nForce 500: nForce4 on Steroids?
by Gary Key & Wesley Fink on May 24, 2006 8:00 AM EST- Posted in
- CPUs
Improved Feature: MediaShield
While the networking side has undergone an extensive makeover, the storage side of the nForce500 has been fine tuned. The nForce 590/570 series now offers three separate SATA controllers each with integrated dual PHYs that are capable of operating at 1.5Gb/s or 3.0Gb/s speeds. This results in six Serial ATA devices being available for the user instead of four as in the nForce4, Intel ICH7, or ATI SB600. These devices can be configured in RAID 0, 1, 0+1, and 5 arrays. There is no support for RAID 10.Considering the support for six drives, it is now possible to run a massive RAID 5 drive consisting of a pair of three-drive RAID 5 arrays together, or running multiple combinations of RAID technology together. NVIDIA also supports the shared spare (or dedicated spare) technique in MediaShield. The spare disk feature, available with MediaShield RAID 5, offers protection with a dedicated spare drive that can take over for a failed disk until the repair is completed. However, the performance results during our RAID testing found no measurable differences between the nForce4 and nForce 500 storage systems. In fact, the less than stellar write performance of the nForce4 in RAID 5 continues in the "new" chipset.
NVIDIA will be introducing a new twist to improve their SATA controller performance by offering profiles for specific hard drive models. Since each hard drive has unique performance characteristics, NVIDIA will be matching the capabilities of their controller logic to each drive's particular strengths. So far, Western Digital's 150GB Raptor has the only profile loaded, but there are plans to profile additional performance oriented drives that are popular in the market. The nForce4 family will also benefit from these profiles through driver updates, but users are not able to configure or modify individual drive profiles. In our testing with dual WD1500 Raptors we noticed benchmark results that were on average about 1% to 2% better in our IPEAK tests while the synthetic tests realized a 3% gain in some areas.
While NVIDIA has implemented six native SATA ports, they reduced the available PATA ports to one. This matches the Intel ICH7 and ATI SB600, but the reduced PATA ports will not be seen as an improvement to many users. Considering the Optical drive manufacturers have been very slow to implement SATA in their drives, this decrease in port count could affect those users who have multiple optical drives for audio/video content creation and manipulation. However, with the major core logic suppliers basically on the path of phasing out PATA devices this move by all the chipset manufacturers might spur the optical drive manufacturers to a quicker SATA transition.
64 Comments
View All Comments
nullpointerus - Wednesday, May 24, 2006 - link
TCP/IP CPU utilization scales with increased transfer rates. Online gaming is hardly designed to stress a 1Gb Ethernet. So this TCP/IP acceleration is primarily intended for LAN gaming. You don't really need a firewall on your LAN (unless perhaps you are hosting a LAN party on that machine?). It's acceptable to use your router's firewall if you really know how to configure your LAN properly:Modem
|
Router
|
+--A (game server)
+--B (game client)
+--C (game client)
+--D (game client)
In this situation, TCP/IP acceleration might be useful. Of course, if you leave yourself open to your LAN and one of the other computers on your LAN is compromised, you could very well be compromised, too.
I don't understand the comments about a third-party firewall. Perhaps only XP and Vista's firewalls will be supported initially?
Trisped - Wednesday, May 24, 2006 - link
A true router can configure a firewall on all ports, both incoming and out going. In this way you can set what ports can be sent and what ports can be received through a router, in the LAN or out side as the case may be. Of course, software firewalls are usually a little more powerful in that they check who sends what. I think hardware firewalls can do this too, but they don't on any of the Linksys, Netgear, or AirLink routers I have used lately.It is also important to note that the typical home router is not a true router. It is a 2 port router (1 port for the WAN and 1 for the LAN) and the rest of the ports are connected via a switch or hub. Switches can also have firewall, but most home solutions don't seem to.
mino - Wednesday, May 24, 2006 - link
The info WHO sends teh data is the most crucial. Enabling http(80) just for Opera and 993+25 for Thundebird is a huge difference to allow al kinds of malware/spyware go out on 80.And NO, no HW (or second machine be it linux router or cisco router) can detect (reliably) which application is sending the data.
