DCIG

This Is Not Your Father's Clustering Software

Fri, 17 May 2013 05:00:00 -0600

I have been looking into clustering and high availability (HA) a lot lately, mostly as it pertains to my day job but also because I just like to keep myself up to speed on things. What has been changing? An abundance of things!

Thinking back to the late 90's and early 00's, it was difficult, it not impossible, to get a cluster up and running without significant amounts of pre-planning and coordination from many groups (Network, Server, Application, DBA's etc.) This was back in the day before VMware and other hypervisors where if you wanted to protect an application from having a single-point of failure, your only option was to cluster that application.

Even once that is done, you had better hope that the application was one that the cluster software supported otherwise you would be hacking things together and praying that the failover groups and everything else functioned as expected. Assuming you got the cluster up at all, there was nothing to provide simulated failover testing and/or the ability to have the cluster software run a simple health check on functions to ensure everything was working as expected.

I can tell you with all the advancements in the last 15 + years, things have changed radically. System administrator now have a myriad of tool sets to assist in the deployment of clustering and high availability technologies. Here are a few of the feature sets I have come across that I wish I had "back in the day."

Pre-Install Checklist

The ability to ensure that all cluster components are configured properly prior to the installation of the cluster software. In essence, a real-time checklist of public, private, and heartbeat interfaces, as well as shared storage configurations, and most importantly patch levels on the server(s) that the cluster will be installed on.

Failover Testing (No Impact to Production) - Fire Drill

The ability to perform non-invasive checks of the infrastructure to validate HA configurations, which can be automated and run on a scheduled basis. A functional tool that can pick up mistakes made by system administrators (Like adding storage and forgetting to add the mount point to the cluster, etc).

Ongoing Health Checks to validate Cluster Health

Dashboards, reports, and notifications that provide an "at a glance" look at the health of the cluster across your landscape, notifying the administration team when functions breach a threshold.

Robust Application Integration / Simple Frameworks to Integrate Non-Standard Applications

Almost every shrink-wrapped application out there is supported by one cluster or another. If not, most clustering software provide a very simple framework to get them into the cluster and protected.

Physical to Virtual - Virtual to Physical Failover Capability

The ability to failover P2V and V2P as stated this function allows for a very robust configuration of clustering which can include the entire application stack (Web to App to DB etc)

The clustering of yesterday is certainly gone, and the clustering of today makes everything very simple. At the same time providing the robustness any company may be looking for to protect their applications, whether that be in a local data-center, connected to a metro-data-center or something a bit farther crossing the country or even the world.

Breaking Up is Hard to Do

Thu, 16 May 2013 08:45:00 -0600

I've been in sales for about 20 years now and like anyone in sales or leadership in a company, I've been told that the client/vendor relationship "is over." With that message, I have been given a myriad of reasons or excuses as to why the relationship was over with my company and my soon to be an ex-client ranging from understandable to totally unique, here are some of the better ones.

"Our budget has been slashed"
"A competitor is giving us better pricing"
"My wife's brother is now doing what you do, and well you know, I'm stuck"
"We've been purchased and the new parent company has a different vendor in place"

These reasons are always a huge let down, but you are able to somehow rationalize them, or at least wrap your head around the process that went into them for the most part. The tough ones are when the excuse makes no sense at all, or is so surprising that you really have no response such as:

"We've decided to go a different direction"
"We don't believe in customer education anymore"
"We think that marketing is not helping our market share grow"
"Your boss offended our CEO's wife when he thought she was his mother instead of his wife"

But recently, I got one that really tops them all. It so far surpasses the others that I have heard that it merits sharing. A recent DCIG customer that was using our new Lead Generation product, for less than a month, called to tell us the following; "We just finished closing the 3rd piece of business as a result of your Lead Gen program, but we are cancelling the engagement because we don't think that it works very well."

I had to check my calendar to make sure that it was not April 1st. I was dumbfounded, speechless. I just could not find words to describe what I had just been told. Our services had uncovered new leads for these folks, created new selling opportunities for them, and led to 3 new deals worth tens of thousands of dollars of sales, and they were telling us that they did not think it worked very well.

Our monthly program cost was a mere fraction of the cost of one sale, and yet this program apparently did not create any value in this client's eye. The more humorous thing was that they were using cooperative marketing dollars from a manufacturer to fund this, so in the end, it was not costing them a dime!

Now, if I had a sales person come to me and say "Boss, those leads you got me have led to 3 new sales!" I would expect the next words from their mouth to be "GET ME MORE" or "THIS IS FANTASTIC", or "PINCH ME PLEASE I'VE NEVER HAD IT THIS GOOD BEFORE!". But if they came to me telling me that as a result of less than a month of effort that they have closed 3 new pieces of business and that it was their austere professional opinion that this program sucked and they want to discontinue it, I would FIRE THEM RIGHT THERE!

I am just baffled by the rationale of this customer, because our service admittedly uncovered NEW leads, people that they had never spoken to, heard of, or were engaged in a sales process before we made the introduction through our Lead Gen service. On top of uncovering NEW leads, we gave them leads that were people looking to make a buying decision....right away! AND BOUGHT FROM OUR CUSTOMER!

Now if you are not in sales, you may not fully appreciate the enormity of this. Finding people who want to buy right away is like finding a herd of talking unicorns milling around your back yard, looking for the opportunity to join a traveling side show. It is rare, but....clearly the service is inadequate, and should be cancelled.

We at DCIG strive to create high quality content, and now we strive to also create high quality leads through utilizing our content as a service. We would love to talk to you about providing this same service to you and hopefully create the same level of new opportunity for your that we did for our soon to be ex-client.

Know - Don't Guess - Who is the Most Skilled Person to Backup and Recover Your Business

Tue, 14 May 2013 09:00:00 -0600

Identifying who the "best" individual is to handle backup and recovery within an organization has always been at best a crapshoot. The choice usually came down to some arbitrary evaluation of a person's education, experience, knowledge, skills and their willingness to perform the task which had mixed results. The customer education services, certification program and online learning portal now available from CommVault trains and equips individuals to perform backup and recovery so this task of identifying the "right" person to do the job is a far more quantifiable and defensible process than ever before.

A recurring theme that I hear more frequently than ever is how poorly trained and equipped IT staff are to leverage the features on technology that they have readily available to them. Take backup software for instance. It used to be that in order to use features such as deduplication, array-based snapshots, mailbox-level restores n Exchange or even backup to disk organizations had to procure additional licenses to use them.

No more. In the last few years, capacity-based licensing has revolutionized how backup software is delivered. Solutions such as CommVault® Simpana® includes all of these features and more as part of its software so that if a specific feature is needed to protect an application can be deployed without having to go back to the proverbial well to ask for additional monies to pay for it.

But in the process of making all of these backup software features easily accessible and available for organizations to use, another equally problematic issue has emerged: actually getting IT staff to use them.

Consider this situation. CommVault Simpana natively offers management of array-based snapshots as part of its software so theoretically all that an IT staff member has to do is turn this feature on and start managing snapshots on almost any array from any storage vendor (Dell, EMC, HP, IBM, NetApp, etc.) The problem is that before anyone wants to turn this feature on, they want to know:

How to configure it
How it works in their environment
What the impact might be
How to turn it off if needed
How to test it

Obtaining that knowledge and then getting the necessary training and experience with the feature so that one may confidently perform that task is another story. No knowledgeable IT staff member really wants to try out a really "cool" feature such as managing array-based snapshots on a production array and then have it backfire on them due do a gap in their knowledge or experience. This error could result in consequences ranging from application interruption to never using this feature again even though the root cause was lack of proper training.

Even if organization looks to hire an individual from the outside who claims to have "expertise" in this feature, how viable or defensible is their expertise? As anyone knows, to truly be an "expert," one needs some combination of education, knowledge, and hands-on training that can be quantified. But without a means to objectively measure this combination of factors, organizations remain in this position of having to subjectively select the "best" person for the job based upon what they allege they can do.

The need to select the right person to do backup has become particularly important as of late. "Backup" is more than just backup. It is archiving, It is restores. It is business continuity. It is disaster recover. It is compliance. It is data management. This is now a position for someone who has the right combination of education, training, knowledge and experience to execute upon it. This raises the concern, "How to confidently find that person and justify that recommendation?"

CommVault answers this dilemma very well with the unveiling of its customer education services (CES), certification program and online learning portal. Using the tools available through this portal, IT staff may equip themselves with as much (or as little) information as they need to do their specific job.

CommVault's VP of Global Education Services and Customer Support, Robert Brower, suggests that the goal of this portal is not necessarily to make one an expert in CommVault Simpana or even "graduate" through each course level to achieve a certificate of completion. Browser says, "Each person should first determine what they need to fulfill in their specific role within their organization. Once that is done, they should then select the courses and training which best equip them to perform their job."

This mindset represents a marked departure from educational options available from other providers. However CommVault still recognizes the value of training and equipping people so they have the necessary skills to fulfill whatever job that they might be performing - be that an entry level backup software operator, a data protection architect or somewhere in-between.

To satisfy these varying requirements that organizations have - and provide the quantifiable measurements that they still need and want to select the right person to fulfill these various roles - CommVault offers courses and curriculum that equip them to perform that job. Then to gauge their mastery of the skills needed to perform the job, the educational portal provides tests and simulations that verify grasp and understand the material they have reviewed and learned.

The education advantage portal also creates a profile for each person. This profile includes an assessment of each person's skill level with CommVault Simpana which is scored and ranked. These scores and rankings may be used by organizations to determine who are the best people to assume certain responsibilities or even when deciding whether to hire from within or without.

This gives organizations a tool they can use to objectively and defensibly measure an individual's overall competency and ability to administer CommVault Simpana. Likewise, it also provides individuals the objective third party certification that they need to illustrate and document their existing level of proficiency with CommVault Simpana while providing them a means to continue to improve and enhance their skill.

Education is great but its value is most clear cut when it maps to a specific, quantifiable business need. Using the CommVault online learning portal, its value is immediately evident to businesses and individuals alike. It may be initially used to ensure that available base-line features are successfully implemented and utilized without putting either the individual or the business it risk. However its longer term value is putting the individual on a path that their skills are recognized and defensible and the business has a high degree of assurance that its data is protected and maintained by a person with the appropriate skill level to do so.

The Difference between a DCIG Buyer's Guide and an Analyst Research Report

Mon, 13 May 2013 08:00:00 -0600

A question that I often get asked is, "Why does DCIG use the phrase 'Buyer's Guide' instead of 'Analyst Research Report' when it produces its listing, ranking and scoring of products?" More than one individual has said these Guides are more valuable and serve as a better starting point when it comes to helping them making a storage buying decision than most of the analyst research reports available on the market. So why not position the DCIG Buyer's Guides as Analyst Research Reports?

The rationale as to why DCIG positions this collateral as "Guides" rather than as "Reports" is a subtle but important distinction. DCIG defines an "Analyst Research Report" as a written work that does a deep dive into a specific subject matter or topic that helps an individual understand how a product operates at a deep technical level.

The DCIG Buyer's Guides serve a different purpose and are written from a different viewpoint. They provide buyers of a specific technology with a side-by-side listing, scoring and ranking of products in a specific market while also providing sufficient detail to enable buyers to, at a glance, quickly assess which products are most alike.

If anything, DCIG Buyer's Guides should be used prior to reading any analyst research report. A DCIG Buyer's Guide does the heavy lifting in terms of helping a buyer create a short list of 2-4 products that meet the specific needs of his or her environment. Once the buyer has created that short list, the buyer can access and download the specific analyst research reports about that product that they need make their final buying decision.

Buyer's Guides and Analyst Research Reports both serve important purposes when it comes to making a complicated technology buying decision. However as you view DCIG Buyer's Guides and other analyst research reports, DCIG recommends that you turn to a DCIG Buyer's Guide first to quickly create a short list of products and then leverage other available research reports to justify your final buying decision.

Software-defined Storage is "Good" - Just Not All Versions of It May be Equally Well Suited for Your Organization

Fri, 10 May 2013 09:30:00 -0600

It seemed only moments after EMC announced its ViPR software-defined storage platform at EMC World this week that the attack dogs (primarily its competitors) were out in full force pointing out ViPR's shortcomings and attacking its merits. But its competitors need to be careful how they go about discrediting EMC's version of software-defined storage. EMC promoting it will lift the entire software-defined storage tide and help make it a viable option for end-users which many want and need.

EMC's competitors have a love-hate relationship with EMC. They all know who EMC is. They almost inevitably say they have a better story or technology than EMC. They all love to discredit any new technology that EMC releases. Despite all of these benefits they allegedly offer over EMC's storage, EMC has a number of advantages over them that they tend to neglect to bring up.

EMC hosts conferences like EMC World which attracts 15-20,000 attendees (Does the competitor even have enough users to host a user's conference?)
EMC has the "black helicopter" aspect of support nailed. (Having a couple of engineers available to talk to you on the phone in the middle of the night does not count.)
EMC is a marketing machine. (Can their competitors spell "marketing?")

