As always X-IO is trying to improve our protections against Cyber threats that seem to be only increasing. The most recent revelation of the Spectre and Meltdown threats on the Intel platform (but not limited to them) made us perform a careful engineering and security review and analysis using all currently available information. This did not reveal any exposure to these exploits based on our unique system design and best practice implementation.
While we do use Intel Xeon processors as controller components in our storage systems, these are not exposed to the newly identified processor exploit in a similar way as servers (or storage platforms running open operating systems). These processor vulnerabilities appear to only become exploitable if malignant software is running on the system. As the X-IO ISE is a closed embedded storage appliance, it executes a highly controlled software stack where all software components are managed and controlled by X-IO at manufacturing. Therefore, this prohibits any malignant software to run on the ISE and thus the system is not exposed to these issues.
As is always our practice, careful ongoing review of potential exposure will be done as new information becomes available. Currently, we can see no need to patch X-IO Storage Arrays. We are constantly reviewing any security concerns and will address them with the highest priority should a requirement emerge.
Still have questions? Please reach out to us: firstname.lastname@example.org