Gary Key - Wednesday, May 24, 2006 - link
I will clarify this in the article. Windows XP firewall is not supported. Vista should be but that decision is not final at this time due to continuing changes from Microsoft.
Tanclearas - Wednesday, May 24, 2006 - link
So does this mean Nvidia has abandoned AA in NF4? I know that is my impression, based upon my experience with them (http://forums.anandtech.com/messageview.aspx?catid...">http://forums.anandtech.com/messageview...mp;threa..., but just wondering what the official word is.Honestly, the idea behind Nvidia's chipset-based firewall was a good one, especially for universities/colleges with literally thousands of computers on the inside of the corporate firewall. Protection at every level is worthwhile.
As for the Vista firewall working with NF5, I definitely would not count on Nvidia making it happen.
Gary Key - Wednesday, May 24, 2006 - link
Once the new 9.x platform drivers are released with support for chipsets prior to nF5, then yes, Active Armor firewall will be dropped. The new driver set will also have further changes in them to reduce the possibility of data corruption on the nF4, whether the CPU utilization goes up or down, I do not know at this point. I do not have a "stable" set of new platform drivers for the nF4 yet, cannot verify this myself. I will be speaking with the program manager tomorrow. ;-)
We did find out that NVIDIA expected Microsoft to accomplish a few tasks in the Windows Firewall program, it did not happen, so they are pulling support as Microsoft decided to go a different direction in Vista. I have beta 2 on the way so there will be some test runs with the new driver set to see what happens. I will have a full statement on this subject by the end of the week. Apparently, there were several promises made, not kept, or not communicated properly about 18 months ago between the two parties about the Firewall program, OS hooks, and its future.
mbf - Monday, June 12, 2006 - link
Is the nVidia firewall truly gone? I've just downloaded (but not installed) the 9.34 driver pack from the nVidia FTP site. The pack still contains a NAM setup (v60.16).What exactly constitutes the ActiveArmour part of the firewall? The hardware firewall was introduced with the nForce3 250gb chipset and the AA functionality was added in nForce4. I've never figured out what precisely AA does, though.
If it's true that nVidia has pulled the firewall from the feature set I'd say it's a truly bad choice. For me, the hardware firewall was one of *the* most important features on the nForce chipset. Well, not having to wonder losing this feature will make my switch back to an Intel chipset-based Core 2 rig much easier. It's a shame.
Stele - Wednesday, May 24, 2006 - link
I was actually wondering if XP and Vista's firewalls would even be supported, since they're arguably 'third-party' from nVidia's viewpoint. While the argument for using hardware-based solutions in routers etc is cogent, imho there is a case for protecting individual PCs against compromise from within the network. For example, there may be laptops in the LAN that are used on several other (and potentially unsafe) networks as well. Besides that, software firewalls have the advantage of being able to potentially alert users to and stop malware from making unauthorised outbound connections from an infected PC (or unauthorised inbound connections from an infected LAN peer). I wonder if it's possible to get around the issue in future versions of firewall software - then at least it's not a lost cause, just that we would have to wait for newer versions of the software to be released.As for the actual usefulness of the TCP/IP offload engine, perhaps the folks at Anandtech can design a specific test that would stress such an engine's capability to the limit, to provide clear and objective assessment of its effect on performance. After all, Anandtech developed a good custom test suite for server benchmarks that targets specific application types, so I figure this would be well within their considerable programming skills as well ;)
Meanwhile, I wonder how nVidia's SATA controllers have improved if at all over the generations, and it would be great to eventually see an ULi 1575/SB600/MCP comparison in the future.
nullpointerus - Wednesday, May 24, 2006 - link
Correction:You don't really need a firewall on your LAN clients...
Gigahertz19 - Wednesday, May 24, 2006 - link
Expect the new kitchen when Conroe is launched :)