Reasons like these push companies over the finish line and prompt them to seal the deal with EMC. While companies want "good" or even the "best" technology, they also want to know that the solution they are acquiring is used by other tech people in the industry, that they can access the level of support that they need when they need it and that when they are meeting with executives to present their technology plan it is authoritative and well-researched. While some of their competitors can claim some of these features, only EMC can claim all of them.

This level of contact and support that EMC has with the end-user community particularly comes into play when introducing a "new" technology like software-defined storage. While the technology behind software-defined storage is not really "new" as I discussed earlier this week, the phrase itself is fairly new and seems to be resonating with end-users. So EMC putting its weight behind will help to move it forward and gain momentum which ultimately helps everyone.

This makes it so imperative for the rest of the industry to be very cautious about how aggressively it attacks EMC on this technology or its use of this term. Users as a whole need software-defined storage to better manage their storage environment and at this point are receptive to learning more about it. So anything that the industry can do to help a buyer associate software-defined storage with "good" is ... good.

This is a point in time where those in the storage industry need to tread carefully. If the industry starts attacking software-defined storage as a whole, it risks creating the impression that "software-defined storage" is somehow "bad." This is bad. Buyers will get skittish and then not move forward with this technology. This hurts more than EMC. It hurts their competitors as well as end users who need this technology - some in the worst way possible.

Software-defined storage is a long overdue technology (like ten years overdue) and the storage industry largely blew it last time when it was introduced as storage virtualization and storage resource management (SRM). Now it is getting a chance to correct that mistake in the form of software-defined storage.

The key to correcting it is to present software-defined storage as "good' as a whole so it does not leave a negative connotation when users think of it. Once that impression is created, it is then that vendors should seek to point out how their software-defined storage offering does a better job of meeting a specific user's requirements. Failing to first create this "good" impression of software-defined storage means vendors once again risk waiting another ten (10) or more before users are again open to adopting this technology..

Best Practices for Implementing Backup to the Cloud; Interview with STORServer's Jarrett Potts Part III

Thu, 09 May 2013 05:00:00 -0600

It can sound so easy to back up to the cloud. Just plug in a backup appliance and it does all of the work. While there is an element of truth to that, there are certain steps organizations should take to ensure they are getting the results they expect when implementing a backup appliance that backs up to the cloud. In this third and final segment of my interview series with STORServer's Jarrett Potts, we discuss best practices for backing up to the cloud and recommend some steps that organizations should take to maximize backup and recovery times while minimizing costs.

Jerome: Any best practices that you recommend users follow when deploying and using a STORServer Backup Appliance?

Jarrett: If they have an environment with 10-15 servers, a small headcount, a small number of servers, and they have no secondary site to which to replicate data, then a public cloud is the only obvious choice. Using STORServer, this would allow them from a best practices perspective to do incremental forever as well as set up a routine that would make sure that their most important data--their production data--is protected the most quickly. This ensures their mission critical devices and applications are protected first and then all other data goes after that.

What we are really talking is the ability to discern which is the most important data. One of the best practices for smaller companies that are backing up to the cloud is to get rid of data that they just do not need.

In a customer environment, there are many who say somewhere between 40 and 60 percent of the data in a SMB (small and midsized business) account has not been used in the last year. However, even data that has not been used in the last year is still backed up. If STORServer could speed up recovery time by 40 percent by getting that inactive data off of the original system, then it's a win/win for everybody.

This is one of the things STORServer would like to suggest as a best practice: Go out, find all of your old data, and archive it to the cloud. It is still there so you can go out and find it at any time. But, this gets rid of it on your production and/or primary systems. Then, the backups are backing 40 percent or whatever percent amount of data that has not been touched in a year.

This means your backup is 40 percent faster and your recovery is 40 percent faster. Further, you just freed up 30 percent of your production disk so you might not have to buy storage for a longer period of time. So, it is always a best practice to get rid of old and aging data.

Then, of course, there is another best practice that is not necessarily a best practice from an IT technical perspective. When you pay for a cloud service, you normally pay by the TB, either by month or year. You have to be very careful of what you send to the cloud, especially for small and midsized customers that do not have the infrastructure to sort through data. So, as they back up servers and maybe workstations, they may be sending data to the cloud that does not need to be there.

For example, I run a small nonprofit organization out of my home. The data associated with this is located on two laptops that I back up to the cloud using STORServer. One of the things that I noticed was that the amount of data I was pushing was too high for what I was trying to do.

I looked to see what I was backing up and discovered that I was backing up my iTunes directory. My iTunes directory is 20 or 30 GB. I then excluded that directory and immediately my backups became much faster because I was not sorting through mp3 files and pictures that are in my iTunes directory. Of course, the same is true for my email directory. I got rid of it because it is on my server at work. I do not need to back it up on my laptops.

Most people would probably want to not back up all files on their local machines and shared IT directories, and they probably do not want to back up PSP files from Exchange. There are some considerations of data to exclude or include when you are going to the cloud to make it a little more intelligent.

Jerome: Does STORServer help companies with their backup appliance deployments?

Jarrett: STORServer sits down with a customer and they tell us what their most important systems are. They identify which ones are tier one, which are tier two, which data is mission critical and which is not. Then, there is even a tier three that has everything else.

Once the data is tiered, STORServer on the back side makes sure that the tier one data has the most resources when necessary. The tier one data is the most important data, so when that comes in for backup and recovery, it takes priority over everything else.

This is something that we set up inside of the appliance. But, we also have to consult with the customer because they know best which data is the most critical in their environment.

In Part I of this interview series, we discuss how backup to the cloud is coming into its own.

In Part II of this interview series, we discuss how to choose the right backup appliance for cloud backup.

"Doc Lock-in" May not be the Villain at EMC World

Wed, 08 May 2013 09:45:00 -0600

The main theme at this year's EMC World is "Lead the Transformation" that EMC is illustrating through the use of superhero characters. The superheroes are represented as end users who come up with solutions to manage today's complex storage environment while the villain is pictured as "Doc Lock-in" who requires our superheroes to "lock-in" on a single vendor to mitigate this complexity. Yet for those users who think strategically about their storage acquisitions, Doc Lock-in may not be the full-fledged villain that EMC World portrays him to be.

EMC World 2013 has already provided some interesting insight into the underlying psyche that must currently prevail within the EMC culture. As I mentioned in yesterday's blog entry, one of EMC's objectives at EMC World was to once again make the topics of storage virtualization and, to a certain degree, storage resource management (SRM), palatable to end-users. To accomplish that, it coined the term "Software-defined Storage" to promote these two concepts without bringing along the emotional baggage that users often associate with them.

But by creating the Doc Lock-in character, EMC also inadvertently tipped its hand that it is sometimes (maybe often?) viewed by end-users as fulfilling the Doc Lock-in role. This likely motivated it to introduce ViPR, its software-defined storage solution. Through it, users can theoretically manage any vendor's storage and EMC may cast itself on the side of the hero as opposed to playing the role of the villain.

But is "lock-in" really bad and should EMC be classified as "evil"? A group of us analysts were discussing this "lock-in is evil" mindset over dinner last night and we quickly came to the following conclusion: Vendor lock-in is a choice, not a decision any vendor requires any company to make.

Granted, some companies fail to fully comprehend the gravity of choices made and their consequences so they end up in a predicament where they feel "locked-in" to a particular vendor's solution. Yet I do not blame that on the vendor - that is on the end-user.

Further, even when they are in state where they feel "locked-in" to a particular vendor's solution, one is never truly "locked-in" as they are not out of choices. Rather they are simply out of pleasant choices with "pleasant choices" being defined as "the freedom to pick any solution at a discount without having to spend weeks or months implementing it ."

Even then one should not be so quick to dismiss the benefits of being "locked-in." It takes a lot of end-user time - and I mean a lot of time - to investigate different vendor solutions, examine their benefits, choose one, test it and then bring it in-house and implement it. The amount of time it takes to accomplish this is what prompted DCIG to develop and release its Buyer's Guides to help buyers quickly assess what products are available in a particular space and identify the most appropriate one for them.

Conversely, consider the benefits, if you will, of being "locked-in" to a particular vendor. Yes, you may pay more for the technology but all of the time spent evaluating different solutions goes away. Instead, you can more quickly and simply pick that vendor's technology that matches the requirements of the job, implement it and then focus on leveraging that technology to address the issue.

Further, this mindset is certainly in line with what I hear from end-users. They want simpler environments. They want to better leverage and optimize the technology they already have. They want one throat to choke. You probably only get that by having "Doc Lock-in" on your side of the field. Realize that if you do, you are probably going to pay up to have him there with the upside being that you will have more time to focus on doing what your business does best.

Even take EMC which is promoting no vendor lock-in with ViPR. C'mon. Really? If EMC was really promoting no vendor lock-in, then its keynote speakers should be onstage encouraging users to go out and buy as much HDS, IBM, NetApp, Dell, HP, Imation/Nexsan or whatever other brand of storage as they want and then use ViPR to manage it. I did not hear that message at all. EMC wants you to buy more VMAX, VNX, Isilon, Atmos and Data Domain and then use ViPR to manage it - pure and simple.

Locking in on a specific vendor's technology is a choice and it may be the only choice that some users feel they can make. But lock-in does have its upsides and users should not be so quick to dismiss them. Granted, they are times when Doc Lock-in may feel like and even be the villain. But having too many choices can have just as many downsides as feeling like Doc Lock-in is your only choice.

EMC Gives Storage Virtualization a Politically Correct Name: Software Defined Storage

Tue, 07 May 2013 08:00:00 -0600

About a decade ago, give or take a few years, a huge debate raged in the storage industry as to what was the best form of storage virtualization. However all that debate created over time was an equally large sense of fatigue with many people souring on the whole topic of storage virtualization. To resolve that, the term "storage virtualization" has been given a facelift at the 2013 EMC World and with it a politically correct name: Software Defined Storage - that is available from EMC as EMC ViPR.

It is hard to believe that nearly ten years have passed since the storage industry engaged in what at that time seemed to be an almost endless series of debates on what was the best form or forms of storage virtualization. Terms such as "in-band virtualization," "out-of-band virtualization," "host-based virtualization," "network-based virtualization," and "storage controller-based virtualization" were just some of the terms bandied about. In fact, the very first article that I ever wrote and published (and which launched my career as a writer and an analyst) was on this subject in 2002.

Yet the end result of that debate was souring decision-makers (i.e. - those in management who gave the approval to write and sign the checks for technology purchases) on the whole topic of storage virtualization. This came to mean any form of storage virtualization which did everyone a grave disservice.

The entire industry (analysts, journalists and writers included) should have kept our focus on the larger benefits that any of these various forms of storage virtualization would have provided. Our job was to educate and inform the industry on the pros and cons of each form of storage virtualization and arguably make recommendations as to which form was the best in certain circumstances. However our job was not to take sides.

There was never any doubt (at least in my mind) about storage virtualization's overall value proposition regardless of which path was chosen. But by taking sides in the debate and implying that it was "one way or the highway," management chose the highway. This contributed to the negative connotation associated with storage virtualization which persists to some degree even to this day and contributed to the inordinately slow adoption of this technology.

This put storage companies in a bit of a bind. At the end of the day, they all knew that a comprehensive storage virtualization solution was a prerequisite to fully deliver on the benefits of the cloud. However pitching storage virtualization to corporate IT management was only bound to evoke memories of the early 2000's storage virtualization wars and turn them off to the whole topic before they had even heard them out.

This is why I have to give EMC credit. By using the term "Software Defined Storage" to describe its new ViPR product, EMC has identified a politically correct phrase that sidesteps the negative emotional baggage that end-users associate with storage virtualization while once again piquing their interest in the topic. As for what this means for EMC in particular and end-users at large, I'll try to cover that angle later this week in a subsequent blog entry.

Fusion-io Acquires NexGen to Accelerate the Process of Data Center Transformation

Fri, 03 May 2013 06:30:00 -0600

Last week's acquisition of NexGen Storage by Fusion-io was greeted with quite a bit of fanfare by the storage industry. But as an individual who has covered Fusion-io for many years and talked one-on-one with their top executives on multiple occasions, its acquisition of NexGen signaled that Fusion-io wanted to do more than deliver an external storage array that had its technology built-in. Rather Fusion-io felt it was incumbent for it to take action and accelerate the coming data center transformation that it has talked and written about for years.

When I first learned of Fusion-io's decision to acquire NexGen Storage, it caught me a bit by surprise. I had talked with its CEO David Flynn as well as with Rick White (its CTO, CMO and general person extraordinaire) on a number of occasions and their overriding opinion (paraphrased) was that disk storage, as it is currently used in production data center applications, was on the way out and would need to be replaced by a new faster tier of storage.

While many in the industry hold to this opinion, Fusion-io's position differed (at least early on) in that it contended this new tier of storage would emerge not as a new tier of storage (such as Tier 0 or flash memory/SSD-based storage) but as a new memory tier. It contended (and still does to the best of my knowledge) that the processing overhead and time involved to convert data in memory to data storage and back again so that it is usable for processing would become unacceptable over time.

