and other critical firmware. Every SoftIron product uses a BMC that is designed in-house and leveraged throughout the hardware life cycle. Our BMC works in concert with the software ecosystem enabling strong vertical security integration, a factor often overlooked in mainstream server markets. Our proprietary BMC allows the software and firmware upgrades to happen in unison with tight integration leading to a leap in quality and end-user satisfaction.

Truly owning the hardware design goes beyond simply building a product, it ensures we consider the ramifications of each hardware decision and do not simply accept a decision inherited from a third party as “good enough”. Inheriting decisions from others through unwitting delegation of responsibility is precisely how hardware security issues like LogoFAIL can occur. Each party assumes the other is paying attention but neither is checking for security problems in that area. Attack vectors like the recent LogoFAIL are avoided precisely because we build our own hardware and consequently do not run generic firmware.

Problem ownership

Delivering a true public cloud experience while at the same time freeing the consumer from the overwhelming IT burden requires ownership of the whole problem. At SoftIron we have never shied away from hard problems. Problem ownership is at the core of SoftIron’s ethos and right from the start, we have elected to be responsible for the whole solution and not offload problems to our customers.

Hardware is the foundation upon which true cloud infrastructure is built. Ownership of the design and manufacture of SoftIron’s hardware is central to the solution we can create.

Building our own hardware allows SoftIron to shoulder the burden of on-premises infrastructure and frees our customers to simply consume the cloud.

Related articles