They contend (and rightfully I might add,) "Why not just store data in memory all of he time and eliminate this unnecessary transformation of data that needs to occur during processing?" This thought process and positioning explains why Fusion-io puts its ioDrive technology inside of servers, refers to it as ioMemory and ships with its own driver that eliminates all of this back and forth data transformation that is currently needed to store data on disk. It also explains why others such as EMC and Dell are actively working on solutions that compete with Fusion-io because of the huge acceleration in performance that this approach offers over even using flash memory based storage arrays.

However if Fusion-io's approach is so much better than any flash memory array shipping today, then why buy NexGen? This raises the following questions that I wish to examine in this blog entry:

One, while Fusion-io's technology has been widely accepted, it probably has not experienced the broad market adoption and displaced traditional storage solutions as quickly as many thought it might despite the vast improvement in performance it offers over these arrays, to include flash-based arrays?. The question is, "Why has this not occurred?"

Second, if Fusion-io's technology is so much better than using storage arrays, why buy NexGen Storage? Granted, NexGen used Fusion-io cards in its storage systems. But the ugly truth is that NexGen does not eliminate the data transformation process that needs to occur from memory to storage back to memory again since NexGen Storage is connected to servers via traditional 1Gb and 10 Gb Ethernet connections. So while NexGen may be faster than other tradtional storage arrays that use SSDs because it uses Fusion-io cards, it does not offer the same level of performance as a native Fusion-io card internal to our server.

I'll answer these two questions in the order that I posed them.

As to why Fusion-io's technology has not taken off the way some thought it might, there are at least four easons for it.

Too expensive. While Fusion-io ioDrives are high performing, that performance comes at a cost and the vast majority of application cannot justify paying that much for the boost in performance it offers.
Cannot be shared. When a Fusion-io ioDrive is put in a server, it can only be used by the application(s) or virtual machine(s) on that physical server. This adds to the difficulty in cost-justifying the purchase of a Fusion-io card and explains why companies like NexGen that used Fusion-io in their systems emerged in the first place: to better share and optimize the available performance and capacity on Fusion-io's ioDrives.
Flash memory and SSD solutions are "good enough" for now. Going from 10K or 15K RPM spinning FC or SAS disk in a storage array to flash memory or SSD has resulted in 3-10x or greater improvements in application performance. While the performance is not as good as running Fusion-io inside the server, it is still a substantial improvement in performance at a cost that more organizations can absorb.
Difficult to upgrade and/or maintain. Adding more storage capacity and performance inside a server or replacing a faulty ioDrive can be problematic since it may require taking the server offline to do so. Adding more capacity or making a repair on an external storage array is much easier since they are typically designed for 24x7 uptime.

It is for these reasons and others that Fusion-io has arguably not achieved the adoption rate that many thought it might. This also explains why hybrid and flash memory storage providers like NexGen have emerged since they do a better job of making flash available to a greater number of applications at a lower cost.

But if that is the case and where all storage will eventually end up, Fusion-io should simply look to partner with as many of these providers as possible and put its ioDrive technology inside of them. If anything, its acquisition of NexGen Storage could almost be seen as a detriment to its plans for growth. After all, why would other storage providers want to use Fusion-io's technology if Fusion-io is building its own storage arrays? In that sense, Fusion-io would have been better off staying independent so it could become the Intel (so to speak) of flash memory based arrays.

This gets to the real heart of why I believe Fusion-io bought NexGen Storage. Yes, Fusion-io wants to capitalize on the current craze in flash memory based arrays and have its own product offering in this space. This it accomplishes with its acquisition of NexGen Storage.

By acquiring NexGen Storage, Fusion-io in the near term provides some answers to the valid criticisms mentioned above about its current suite of product offerings. It drives down costs, it makes its technology shareable by storage attached servers, it provides the "good enough" storage solution that SMEs need now and it delivers the solution in a manner that is easier for them to maintain and upgrade.

Bringing NexGen into its fold also addresses another key concern that SMEs have: Support. While anyone can take a server, install a couple of Fusion-io ioDrives in it, put a Windows or Linux OS on it and call it a "storage system," by Fusion-io bringing NexGen in house, SMEs get the interoperability matrices and application support guarantees that they need to host their applications on such a storage solution.

Fusion-io having solved these near term tactical issues, it can leverage NexGen to achieve its more strategic goal: creating a new memory tier in the data center that will accelerate the data center transformation.

As Fusion-io has previously told DCIG, being a hardware company is really not core to its DNA: deep down Fusion-io wants to be a software company but needs hardware to deliver on the promise of its software.

So here is what I think is going on. NexGen Storage already uses Fusion-io internally and offers ioControl software on its arrays. Therefore it is not a stretch to believe and which, in fact, may be the most logical conclusion to draw,is that Fusion-io will look to extend its existing server-based ioMemory capabilities into arrays residing in the the storage network starting with its newly acquired NexGen arrays. While I would not look for such capabilities in the next few months or even the next year, I see it as almost inevitable.

While companies are currently enthralled with the 3-10x improvement that flash memory arrays provide, that thrill will soon be gone and they will again be looking for another 3-10x or greater jump in storage performance without a huge price increase, By Fusion-io extending its ioMemory capabilities into its NexGen arrays, there is no reason to believe Fusion-io cannot meet these forthcoming SME expectations . More importantly, Fusion-io is arguably better equipped to make this leap than competitors since Fusion-io's DNA is to be a software company that operates at the memory as opposed to the storage level in the data center stack.

Everyone knows that a data center transformation is underway and it is occurring in ways which few of us fully grasp. However from my conversations with Fusion-io's executives, I do get the sense that they do more than grasp the level of change that is about to occur. They see the role that they could potentially play in facilitating it. Fusion-io's acquisition of NexGen signals that it is tired of playing a passive role in bringing about this data center transformation and is going to, in the very near future, start shipping products that hastens this occurrence..

IBM and Symantec Team Up to Tackle the Recovery and Support Sides of Enterprise Cloud Backup

Tue, 30 Apr 2013 05:00:00 -0600

A reality check is going on in enterprises when it comes to cloud backup. While the vast majority recognize its value and are aggressively adopting it at many levels, the intangible issues of recovery and support tend to rear their head and preclude these enterprises from to date adopting a core cloud offering: cloud backup. It is these concerns that IBM and Symantec are teaming up to tackle so that enterprises may confidently do more than backup to the cloud - they can recover their data once it is in the cloud with a process that is supported end-to-end.

In case anyone has not yet gotten the memo, the cloud is "On." A recent study published by the Cloud Industry Forum found that 76% of the 400 respondents already leverage cloud services in some way with the level of cloud adoption highest among enterprise organizations (84%). Among all of organizations who are using cloud services in some way, 94% expected to increase their usage in the next 12 months.

Despite this high level of adoption of various cloud services among all of these organizations and among enterprises specifically, they are prioritizing the various cloud service offerings differently. Of particular interest, there is a wide disparity in how they prioritize the adoption of cloud backup in the next 12 months. Among organizations with 20 or more people, they expected to increase their use of cloud backup over the next year as follows:

100-999 employees: 37% increase
5,000 - 9,999 employees: 38% increase
1,000 - 4,999 employees: 44% increase
20-99 employees: 54% increase

But there is one notable exception to this expected increase of cloud backup among organizations with 20 or more people. Large enterprises which on a whole are most aggressively adopting the cloud suddenly show little desire to adopt cloud backup with only 29% listing cloud backup as a priority. So what gives?

Enterprises have two major concerns when it comes to backing up their business critical data to the cloud: Recovery and Support. In regards to recovery, it is less about whether or not their data is safely backed.

Rather, their focus is more on how quickly they can recover their data and where this recovery needs to occur. If they have to bring all of this data back across the same wire that they used to back it up and then use their own hardware to perform the recovery, the length of time that it takes to recover from the cloud is likely unacceptable.

Support also comes into play. The level of IT complexity in most businesses with 1000 or even 5000 employees is probably not overwhelming. But when start talking about backing up data in enterprises with tens or even hundreds of thousands of employees, the number of applications and the level of support that a cloud service provider (CSP) must offer to successfully backup and recover those environments exceeds the capabilities of most CSPs - even the largest.

This is where the expanded partnership between Symantec and IBM comes into play. Unlike other CSPs that may just drop off a proprietary black box/appliance, provide some best practices and guidelines as to what data to backup and then leave the relationship at a "Call us when you have a problem" level, IBM and Symantec offer the comprehensive level of backup and recovery services that enterprises expect when looking to leverage cloud backup.

First off, enterprises can continue to use NetBackup in their environments so no "rip and replace" is required to backup and recover data from the cloud. By taking advantage of this partnership between IBM and Symantec, IBM can provide whatever level of backup management services that an enterprise wants.

Cloud backup could be as simple as just giving the enterprise a cloud backup target. The service could include backing up and recovering data in an IBM data center. It could even encompass fully outsourcing all backup management to IBM to include local and cloud backup. The point is that enterprises can move forward with a cloud backup strategy that most closely aligns with their needs and comfort levels.

Second, by using IBM, enterprises get a partner that understands enterprise data center requirements and has built an infrastructure to support them. IBM offers a global, 24x7 managed cloud backup solution for servers that may reside either at the customer site or at IBM's site. In this way, IBM can backup servers at the enterprise's site and give the enterprise the flexibility to restore the server at any site - their site or IBM's site.

Third, IBM and Symantec bring to the table many of the data center features that enterprises might expect to support their cloud backup initiative.

24x7 support - Check
Backup to tape - Check
Comprehensive monitoring and reporting - Check
Multiple data centers in case of disasters - Check

These two also bring to the table through the IBM SmartCloud Managed Backup the next generation set of features and offerings that enterprises want CSPs to provide such as pay-as-you-use pricing, scalability to handle more data, deduplication and VADP for backup of virtual environment. Taken together enterprises for the first time get an enterprise backup solution (NetBackup) with an enterprise CSP (IBM) that they need to give the go-ahead do implementing cloud backup in their environment.

The vast majority of companies are adopting cloud services in some way and backup is a logical service for every size business to look to move to the cloud. However until now it was difficult for enterprises to seriously consider pursuing this option until they were confident that they had cloud backup solution that could be non-disruptively implemented, supported and then could recover their data in the cloud. By leveraging the growing IBM-Symantec partnership, they can take cloud backup out of the cloud and make it a reality.

O'Reilly School of Technology Proves that an Education in NetVault Backup Pays Off

Mon, 29 Apr 2013 08:30:00 -0600

O'Reilly School of Technology does what many organizations now do when daily backing up its production data: it uses array-based snapshots on its NAS filer. However its internal policies call for it to copy each set of weekly or monthly array-based snapshots to another storage media (disk or tape) for long term data retention and offsite protection.

It was this phase in the backup process that needed a tune-up. While copying the snapshots to an external disk device and then to tape worked well when it was initially implemented, the amount of data O'Reilly had to backup had grown significantly over time.

Case in point: on one particular volume the number of files had grown from just a few million to over 13 million in the space of a few years. O'Reilly's School of Technology's Lead System Administrator, Trent Johnson, says, "As the amount of files on this file system grew, backups of just this single file system were taking over a day."

The data growth on this file system coupled with O'Reilly's overall data growth had resulted in O'Reilly needing an entire weekend to copy each week's snapshots to the backup target. Backup times had to be shortened to prevent them from impacting the work week while requiring as little investment in time and money as possible to achieve.

O'Reilly Cracks Open the Book on Backup

O'Reilly does more than just publish books and offer online technology courses. It encourages its own employees to crack open books on the technologies it uses and study them carefully to derive the most value from its investments.

Johnson had taken this encouragement to heart as he regularly studies books and manuals to optimize his backup operations. By familiarizing himself with the technology and then applying best practices, he had already improved O'Reilly's backup environment on a number of occasions while also lowering backup costs.

For instance, when disk-based backup initially came into vogue, he took advantage of NetVault Backup's native ability to backup to disk. Implementing disk-to-disk backup shortened O'Reilly's backup windows and improved its backup success rates.

A few years later, when the optional NetVault SmartDisk deduplication feature was released, he quickly took advantage of its data reduction capabilities. While other companies were spending extra money to acquire purpose built deduplicating backup appliances, he used SmartDisk to deduplicate data on O'Reilly's existing storage to store data more efficiently. Further, since O'Reilly had an enterprise NetVault Backup license, he was able to deploy SmartDisk immediately.

Now as he looked to address this new challenge, Johnson again relied on NetVault Backup, this time to copy array-based snapshots to tape for long term data retention and offsite protection. He recalled that NetVault Backup supported NDMP, a protocol that has been around for nearly two decades and which is well suited for protecting data residing on NAS filers. By switching to NDMP he significantly shortened the time it took to copy data from the NAS filer to the backup target.

Backup Gets an NDMP Bypass

O'Reilly hosts its Windows and Linux virtual machines (VMs) on NetApp NAS filers using CIFS and NFS storage networking protocols, respectively, to connect the VMs to the NetApp filer. To do its backups, the NetApp storage system takes snapshots of these VMs and presents them to the NetVault Backup Server. It then uses NFS to mount the file system that contains the snapshots to back them up.

By switching to NDMP, he could bypass the need to route all backup traffic through the NetVault Backup media server. Instead, he configured the NetVault Backup Server to direct the NetApp NAS filer to directly send the backup traffic over the network using the NDMP protocol to the backup storage target.

To test this he obtained a free 30-day evaluation license for the NetVault Backup NDMP plug-in and installed it on the NetVault Backup Server. He configured it by simply entering in the user name and password for the NetApp NAS filer so the NetVault media server could communicate with it.

At that point, all he had to do was create a backup job that would send the backup directly from the NetApp filer to the backup device using NDMP. He found this setup pretty simple to complete. NetVault Backup automatically discovers and configures network attached storage (NAS) filers.

This "plug-and-play" technique greatly simplifies deployment and eliminates the possibility of human error when configuring the backup of a NAS device. He was quickly able to test backups and restores, and both worked well.

He then moved ahead and implemented the NDMP solution in his production environment to see if backup times would improve. As he suspected, it worked extremely well as the time it took for O'Reilly to complete its backups went from an entire weekend to two (2) hours.

O'Reilly School of Technology Proves that an Education in NetVault Backup Pays Off

O'Reilly as a company advocates ongoing education so people become more productive and innovative in their jobs and remain that way over time. However O'Reilly also practices what it preaches. By encouraging its staff to educate themselves on the technologies that they already have in-house, the staff is equipped to effectively utilize them.

This approach has certainly proven to be true with NetVault Backup. Having used NetVault Backup for nearly a decade as its enterprise backup software, Johnson was able to continually optimize his backup operations and quickly solve challenges as they appeared.
Starting with backup to disk many years ago, deduplication a couple of years ago or, most recently, using NDMP to quickly backup his NetApp filer, NetVault Backup provides the full set of features that the O'Reilly School of Technology needs to cost-effectively protect its environment.

Johnson says, "NetVault Backup's ease of deployment and ongoing management are the main reasons we continue to turn to it year after to protect our environment as it works across all of our platforms - Linux, Windows and even NetApp's Data ONTAP. This keeps our management costs down even as our data remains well protected and easy to recover."

To read about the implementation of Dell Quest Software's NetVault Backup in O'Reilly's School of Technology in its entirety, you may download the case study following this link. (Note: This link will take you to a sponsor's website.)

Four Key Features in Selecting a Hybrid Storage Array

Fri, 26 Apr 2013 09:30:00 -0600

Hybrid storage arrays use flash memory in combination with hard disk drives to create storage that balances performance, capacity and cost. Because the majority of the data will ultimately be stored on slower HDD instead of flash memory, the trick is to achieve consistently high performance without 100% flash. The secret sauce the Hybrid Storage Array vendors bring to the table is a combination of storage architecture, hardware, and software features.

What is the business value of a Hybrid Storage Array?

Time is money, and old storage architectures take too much time. They are too hard to manage and can't keep up with customer needs or the random I/O demands of the virtualized data center. Desired business results are often hampered by inadequate storage system performance.

Hybrid Storage Arrays promise to deliver the dramatic performance benefits of an all flash array at a lower cost than an all flash array. In addition, by combining flash memory and high-capacity HDD in a single system, HSAs accelerate access for a broader set of applications than can be housed on a smaller capacity all flash array. Unifying more storage under one modern management umbrella adds to the benefits a business realizes from the storage investment, while subtracting from the overall storage management cost.

Why now?

Storage industry veterans from a number of companies recognized the opportunity to combine a new generation of server hardware, flash memory and HDD into a system that could enable IT to deliver the performance businesses seek at a lower cost than either all flash or traditional arrays.

How is a Hybrid Storage Array different from an all Flash Memory Storage Array?

A Hybrid Storage Array uses flash memory--generally in the form of either PCIe cards or SSDs--in combination with hard disk drives to create server-addressable storage pools. It is the addition of hard disk drives to the flash memory storage that creates the "Hybrid" distinction.

Because not all storage in the Hybrid array is flash, it is necessary to implement sophisticated caching/tiering algorithms to place the "hot" data in flash memory and the warm/cold data on the hard disk drives.

How is a Hybrid Storage Array different from a traditional array?

Many traditional arrays can incorporate flash memory as a cache or as a high performance storage tier. A Hybrid Storage Array is architected for flash memory, and generally adopts a "flash first" approach to storage. In a Hybrid Storage Array, caching/tiering algorithms are often combined with in-line deduplication and data compression--along with cache hardware and specialized software algorithms--to maximize the amount of storage I/O that is satisfied from high speed cache and flash memory.

Because of the "flash first" design, many of the Hybrid Arrays contain only flash memory and high capacity multi-terabyte 7.2K RPM SAS or SATA hard disk drives. Bypassing relatively expensive and lower capacity Tier 1 15K SAS/FC and Tier 2 10K SAS/FC hard disk drives reduces data tiering complexity and overall cost.

Hybrid Storage Arrays generally leverage the latest generation of commodity server hardware with multi-core CPUs and large RAM capacities. This high-performance hardware makes it possible to implement data optimizations such as in-line deduplication and compression without impeding the flow of data.

What features are especially important in selecting a Hybrid Storage Array?

Caching/tiering capabilities
Consistent application performance
VMware integration
Performance monitoring

How are Hybrid Storage Array vendors addressing these key features?

Caching/tiering capabilities

From an engineering standpoint, the design and implementation of caching/tiering capabilities is perhaps the most significant differentiator among Hybrid Storage Arrays and between HSAs and all-flash or traditional arrays. They want to ensure that I/O requests are almost always satisfied from cache or flash, particularly those associated with critical systems.

Vendors employ multiple strategies to achieve optimum caching/tiering results. These include:

Much larger DRAM caches than in traditional arrays
In-line deduplication and/or compression of data in the cache as well as on disk
Separate read and write caches using dedicated hardware for each cache
Highest performance media for write caches, including NVRAM, SLC, mirrored SSDs
Multiple physical or logical write caches
Metadata stored separately from file data on very high performance media
QoS policies per VM/LUN/Volume that determine how read and write queues are serviced

Consistent application performance

Another important feature is the ability of an array to deliver consistently good application performance, and the vendors are taking different approaches to this requirement. Some vendors are focused on making the storage as smart as possible about the data so that users can simply rely on the system to do the performance management for them. Other vendors, including Nexgen, believe that the ability to specify, enforce and measure quality of service metrics on a per VM/LUN/Volume basis is critical for running multiple application workloads simultaneously.

VMware integration

VMware integration is another critical feature. The need for a new storage architecture is largely driven by virtualization. VMware not only has a large installed base, it provides multiple API hooks into the VMware environment that can make a significant difference in how servers and storage work in concert with one another. Most of the HSAs take advantage of these VMware APIs.

Performance monitoring

Visibility into the performance of the storage system is important for troubleshooting application performance problems when they arise as well as for capacity planning. Vendors approach this differently. Some have implemented VMaware monitoring that reveals performance at the virtual machine level, a capability that should speed the troubleshooting process.

Who are the players?

Although the traditional storage vendors have been slow to address this opportunity, some are now coming to market with hybrid solutions. Quite a number of newer companies are now delivering hybrid systems that were designed from the ground up to address the need of businesses for high performing, high capacity storage. These companies include Avere, GreenBytes, Nexgen (now part of Fusion-IO), Nexsan, Nimble, Nutanix, Starboard, Tegile, Tintri and Xiotech.

DCIG believes that both Hybrid Storage Arrays and Flash Memory Storage Arrays are ready to not only supplement, but to begin displacing traditional storage arrays in many data centers. Any business contemplating the purchase of a storage array should take a close look at these new alternatives to traditional arrays. Earlier this year we published the DCIG 2013 Flash Memory Storage Array Buyer's Guide to help organizations make faster and better informed purchasing decisions regarding flash memory storage arrays. DCIG is now in the process of creating a buyer's guide for hybrid flash/HDD storage arrays that should become available this summer.

Small and Midsized Enterprise's Five New Criteria for Selecting Virtual Machine Backup Software

Thu, 25 Apr 2013 08:00:00 -0600

Identifying a virtual machine backup software solution that delivers on the intangible new features that a small and midsized enterprise (SME) needs to backup and recover its virtualized environment is easier said than done. The DCIG 2013 Virtual Server Backup Software Buyer's Guide identified and evaluated over 20 virtual server backup solutions with more than 150 different features. The trick for SMEs is to identify which of these 150 features match their specific needs and then select a backup software solution that delivers on them.

The five features that SMEs specifically need to verify that the backup software offers include:

1. Available as an Appliance. Making the backup software available as an appliance (physical or virtual) may sound almost tangential to the entire topic of SME selecting the right backup software for its environment. But as a former system administrator who has worked for both small and large enterprises, I often first spent weeks if not months sizing and acquiring the right hardware (servers, operating systems, networking and storage) to host the backup software. Then once the hardware was acquired, I spent additional time installing and configuring the hardware and backup software

Having the backup software available as a physical or virtual appliance reduces the time required to put the backup software into production to as short as an hour or less. A physical appliance only needs to be powered up and connected to the network. Installing a virtual appliance only requires that its Open Virtualization Format (OVF) file or package be installed on an existing hypervisor.

2. Comprehensive VMware vSphere Support. Say all you want about putting in place a single backup software solution but the need for it to provide comprehensive support for VMware vSphere remains a prerequisite.

Most SMEs will use VMware in some capacity and many will initially start out with it. While they may over time deploy other hypervisors to protect applications in testing and development, SMEs tend to give vSphere the initial nod for hosting their production applications since it is the most proven and well-known hypervisor.

A specific point of vSphere integration that organizations should look for in backup software is its support for the VMware APIs for Data Protection (VADP) and its Changed Block Tracking (CBT) option. Once CBT is turned on, vSphere tracks changes on a VM disk with minimal performance impact to the VM. Then when a backup occurs, the backup software communicates with vSphere to get a snapshot of what blocks of data have changed since the previous backup. Since vSphere has a record of these changes, the time it takes to backup an individual VM is reduced to seconds. Further, it minimizes the need to put a backup agent on each VM which simplifies backup administration.

3. Full Featured Backup Technology. SMEs looking to protect their entire environment (virtual or physical) using a single backup software product need one that offers the right set of features to address their specific needs. This is where products that started out protecting physical environments but have evolved to also protect virtual environments actually have an edge.

Granted, they need to offer support for the other hypervisors such as Microsoft Hyper-V and Red Hat Linux that are starting to find their way into SME environments. But these solutions also are more likely to offer support for physical and/or guest operating systems such as Mac OSX, Novell, and Sun Solaris in addition to the standard Linux and Windows operating systems that nearly every provider supports.

4. Robust Management Functionality. SMEs may only have a few staff to manage their entire IT infrastructure. In their roles they are usually forced to remain IT generalists who rarely if ever have time to become product specialists. As such they need a solution that requires no training, and is self-managing once it is setup and deployed with an interface that is easy to access and features that are easy to use.

For instance, every organization faces the ongoing task of protecting new virtual machines (VMs) as they are created. As part of simplifying the protection of these VMs, backup software should automate the ongoing detection and configuration of VMs for backup. This ensures the entire virtualized environment remains fully protected over time.

Application recoveries go hand-in-hand with managing backups in virtualized environments. One of the more pleasant aspects of virtualization is the ease in which SMEs can recover applications. This ease of recovery puts a heightened focus on having application consistent backups so SMEs may restore them in support of initiatives such as disaster recovery or testing product fixes or upgrades before they are applied on production VMs.

5. Robust Replication. Fast VM restores are only part of what SMEs expect a new backup software solution to deliver. Virtualization also makes it much easier to replicate and recover data offsite. This aspect of virtualization opens the door for SMEs to check off a "To-do" that has been on their wish list for many years: a viable disaster recovery plan. However this is only possible if the backup software provides a viable replication solution.

On the surface, different backup software solutions may sound alike in terms of their ability to copy or replicate backup jobs offsite. The differences emerge in well how they execute on that process. Simply copying all of the data in a single backup job to another site may work but will not meet enterprise-class disaster recovery needs. The backup solution should enable customers to schedule multiple full, incremental and differential backup jobs for replication in order to meet disaster recovery requirements. In addition, additional features are needed to ensure that the replication job is done efficiently and completed in a timely manner.

The backup software needs to provide replication that monitors available WAN bandwidth and adjusts the flow of data being replicated. Further, to minimize both the amount of data being replicated and how much WAN bandwidth it consumes, it should only do byte-level data replication, replicating only data that has changed since the completion of the previous replication job.

To read about all of the criteria that small and midsize enterprises should consider when making a virtual server backup software buying decision and which product may be best suited for your environment, download the NEW DCIG Head-to-Head Product Report, (Note: this link will take you to a sponsor's site.)

Choosing the Right Appliance for Cloud Backup; Interview with STORServer's Jarrett Potts, Part II

Wed, 24 Apr 2013 05:00:00 -0600

Just because a backup appliance can back up and recover data to the cloud does not mean they all do so equally well. Further complicating the decision process, some companies back up to their own private cloud while others opt to back up and recover from public clouds. In this second part of my interview series with STORServer's Jarrett Potts, we examine how backup to public and private clouds differ and what features a backup appliance needs to offer to meet these different requirements.

Jerome: What features separate backup appliances intended for use in private and public clouds?

Jarrett: The thing about STORServer specifically, and Tivoli Storage Manager in general, is that they both possess the same abilities to separate data so you can separate data within the same machine.

With a public cloud, for example, I could have multiple different vendors' worth of data in the same backup appliance. The only data that they can see and access is their own because of the security and user IDs and group IDs of all the nodes that come in. That has been around forever as the concept was born in the mainframe world and then passed on down to Unix and then to Windows.

In the last few years user security basically drives what you can see and what you cannot. STORServer, of course, adopts that same model and, as users come in, they could only see their own data. That is the public cloud.

The private cloud is the same way in this respect: Users can only see their own data. The administrator, of course, is able to see everything. However, in the private cloud we can guarantee that data will not be able to get outside the private cloud which makes it different than the public cloud as there is no sharing of resources.

You have a dedicated resource, a dedicated appliance, a dedicated disk drive, and you are not sharing with anyone else. In the public cloud you may be sharing a backup appliance with someone else.

In both cases data would be safe as it would be encrypted and unavailable to anyone else to log into and see. However, the resources would be shared amongst the other two or four different customers.

Jerome: STORServer recently announced a data recovery guarantee. Can you elaborate on that?

Jarrett: The data recovery guarantee applies to any systems that are on a customer site. If the customer has a local system that backs up, STORServer guarantees that we can recover that data. Please note: data that is pushed into cloud and goes over public wire, STORServer cannot guarantee that we can get it back because of it being a public wire. STORServer cannot guarantee that the public wire is going to be available. Can we recover the data if the infrastructure is there? Absolutely!

But that data recovery guarantee, that specific legal requirement that STORServer has, is basically for systems that are onsite. Certain requirements must be in place. Private and public clouds both depend on resources that STORServer cannot control so there are instances where this may not apply, but it mostly does for private clouds.

Jerome: Are there different product roadmaps and testing that you take and/or conduct internally to accommodate the different scenarios that emerge for private and public clouds?

Jarrett: Every customer always wants the cloud offering these days, so STORServer always tests both the appliance and the connection across the wire to that appliance. STORServer wants to make sure that the data the customer wants to push out to the cloud can be pushed from their location to whomever their cloud provider is, whether it's STORServer as their cloud supplier or if they have a business partner they would rather work with. STORServer has to test to make sure that the bandwidth is available.

STORServer also tests the connectivity from the business partner back to the client to make sure that recovery can happen as fast as the customer needs it. Most customers have some requirements as to how fast they need their data back so we test against that.

STORServer, which provides the physical machines that do the backup and recovery or the data protection, tests its appliances while they are still at STORServer. We then test them again at the business partner to guarantee the robustness and reliability of the actual appliance itself. It is that test that provides our customers the information they are most interested in: the bandwidth regulation across their connection to their cloud provider.

Jerome: Do you have any advice for people considering public versus private cloud?

Jarrett: This may sound goofy but I recommend the same thing I do with my kids. I recommend they write down everything they need, everything they want, and everything they would like to have. This gives them three lists before they even think about selecting a provider for backup and recovery as a service or to the cloud.

If a customer needs near instant recovery, public cloud is not a fit. If the customer is okay with 12 or 14 hours to recover a file system, then maybe it is. One of the aspects about cloud backup that I always make sure they understand is that time is money.

Backup to the cloud is great and well but recovery is extremely important. If you can't recover your data, then who cares whether you back it up or not?

Recovery needs to fit into what they want. So while they can shrink the amount of time it takes to recover by beefing up your infrastructure, it takes money to beef up their infrastructure. So, the shorter their backup and recovery requirements are, the more expensive their infrastructure will be. I always make sure our customers understand these tradeoffs when they go to the cloud. It may be speed, it may be flexibility. With STORServer, it is definitely not flexibility, but because the data is going across a public wire, they may be giving up some speed.

In Part I of this interview series we took a look at how backup to the cloud is coming into its own.

In the third and final part of this interview series, we take a look at best practices for configuring an appliance for backup to the cloud.

Threat Detection is the Next Frontier in Data Security: Final Thoughts from Symantec Vision 2013

Fri, 19 Apr 2013 05:00:00 -0600

In the last few years security has shifted from being an issue that organizations only deal with when a crisis occurs to one with which they must now daily confront. This is putting pressure on organizations to stop taking a knee jerk reaction as their means of ongoing security management and instead adopt a systematic approach to effectively deal with both external and internal threats. The problems that internal threats present and why they are so difficult to detect were openly discussed this past Wednesday morning during that morning's keynote at Symantec Vision 2013.

I have worked for organizations of all sizes (small, medium and large) in both the public and private sectors. If there is anything I learned over that period of time, security tended to (and still too often does) play second fiddle to other business priorities.

This approach is driven in large part by the sensationalized nature of security breaches. Incidents where companies such as Sony are hacked and credit card information taken almost always resulted in other organizations scrambling to make they were not susceptible to the same type of threat and then taking action if they were.

But over time the resolve to stay ahead of potential threats tended to fade. After the first wave of action was taken, focus on security tended to shift to maintenance mode with any future substantial security updates then driven by another external crisis. Thus the cycle became a crisis would occur, security enhanced if needed, the crisis passes, the public forgets, the system (hopefully) survives and other projects compete for dollars needed to enhance the corporate security infrastructure resilient.

Thankfully that mindset seems to have eroded in recent years - at least in larger enterprises. While security enhancements and purchases are still too often reactions to data breaches after they have already occurred, the Internet and the growing cyber security threat has forced larger organizations to maintain a proactive posture when maintaining their corporate infrastructures to ensure data breaches never occur.

Yet as anyone knows security is only as good as the weakest link or links as the case may be. Today those weak links are finding their way into today's most secure infrastructures making them vulnerable to attack in ways that are not easily to detect. As individuals increase the number of mobile devices (phones, laptops, tablets and even thumb drives) that they use and bring to work, it renders useless traditional methods that organizations use to protect their intranet "perimeter."

These devices may be hostile in two ways. First, they may contain software that the individual does not even know presents a threat to his or her company. In these cases, it is incumbent upon the organization to have defenses in place to detect this malicious software and then protect the company from the havoc that it can potentially create.

More troubling are those individuals (employees or otherwise) that enter a premises with a malicious intent. This could spell trouble in two possible ways. They could have a mobile wireless device that they use to hack the network. Alternatively, they may present themselves as a trusted individual carrying one of today's small portable storage devices with tens or even hundreds of GBs of storage. In this case, they may not even need network access. Using it they can potentially copy and carry offsite unprecedented amounts of data without anyone knowing it ever occurred.

It is this new type of security threat that companies need to step up and address as it requires them to detect this threat from inside the firewall. This is an angle of data security that enterprises are often ill-equipped to handle. While every corporation expects attacks to come from the Internet (and Symantec even used the term 'Cyberwar' to describe this segment of the keynote,) these internal attacks may present an even larger risk of data loss or compromise than from those that now originate from the Internet.

More disconcerting, the data accessed or compromised by these attacks may never be detected or discovered. During the keynote presentation, Adventist Health System's Corporate Data Security Officer, Sharon Finney, made the observation, "No offense to my DBAs but they present my biggest security risk since they have access to all data in an unencrypted format."

Aggravating the situation in terms of detecting such data breaches, no benchmarks yet exist as to what constitutes "normal" patterns of data access. Even if an organization did detect that a large amount of data was being accessed and then copied from one storage device to another, the rules governing such data movement are yet to be defined. As a result, a detection of such data access and movement may still not prevent a data breach from occurring since there is no sense if this activity is normal, especially if it is being initiated by a "trusted" source inside the corporate network.

Yet a third problem that Symantec has seen is the existence of malware that sits dormant inside of organizations for up to a year or more before carrying out its evil intentions. These are often almost impossible to detect because, as HP's VP of Enterprise World Security Services Sam Chun points out, "Highly sophisticated organizations are developing this software."

The world of security has changed significantly in the last few years. While most large organizations understand and recognize the threat that the Internet presents to their business and have put in place measures to counter those threats, they are still ill-prepared to deal with and manage the threats that originate from within. Yet it is these threats that may be ultimately prove to be far more dangerous than anything that they have dealt with to date and which the tools that they need to adequately protect themselves are still in their infancy.

Backup to the Cloud Coming into Its Own: Interview with STORServer's Jarrett Potts, Part I

Thu, 18 Apr 2013 10:00:00 -0600

Backup and the cloud are becoming increasingly linked as they solve two issues that have plagued organizations for years: automating the movement of data offsite and providing a cost-effective means to store it there. But just because one can back up to the cloud does not mean all solutions do so equally well. In this first part of an interview series with STORServer's Jarrett Potts, we examine what specific features a solution needs to offer to effectively back up to the cloud as well as how the solution needs to be constructed.

Jerome: Jarrett, thanks for joining me today and taking time out of your schedule to talk to me about some current trends in backup in general and backup appliances specifically. To begin, can you please tell me a bit about yourself and your background?

Jarrett: Jerome, thanks for having me and giving me this opportunity to talk about this important topic. My name is Jarrett Potts and I am STORServer's director of marketing. I am responsible for all STORServer sales and technical marketing.

Prior to assuming this position I was with IBM for nearly 18 years. I did disaster recovery for IBM Global Services for multiple products to include Tivoli Storage Manager (TSM). Eventually I became responsible for storage enablement for IBM storage products which I did for about 11 years and included teaching classes about these products around the world.

Jerome: Clearly you have been around the industry for a long period of time which gives you a rather unique perspective on the IT industry. Since you have been so close to TSM during that period of time, what specific changes are you seeing in backup as a result of clouds coming into greater acceptance and use by organizations?

Jarrett: Storage protection or data protection for the cloud is growing up and coming into its own. In the past it has not really been a viable option. Until recently, customers only had the ability to send smaller amounts of data to the cloud and protect only a fraction of their total environment.

That has changed thanks to some of the technologies that are used, such as incremental forever or subfile backups. These limit the amount of data that has to go across the network on a daily basis which has really made backup to the cloud a more viable option. Further, the average speed of a broadband provider and the web in general has increased dramatically.

That is not to say all services that are in the cloud require lots of bandwidth. Services such as security and maybe email do not really transfer TBs of data on a daily basis. It is only when you transfer TBs of data on a daily basis that you have to be very cognizant of recovery time objectives (RTOs) and recovery point objectives (RPOs) .

Backing up to the cloud forces you to ask questions like, "How long will it take to get your data back?" and "How much data are you willing to lose?" If you back up once a night and you fail in the middle of the day and have to recover your data, you have lost about 12 hours worth of data because that data has not been backed up.

The way of course to shorten this is through the use of incremental forever backups (sometimes referred to as continuous data protection) as well as through the use of compression and deduplication technologies. These have really brought data protection into the cloud.

Frankly, data protection has been doing the cloud forever. It was first via private cloud technology where you were going from one site to another. But it was usually done across dedicated networks, and not going across quote "public wire" or "the internet."

This is not a new trend for STORServer. However it is new for IT as a technology and a discipline that they need to catch up with because of the amount of data that backup transfers to the cloud. This is a discipline that IT will need to quickly come up to speed on in light of how the economics of the cloud are driving this growth of the cloud in general and backup specifically.

Jerome: As companies increasingly backup to the cloud, are you seeing ay correlation between the growth of clouds and backup appliances?

Jarrett: Backup appliances match the cloud offerings that cloud service providers (CSPs) want to make available. CSPs are looking for ways to provide customers turnkey solutions, without having to invest a lot of time and money into them. The appliances that STORServer has put out there are specifically tailored to not overburden the CSPs while providing an extremely easy interface for customers to protect their data.

STORServer is of course a little different because of its incremental forever piece. STORServer transfers so much less data than others. But the cloud environment in general, the worldwide cloud environment, is still growing so the concerns that a lot of cloud providers have is, "How much is too much data to transfer across the network?"

That will probably be addressed in the next year with some of the technologies that have come forth like incremental forever and the ability to scale bandwidth up and down from some of these service providers. This will result in better recovery time objective and better recovery point objectives just by simply utilizing the technologies that are already out there.

To back up to the cloud one has to align the appliance, the provider, the internet, and by that I mean the infrastructure of the internet, and the customer. The appliance makes that fairly simple. If a CSP has to do a recovery, it has to have the ability to enlarge the pipe of data flow according to a customer's needs so that faster recovery can be done if it is a production server.

If it is not a production server, maybe they do not enlarge the pipe or maybe they actually keep it at a smaller size because they do not need the recovery to happen as fast. That is all in line with what appliances offer. Appliances are very flexible and very scalable, which are a natural fit for the cloud and explain their rapid growth and adoption in recent years.

In the second blog entry in this series, we will take look at how backup appliances intended for use in private and public clouds differ.

Saying "No" to the Cloud May be an Early Indicator of Digital Darwinism for You or Your Business - Insights from Symantec Vision 2013

Wed, 17 Apr 2013 14:30:00 -0600

Few if any in IT dispute the reality of the cloud or the impact that it is having on businesses. But too many in IT are still prone to say "No" to cloud deployments in THEIR business out of fear of the unknown associated with the cloud. This mindset is now becoming more dangerous as it may turn into a self-fulfilling form of digital Darwinism for you and/or your business.

A recent survey of 1300 IT decision makers across 13 countries performed by Insight Express that was commissioned by Cisco found that over 70% of these individuals planned to leverage cloud services in some way. Whether it was using the cloud to host storage (25%), ERP (20%), email (16%) or some other web-based application, these survey results reveal that most organizations move to the cloud is real and undeniable.

Granted, there were some results in this survey that the cloud gives these same organizations pause. For instance, 60% of those planning to migrate their email to the cloud and 59% of those planning to migrate their storage to the cloud put their plans on hold. This suggests that even those who have firm plans in place to move to the cloud are not doing so with reckless abandon. Rather they take a careful, thoughtful approach. Then, as they encounter unexpected obstacles, back off on their migration plans until they address those challenges.

These results raise two important questions:

First, what challenges are they encountering that give them pause?
Second, why are only 70-80% planning migrations to the cloud and not 100%

The survey did not answer either one of those questions. However, this morning's keynote panel presentation at Symantec Vision 2013 provided some insight into what these challenges might be and what might happen to those businesses that fail to take advantage of the cloud.

On the first point, Symantec's Senior VP and Chief Strategy Officer, Angela Tucci, speculated during the panel session that security is probably the main reason that companies are not adopting the cloud (private or public) in greater numbers. Fujitsu's CTO for Application Services, Cloud and Strategic Solutions, Dr Alex Bazin, also chimed in and said, "IT must change its mindset from just feeding and watering servers to enabling business value. To do this, it must identify service providers that give them the option to say 'Yes' to business initiatives."

Despite Tucci's security concerns and Bazin's observation that IT needs to change its mindset, research indicates that expenditures on cloud services in general and cloud storage in particular is poised to explode in the years to come - presumably once these security concerns are overcome. Tucci specifically mentioned how Amazon Web Services (AWS) is poised to hit $10 billion in revenue by 2016 and $20 billion by 2020. This would make Amazon a larger software company than Symantec.

As to why only 70-80% of businesses are planning for the cloud rather than 100%, Bazin's thoughts give some insight into what is going on in businesses. IT is often overwhelmed dealing with operational issues and day-to-day firefighting. As a result it is easier for them to say "No" than take time to fully equip and prepare either themselves or their business for migrating to and adopting the cloud.

Those who take this latter approach may find this to be their undoing. In light of the amount of value that the cloud offers to businesses, businesses are going to pursue the cloud with or without their IT staff. Bazin warns, "IT must work with the business on defining the business path to the cloud. If IT does not, businesses will do it without IT which will likely result in a much less secure cloud."

Tucci was more direct that Bazin. Saying "No" to the cloud is in essence a potential death sentence to your career and even your business. She points out, "The cloud is inevitable and if you are not planning to adopt it, you need to ask yourself, 'Why?' Digital Darwinism is going on right now and those who fail to plan for the cloud might find either their career or their business laid waste by failing to adopt it."

IBM Validates Systemic Data Center Savings Enabled by Flash Storage

Fri, 12 Apr 2013 09:15:00 -0600

DCIG has for some time been recommending the adoption of flash storage in the data center as a way to achieve substantial overall savings and ROI. As part of the April 11 announcement of the IBM Flash Ahead Initiative, IBM revealed that a flash-storage-enabled rethinking of the data center can generally achieve savings of over 30% in data center hardware and software costs. This finding affirms DCIG's belief that Flash Memory Storage Arrays are poised to address not only special I/O-intensive use cases, but to begin displacing traditional storage arrays in many data centers.

Businesses spend a lot on IT, but have an opportunity to reduce data center costs by 30% or more if they will step back and think about the data center as a system rather than as a collection of separate sub-systems. In an article cited by IBM, the three year cost of ownership for a data center went from $7.1 to $4.9 million based on a flash storage expenditure of $638,000; delivering an ROI of less than 11 months.

Elements of ROI Quantified:

Software licensing costs reduced by 38%, from $4.9M to $3.2M, a savings percentage IBM confirmed in their work with other clients. These savings were achieved because fewer cores/servers are needed to handle the same workload.
Environmental costs reduced by 74%, from $377K to $98K, including power, cooling and floor space.
Storage management overhead reduced by 35%, from $1.1M to $723K, through simpler management tools.

Significantly, the 30% overall savings almost certainly underestimates the actual business benefits that were achieved because it does not include enhanced business productivity in the calculation. David Floyer recently reported that Revere Electric Supply--a company of about 200 employees--was able to improve critical system response times so much that they were able to grow their business 20% without adding any headcount whatsoever. He further observed that the flash storage system could be directly attributed with avoiding the need to hire between 10 and 40 additional employees--results consistent with other IBM research.

More good news. Flash memory can sometimes be brought into the data center without major investments. In the case of Revere above, the flash memory storage was less expensive than the maintenance cost of their former SAN.

In a similar way, when serving as the IT Director at a private university I approached a scheduled ERP server upgrade from a systems perspective. Through the use of solid state storage, the new server achieved a 10x improvement in IOPS at an acquisition cost that was 20% lower than the traditional server plus disk array approach. The resulting improvement in response times--one department manager called it "spooky fast"--noticeably increased staff productivity and enabled the university to implement a student-facing self-service web application that simply would not scale using traditional disk storage.

Five scenarios where it makes sense to evaluate flash memory storage now:

Poor performance of an existing core business application. Significant business productivity gains may be possible if many people use the application and it is routinely delivering response times greater than 3 seconds.
New business/IT initiatives in any of the high I/O demand areas like VDI or analytics that are likely to be hampered by the performance characteristics of the current storage infrastructure.
Virtualizing a data center for the first time. Smart moves now can VDI-proof (and otherwise future proof) the storage environment.
Approaching end of lease on servers, storage systems or data center facilities.
Considering building another data center because maxing out space/power/cooling capacity in current facilities. Flash memory can reduce capacity requirements by 75% or more and may enable the business to avoid the many costs of building and owning another data center.

Any IT leader who will rethink their data center as a system will probably discover that flash memory storage could simultaneously reduce data center costs and increase business productivity. A good starting point for researching available all flash arrays is the DCIG 2013 Flash Memory Storage Array Buyer's Guide. DCIG is also in the process of creating a buyer's guide for hybrid flash/HDD storage arrays that put flash memory in front of high capacity disk drives to achieve a balance of performance, cost and capacity.

BYOD and MDM Drive Need for a New Buyer's Guide

Fri, 05 Apr 2013 08:30:00 -0600

Information Technology Divisions (I.T.) traditionally does not deal with securing a device that has not been issued and controlled by them. Bring Your Own Device (BYOD) has exploded across industries. Rapid adoption of iPhone and Android devices displaced Blackberry Enterprise Server (BES) in the mobile enterprise email space. Adoption of new devices drives the need for Mobile Device Data Management software to assert control.

For example, in Microsoft client and server networks everything had matured to the point of predictability and most devices were handled within similar user, device and data security controls boundaries. I.T. is generally unprepared for the demands from BYOD, resulting in increased risks. I.T. continues to struggle with user requirements to use their own devices with local to global mobility.

In that regard, uncertainty around how to best manage security and regulatory risks spawn a new approach to securing mobile devices. Mobile Device (Data) Management (MDM) software brings the promise of I.T. control while allowing the user satisfaction advantages of BYOD.

MDM vendors are quick to step in to emulate the secure transfer and storage of email provided by legacy software and devices, i.e. BES. I.T. soon found that device risks went well beyond email as a comprehensive broader functionality and mobility proliferated.
There are over thirty (30) MDM software solutions to choose. Like all buying scenarios, too many choices create confusion. Confusion about how best to approach MDM software purchases remains prevalent. There are at least eight (8) major areas of concern. Each area consisting of multiple crucial questions:

Infrastructure - How should I.T. deploy MDM (e.g. On premise, Cloud based or a Hybrid)?
Security - Can I.T. detect and manage Jail broken or rooted devices? Can I.T. force encryption options for data-at-rest and data-in-flight? Can data be wiped off of a device, without wiping an entire device?
Device Support - What devices should an enterprise support (e.g. Apple IOS)? Can we consider devices of different operating system (e.g. IOS 3, 4, 5, 6)
Lost or Stolen Devices - Can lost or stolen devices be managed to reduce data breach risk?
Scalability - Can I.T. effectively scale a software solution to meet user mobility demands?
Ease of administration - Can I.T. enforce device policies? Does I.T. need to physical touch the device in order to effectively manage security?
Applications - Can we blacklist applications on devices? Can applications be deployed from within our Enterprise (e.g. Private App Store)?
Alerting and Reporting - Can we effectively report on new devices, devices with blacklisted applications, etc?

While I.T. grapples with choices across multiple software products, users want choice in their devices. Business leaders faced continued pressure to satisfy users in an effort to hire the most skilled. Wireless access and mobility is quickly becoming the preferred access method for all users.

In May 2012, Mark Fidelman of Forbes reported the following;

More than 50% of network devices ship without a wired port
By 2015, there will be 7.4 Billion wireless devices
1.2 billion smartphones will enter the market over the next 5 years
Enterprise tablet adoption will grow by almost 50%
By 2015 mobile app development will outnumber PC projects by 4-to-1

While Business Leaders view mobility as a productivity driver and hiring tool, BYOD will only increase importance. Mobility will drive the enterprise and users will continue to demand choice for mobile data access. This mobility perimeter shift drives the demand for securing wireless access, user access, and management of the end-points. MDM is poised to continue an increase in importance.

It is for this reason DCIG has begun the development of an Inaugural Buyer's Guide on Mobile Device Management. As with all Buyers' Guides, this guide will help users assess and understand available MDM products in the market.

DCIG has defined the inclusion and exclusion requirements for this guide (subject to change):

Product must be shipping by 4/15/13
Product must be marketed as MDM
Must provide functionality as original software, not OEM
Must support functionality through software, not services
Must support Android and IOS, may support Windows 8
There must be sufficient information available to DCIG to make meaningful decisions.

After meeting these requirements, DCIG expects to weight, score and rank over 30 vendor products from Basic to Best-in-class against these categories (subject to change):

Security and Compliance
Operating Environment
User Experience
Management
Support

DCIG understand the need for these sought after Buyers' Guides. In that regard we expect to publish the DCIG 2013 Mobile Device Management Software Buyer's Guide in Q2 2013.

HP Client Virtualization Reference Architectures Help to Put Rocket Scientists on Unemployment Lines

Wed, 03 Apr 2013 05:00:00 -0600

The allure of client virtualization is the promise that it can deliver a robust corporate desktop experience to any user at any time or place using any device. The reality is that to date client virtualization deployments pretty much required rocket scientists to configure, implement and manage them, especially when it came to the underlying storage architectures upon which they are based. That has changed thanks to new reference architectures such as what HP now offers that transform client virtualization initiatives from complicated white board sessions into turnkey, business-ready solutions.

Client Virtualization's Reality Fails to Match Its Early Promise

The promise of client virtualization has been there for years if not decades. I was one of its early adopters using Citrix WinFrame in 1996 citing some of the same reasons for deploying it that are mentioned today. These include:

A desktop-like experience minus the headaches of physical desktop management
Anytime, anywhere access of applications on any device
Centralized management and control of application data
Fast deployment of new applications
Higher levels of data security as data stays centrally located remaining in the data center

It was for reasons like these that the Gartner analyst firm predicted that by 2013 49 million client virtualization units would ship.

Yet the reality of client virtualization has failed to meet its early hype. In 2011 an IDC analyst report forecast that only 8.3 million client virtualization units would ship by 2015 while an updated 2012 Gartner report found that client virtualization had penetrated only 2% of the desktop space.

The Three Forces Impeding Client Virtualization's Adoption

Three forces continue to impede client virtualization's adoption:

1. Business pushback. PCs and laptops continue to drop in price making it difficult for companies to illustrate the return on investment associated with client virtualization. Enterprises expect client virtualization to lower their costs so they are minimally on par with desktops and ideally cost less.

To date this has not occurred. The North Dakota Information Technology Department found the cost of a virtualized desktop to be 1.4 - 1.7 times the cost of a physical desktop. These costs largely result from the need to put in place an IT infrastructure that delivers a virtualized desktop experience that is equivalent to a physical desktop. Yet delivering this experience comes with an upfront capital cost that businesses have felt obligated to push back on.

2. IT complexity. To date client virtualization has epitomized IT complexity. Client workloads are poorly understood, there is little visibility into the infrastructure and solutions are inappropriately configured to deal with the peaks and valleys associated with client virtualization performance.

Amir Husain, the President of VDIworks, a client virtualization software company, writes, "Customers have to be pretty close to rocket scientists to figure out the storage requirements for any client virtualization initiative they undertake."

3. Poor user experience. Users have grown accustomed to the desktop experience so when they encounter a sub-standard virtualized desktop experience they naturally push back. Aggravating the situation, IT has had even fewer tools to support them in this new environment than they had with their physical desktops which further contributed to their reluctance to accept and adopt it.

Reference Architectures Answer Client Virtualization's Concerns

The answer to these concerns is found in reference architectures that standardize how enterprises deploy and support their client virtualization infrastructures. Encompassing networking, servers, and storage hardware as well as the client virtualization software, reference architectures offer base line configurations that help ensure the resulting IT infrastructure is cost-effective, easy to deploy, and then performs well and remains easy to manage and support over time.

HP Client Virtualization Reference Architectures are prime examples of how reference architectures can drive the cost and complexity out of client virtualization deployments. Available for VMware Horizon View and Citrix XenDesktop, organizations may follow either of one these client virtualization paths using an HP reference architecture that matches their initial requirements which they may then scale over time.

Making the HP Client Virtualization Reference Architecture notable is that organizations may predictably scale their environment by mapping their requirements to the exact hardware they need to deploy. For instance, each HP ProLiant BL460c Gen8 blade can host up to 100 virtual desktops which helps organizations know almost exactly how many physical server blades they need for their specific client virtualization deployment. Yet the real benefit that HP Reference Architectures offer is how they simplify and reduce the costs of the networking and storage components of client virtualization deployments.

Rocket Scientists Need Not Apply

The trickiest and most sensitive aspect of any client virtualization initiative is configuring the backend storage system and accompanying storage network. Acquire too much networking and storage capacity and the costs for client virtualization can quickly escalate so that they exceed the cost of desktops. Acquire too little and virtual desktops will underperform and sour users on their client virtualization experience.

HP Reference Architectures based on the HP 3PAR StoreServ Storage systems drive the cost and complexity out of configuring and managing this critically important part of the client virtualization deployment using the following technologies:

Wide striping. By distributing data across all of the disk drives on the HP 3PAR StoreServ Storage system, virtual desktops benefit from the aggregate performance of all the drives on the system.

Dynamic optimization. Organizations generally walk before they run when deploying any new technology. The challenge this presents in client virtualization initiatives as technology that may work fine in small deployments may fail to perform or scale as the environment grows.

The HP 3PAR StoreServ Storage Systems overcomes these concerns. Organizations may start small and then add more storage to support more virtual desktops using the HP 3PAR Dynamic Optimization feature. It redistributes data across existing and new drives to maintain and even improve performance as the client virtualization deployment grows.

Scale-out performance. Bringing more virtual desktops online adds to the load of the storage system's controllers. The mesh architecture of the HP 3PAR StoreServ Storage system complements its dynamic optimization feature by giving organizations the flexibility to introduce more controllers (up to eight) to maintain and improve the storage system's performance over time.

No storage networking. Storage systems are often dedicated to client virtualization deployments. In light of this, the HP 3PAR StoreServ Storage systems include a Flat storage area network (SAN) feature. Using a Flat SAN, organizations may directly attach servers to the HP 3PAR StoreServ Storage system to further reduce their client virtualization complexities and costs.

A manageable infrastructure. A big key to keeping client virtualization's costs and complexity under control long term is monitoring and managing it. Using the respective management consoles for the HP BladeSystem and HP 3PAR StoreServ Storage systems, organizations can put in place policies that alert them to when specific performance thresholds are being crossed and even automatically take action based on these preset policies.

HP Reference Architectures Make Client Virtualization Deployments a Business Reality

Anytime, anywhere access to corporate desktops using client virtualization may be the future. However enterprises can only deliver this new reality if they can put in place a backend IT infrastructure that can be cost-effectively deployed and managed without requiring the use of a rocket scientist to do so.

HP Client Virtualization Reference Architectures based on the HP BladeSystems and HP 3PAR StoreServ Storage systems help to make this vision a reality. They eliminate the costs and complexities associated with client virtualization by creating a new reality where client virtualization deployments do more than facilitate anytime, anywhere access to corporate data. They ensure that the backend infrastructure is constructed in such a way that any business can confidently and effectively manage it without keeping a rocket scientist on staff to do so.

PHD Virtual's ReliableDR Adds DR Assurance, Subtracts Cost and Risk

Tue, 02 Apr 2013 13:00:00 -0600

PHD Virtual's recent acquisition of the ReliableDR product is a win for businesses stuck in a manual approach to disaster recovery (DR). PHD Virtual Backup already provides VMware environments with reliable backup, replication and recovery tools. ReliableDR adds service recovery testing against RPOs/RTOs and disaster recovery orchestration to enable businesses achieve what PHD Virtual calls "DR assurance".

A number of years ago our local bank was robbed one morning, but the thief was apprehended just moments after leaving the bank. How did the bank manage that? It turns out that just two days before the robbery the bank had gone through a drill rehearsing what each staff person should do in the event of a bank robbery. With the rehearsal fresh in their minds, everyone executed their roles flawlessly.

Unfortunately, most disasters do not occur immediately on the heels of a DR test. Because of the direct costs and opportunity costs, DR testing is done infrequently - quarterly, semi-annually or annually. Because testing occurs infrequently, many months may separate an actual disaster event from the most recent recovery test - months during which many changes to the IT environment or even IT personnel may have occurred.

If your systems went down, would your company be able to get them up and running again within a timeframe that meets your business requirements? If your IT Manager was one of the 500 respondents to a February 2012 IT Manager Survey, the unhappy answer is, "Probably not." Although half recognized that a data restore problem could put service level agreements with customers at risk, 68% indicated their data was vulnerable in the event of a disaster.

Beyond the basic ability to recover data, the speed with which applications and services can be recovered can have significant bottom-line effects. Research from Emerson Network Power reported that businesses lose an average of about $5,000 per minute in an outage. When it comes to service recovery, speed matters.

Disaster Recovery Challenges

In response to business needs, IT services are both proliferating and becoming more complex, with a growing set of interdependencies. These dynamics make DR planning and testing more complex and costly, too. They also add business risk because DR plans/runbooks may not be updated in a timely way to account for new interdependencies - even if an organization has enough operational discipline to recognize that a particular change will need to be reflected in the DR plan.

The traditional manual approach to DR testing is time consuming, costly, and - ironically - includes some risk of service disruption. Therefore DR testing is done infrequently.

In some industries, the existence of a DR plan no longer suffices for auditors or regulators. Instead, auditors demand proof that DR plan will achieve required recovery point and recovery time objectives. This regulatory compliance trend is likely to spread.

Finally, in the event of an actual disaster, one element of DR risk is that key personnel may simply not be available at the time when business services need to be restored.

Given the above dynamics, more and more business owners want assurance that disaster recovery processes actually work; they owe it to themselves, their employees, their customers, their investors and other external entities.

ReliableDR

ReliableDR addresses these disaster recovery challenges in the following ways:

It tests not just data restoration, but restoration of IT services and business applications
It automates frequent testing that is non-disruptive to normal operations
It tests and reports against RPO/RTO limits
It orchestrates automated service recovery

Ultimately, businesses care about more than just data restoration--they care about service restoration. ReliableDR is designed to test the ability of an organization to bring business applications back into service within RPO and RTO limits.

Because ReliableDR testing is both automated and non-disruptive to normal operations, testing can occur as frequently as RPO/RTO requirements dictate. Many ReliableDR clients run DR tests daily. As a result, changes to the operating environment that affect DR processes are quickly and automatically discovered.

ReliableDR uniquely tests service recovery against RPO/RTO requirements and then reports the results via a green/yellow/red dashboard. The dashboard makes it possible for owners, managers and IT staff to see at a glance which data and services can be restored within required time frames and which services require some intervention. This frequent testing and reporting against RPO/RTO requirements provides DR assurance to business stakeholders and auditors.

After successful test completion, ReliableDR certifies and catalogs the recovery point. This gives the business a known good recovery point that conforms to its RPO/RTO. These certified recovery points are the data foundation for automated service recovery.

Beyond the benefits that come from frequent testing, ReliableDR's orchestration capabilities can be used to automate service recovery in the event of a disaster. This service recovery orchestration means that either no skilled staff intervention is required, or that service recovery can be completed by a much smaller group of people - and more rapidly - than in the traditional manual DR process. Orchestration reduces both the cost and the business continuity risk associated with a disaster event.

ReliableDR Is More than Just DR

With ReliableDR, the DR site can become a development test bed where software upgrades can be applied against a known good recovery point, and then tested to see if the upgrade would create a service disruption. Thus the business gains an operational benefit from what would otherwise be primarily an "insurance policy" that the business hopes never to use.

ReliableDR speeds implementation and time-to-value compared to competing solutions by including pre-built, application-aware tests for common business applications. Pre-built scripts are currently available for Active Directory, DHCP, Exchange, SharePoint, IIS, Oracle, SQL Server, MySQL, and for all web-based applications.

ReliableDR adds automated testing and DR orchestration on top of existing replication environments. This makes it an especially good fit for organizations that are already replicating data to a secondary data center or DR site and don't want to re-implement their replication setups.

There are very few products on the market that even attempt to solve the problems of DR orchestration and testing for virtual environments. To the best of my knowledge, ReliableDR is the ONLY product that provides such granularity and automation of testing, assured recovery with certified recovery points, as well as business-centric tracking and reporting of disaster recovery performance.

PHD Virtual and VirtualSharp/ReliableDR are Like Peanut Butter and Chocolate

Although ReliableDR is in no way dependent on PHD Virtual's Backup, there are significant synergies between the products. Like peanut butter and chocolate, PHD Virtual Backup and ReliableDR are better together. PHD Virtual Backup provides reliable backup, replication and recovery of virtual machines and individual files. ReliableDR adds service-focused, application-aware disaster recovery testing and orchestration in order to achieve disaster recovery assurance.

In terms of corporate synergies, the two companies had complementary products that can now be sold together. This has the potential to turn two decisions into a single decision/transaction. For customers that license both products, an ongoing benefit will be "one throat to choke" when it comes to data protection and service restoration.

Another synergy of the acquisition is that each company's products will get additional exposure where the other company had better presence in terms of business size (SMB, SME, Enterprise) or region (USA, APAC, EMEA). The acquisition of VirtualSharp by PHD Virtual also brings ReliableDR to PHD Virtual's sales channel and marketing organization; and PHD Virtual to VirtualSharp's storage partnerships.

ReliableDR adds service recovery testing and DR orchestration to PHD Virtual's solid VM and file recovery capabilities. ReliableDR is going to make it possible for many more businesses to more quickly and effectively prepare for - and recover from - disasters, at a cost that is substantially lower than traditional manual approaches to disaster recovery. ReliableDR changes the disaster recovery equation: it adds disaster recovery assurance and subtracts cost and risk.

Scale-out Storage Systems Now Offer Up Multiple Paths for Organizations to Arrive at their Private Storage Cloud Destination

Fri, 29 Mar 2013 12:30:00 -0600

A major objective for most organizations either right now or in the near future is to put in place a private storage cloud architecture to make the storage and ongoing management of their data easier to accomplish. It is for these reasons that many organizations are turning to scale-out storage systems as the preferred architecture to achieve this objective. Here is where it gets tricky. Scale-out storage system architectures have diverged to offer organizations many paths to follow in order to arrive at their desired private storage cloud destination.

Both scale-out storage systems and private storage clouds are still relatively new concepts in the broader storage technology space. The forerunners of today's modern scale-out storage systems, they first started to appear about a decade ago with the term "private storage clouds" emerging about five (5) years ago. However it is only in the last few years that scale-out storage systems have found their way into corporate data centers with the phrase "private storage clouds" becoming part of the corporate IT lexicon.

The big appeal of scale-out storage systems was their flexibility to independently add more capacity or performance while still remaining one logical storage system from a management perspective. Further, organizations could start small only deploying as much capacity or performance as they initially needed and then add more of exactly what they needed when they needed it according to their application/business demands.

This flexibility that these systems offer has become even more important in recent years. As companies attempt to meet Big Data growth and longer data retention requirements, scale-out storage systems are emerging as the preferred solution to deliver on them. They may start with a configuration as small as a few dozen terabytes with this flexibility to grow into the hundreds of terabytes or even petabytes. This flexibility comes with minimal or no increases in management overhead and incremental but predictable increases in cost.

This approach explains why these systems have come to more recently be associated with "private storage cloud" terminology. They most closely reflect what organizations expect private storage clouds to look like.

Granted, there are some purists who say that private storage clouds should have no upfront costs and companies should only pay for what they actually use. That day may eventually come. Until then today's scale-out storage systems define private storage clouds.

Which brings us to an interesting point in time in the evolution of these systems. The first scale-out storage systems were generally based on cluster file system software residing on independent nodes that offer performance (CPU and memory) on one node, storage capacity on a second node or both performance and storage capacity on a single node. This architecture may be found on products such as EMC Isilon, HP StoreAll Storage 9000 and IBM SONAS.

The issue with these products is that while their flexibility and scalability met the needs of large enterprises, small and midsized organizations were unable to afford them. Further, even large enterprises needed the flexibility and scalability features that these scale-out storage systems offered minus their cost for more cost-sensitive applications such as archiving, backup, client virtualization and video surveillance.

This is why in recent years we have seen a number of new providers emerge that provide alternative scale-out architectures that lower the upfront cost while still providing performance that is as good if not even better than these existing solutions.

Two notable entries in this space are Coraid and Gridstore. What makes the scale-out storage systems from these two respective providers notable is rather than using their own nodes to deliver the performance, they move processing of data out to the servers that attach to their storage nodes by installing their own drivers on them.

In Gridstore's case, it refers to its driver as a "virtual controller" that uses its own storage networking protocol to communicate with its storage nodes. Coraid takes a similar though more open approach leveraging the open standard though little used ATA over Ethernet (AoE) protocol to deliver up its scale-out storage solution.

Both of these approaches do create some additional work in terms of organizations needing to install software on each server in order to use their storage solution. However they also remove many of the upfront capital costs out of their scale-out storage solution that these same organizations are concerned about.

They accomplish this by moving the performance costs traditionally associated with scale-out storage solution out to the servers. Since the environments for which these solutions are intended are usually short on cash but are long on server performance and have access to and control over their server nodes, it works out well for them.

It is because of changes like this in scale-out storage system designs as well in how they are perceived that DCIG is making the following changes to the refresh of its 2011 Enterprise Scale-out Storage Buyer's Guide.

1. Changing the name of this Buyer's Guide to the Private Storage Cloud Buyer's Guide.
2. Changing the inclusion criteria to be more inclusive of these alternative scale-out storage system designs.
3. Changing how it scores and weights the features on these products to more accurately reflect how the features in these systems are being delivered.

Scale-out storage systems are an important new storage solution in today's crowded storage system space - so much so that these solutions are achieving a coveted association with the "private storage cloud" terminology. As this transition occurs, DCIG sees it as a necessity to change how it refers to these systems in its Buyer's Guide to better capture how they are being deployed in corporate environments as well as better reflect and capture the subtle but important changes that are occurring in the core of these systems.

Data Center Automation Requires a New Approach to Network Architecture

Fri, 22 Mar 2013 11:56:30 -0600

The need of businesses for greater responsiveness from their IT departments is driving data center automation. Data center automation requires a new approach to network architecture that results in networks that are flat for high performance, multipath for high availability, and open to orchestration for quick provisioning and re-provisioning as application loads move within and among data centers.

Server virtualization changes everything in the data center; but virtualization isn't the goal. As DCIG's president recently asserted, data center automation should be every organization's end game. Automation takes the data center beyond consolidation to create greater agility and availability.

Many organizations have automated the movement of servers and their associated data stores through the use of VMware's vMotion and Storage vMotion. These tools enable continuous application availability during routine server maintenance activities and an improved business continuity and disaster recovery (BC/DR) posture. But network automation lags. According to Mark Fabbi of Gartner, "Automated application provisioning allows applications to be rapidly deployed, but the 'human middleware' of network operations can delay deployment for days or weeks.¹"

Automation is not the only factor contributing to the need to rethink data center networking. Other factors include:

Changing data traffic patterns. According to Gartner, "Traffic patterns in the data center are changing from being predominantly client/server to a significant level of server-to-server flows. By 2014, network planners should expect more than 80% of traffic in the data center network to be between servers.²"
More data traffic per physical host. The new generation of servers with large RAM capacities and many cores permit a doubling of VMs per physical host. New high-performance storage architectures are enabling another doubling of VM density.
The opportunity to simplify and even unify network architectures enabled by 10 GbE and iSCSI.

Established networking vendors all recognize the need for a new data center network architecture and have come to market with solutions based on their own views and strengths. New entrants with super-low-latency switching fabrics have emerged to address business cases where mere milliseconds separate winners from losers.

The new network architecture is flat. In many cases the aggregation tier of switches is completely eliminated from the design. Traffic moves with fewer hops across large Layer 2 domains, eliminating latency from the data path.

New standards enable multiple data paths to be used simultaneously. Spanning tree is out. TRILL, 802.1aq, 802.1BR and 802.Qbg are in. The result is both greater overall throughput and high availability.

At DCIG we recognize that there is a growing dynamic interdependence among data center infrastructure technologies. Just as there is a lot of innovation occurring in storage, the last several years have seen a significant uptick in network innovation. According to Forrester, "The amount of innovation that has transpired within the data center LAN over the last four years almost equals the last 15 years of the campus LAN, branch WAN/LAN, and wireless LAN innovation, and the rapid innovation will continue.³"

Because new platforms and new players have made data center network buying decisions much more complex, DCIG has begun work on a data center switch buyer's guide that we expect to complete later in 2013. As with our other buyer's guides, the goal will be to help organizations make faster and better informed purchasing decisions. DCIG accomplishes this goal by helping organizations identify the features that should matter most to them and then more quickly get to a short list of products that they want to evaluate in depth.

The Data Center is changing, and so are expectations/requirements for data center networks. The move toward an agile, cloud-style approach to IT service delivery that enterprises now expect means that the data center network must join server and storage environments under a unified management/automation umbrella. Because data flows in the next generation data center are primarily server-to-server and server-to-storage, a logical starting point in the move to a new network architecture is within the data center itself.

¹ Source: "Magic Quadrant for Data Center Network Infrastructure," 11 February 2013 / ID Number: G00235303, Gartner

² Source: "Your Data Center Network is Heading for Traffic Chaos, Bjarne Munch," 27 April 2011 / ID Number: G00210674, Gartner

³Source: "The Forrester Wave: Data Center Networking Hardware, Q1 2013," Andre Kindness, 23 January 2013, Forrester

Big Data Finds the Perfect Backup Fit in the Sepaton S2100-ES3

Wed, 20 Mar 2013 08:00:00 -0600

Large enterprises are feeling the pressure of Big Data in every way possible. They have more data to store, more information to access and less time than ever to back it up, secure it and then recover it. It is in this area of backup and recovery that enterprises need better options to protect their data while also alleviating mounting security concerns. The Sepaton S2100-ES3 2925 with its new V7.0 software provides them with the match they want.

Trepidation Accompanies Big Data's Arrival

There is no longer any doubt as to whether or not Big Data has arrived. It is here. A recent September 2012 survey of large enterprises (organizations with a 1,000 or more people) found that they had on average over 12,000 PCs and over 1,000 servers under management. This report also found:

62% of organizations had more than 100 TBs of data
About one third (1/3) expected their data to double in the next 2-3 years
38% of their data was unstructured

This data growth has led to 89% of them creating a dedicated budget for a Big Data backup solution. Unfortunately this line item in the budget has yet to translate into any real spending as 72% have yet to deploy or even test a solution.

While 58% have determined that they are going to use these budgeted funds to expand their data storage infrastructure, they are still hesitant to move forward with testing or deploying any backup solution until they first identify one that:

1. Accommodates accelerating unstructured data growth. While unstructured data may only constitute 38% of enterprise data now, it is growing much more quickly than structured data (over 50% year over year.)

2. Accommodates continued structured data growth. Structured data growth also shows no signs of abating as structured (databases) and semi-structured (emails) data continues to grow at about 26% year over year according to IDC.

3. Satisfies mounting data security concerns. The Ponemon Institute described 2011 as one of the worst years on record for data security and predicted that the number of data breaches would continue to rise in the years to come.

A separate study found that, over a 24-month period, each Global 2000 company puts as much as $400 million of its data at risk as a result of new and evolving attacks on failed cryptographic key and digital certificate management. As a result, every enterprise has a reasonable chance of losing $35 million during that same period of time with high profile companies such as Apple, Facebook and Twitter all recently having been subject to attacks.

While storage systems hosting production data may need to satisfy these three concerns to some degree, storage systems that host backup data must satisfy all of them. Minimally every backup storage solution must scale to unprecedented levels as every terabyte of production data growth could generate four (4) times that much in backup data.

This necessitates that these systems also become even more efficient in compressing and deduplicating data than in the past. Further, they must perform well during peak backup times, scale to high levels of storage capacity and then securely store, retain and protect data in such a way that it meets today's heightened security concerns.

Sepaton S2100-ES3 and V7.0 Software

The Sepaton S2100-ES3 and its V7.0 software push these trepidations about which storage solution to use to store Big Data backups aside. The S2100-ES3 gives enterprises access to two (2) petabytes of usable storage capacity available in a scale out grid architecture.

Configured as a private storage cloud the S2100-ES3 functions as a single logical storage system that draws upon its scale out architecture to provide the four following benefits.

All data is compressed and deduplicated across the entire system.
This delivers higher deduplication levels, higher levels of storage efficiency and the most effective use of its available storage capacity. To handle these increased loads associated with Big Data, the S2100-ES3 introduces new, faster HP DL380p Gen 8 processing nodes and high performance Exar 1845 compression cards. The systems continue to use Hitachi storage arrays.

Minimizes the need to monitor and manage the levels of available storage capacity. All backup data may be stored on the S2100-ES3. Organizations only need to start with a much storage capacity as they initially need and then add more as specific threshold capacities are reached. This facilitates a "pay-as-you-grow" model that minimizes or eliminates the need to purchase new units if all that is needed is more storage capacity.

Minimizes the need to monitor and manage performance. Performance may be monitored, managed and added in the same way as capacity. This eliminates the often pain staking and complicated task of trying to balance the performance loads associated with backup jobs across multiple backup targets. Using the Sepaton-ES3, more performance may be added to it to increase backup throughput (up to 80 TB/hour using 8 nodes.) This can be accomplished without requiring an organization to remap existing backup jobs to another backup target.

Flexibility to scale according to capacity and performance based on real-world demands. Every enterprise is different. Some will need their system to deliver extremely high performance. Some will need it to offer extremely high capacity. Some will need it to offer some mix of both.

Accommodating these varied and changing capacity, performance and, ultimately, cost constraints requires a choice in network connectivity choices. To meet these demands associated with protecting both structured and unstructured data, Sepaton gives companies the flexibility to use 8-Gb Fibre Channel, 1Gb (up to 4), 10 Gb (up to 2) Ethernet connections or both so they can get the most done.

Encryption without Adding Complexity or Slowing Performance

Possibly one of the most intriguing enhancements to the Sepaton S2100-ES3 is its optional encryption capability that encrypts data without slowing performance and supports the emerging OASIS Key Management Interoperability Protocol (KMIP). The Sepaton S2100-ES3 supports encryption key management solutions that are that are compliant with KMIP 1.0/1.1. It is currently qualified on RSA Data Protection Manager version 3.x and Thales key Authority appliance v4.0 - with more in the process of being qualified.

Most organizations want to encrypt more of their data, not less. However this is difficult to do so without the environment becoming more complex since, before OASIS KMIP, each layer of data that was encrypted (application, network, backup, etc.) may require its own key management solution.

KMIP is an industry standard protocol for communication between EKMs and the encryption system. By supporting KMIP-compliant EKMs, Sepaton eliminates vendor lock-in and added complexity.

Regardless of which EKM is used, the Sepaton S2100-ES3 secures data minimizing the risk of data exposure or loss that may occur when the attacks inevitable come. Further, using the new hardware available on the ES3, eliminating the performance penalty associated with using encryption.

Big Data Finds Its Perfect Backup Fit in the Sepaton S2100-ES3 2925

The Sepaton S2100-ES3 2925 gives enterprises the perfect backup fit as they look to realign their data center to meet Big Data's particular demands. Offering more performance and new security options, enterprises get the secure, scalable backup solution that they need without the unwanted increases in complexity or management that are often associated with implementing these features.

The Sepaton S2100-ES3 2925 gives enterprises new found confidence that they can backup and restore their Big Data repositories within their existing SLAs. More importantly, they can do so knowing that their protected data is safe from prying eyes.

VMware VMFS Multi-Writer Flag Feature Throws Open the Doors to Using Cluster File Systems on Virtualized Highly Available Applications

Tue, 19 Mar 2013 07:45:00 -0600

Using cluster file system software on virtual machines (VMs) in VMware environments has always been a bit problematic at best. While it could be done with techniques like Raw Disk Mappings (RDMs) and 3rd party cluster file system software, organizations need to sacrifice "desirable" virtualization features like vMotion to achieve it.

This has now changed. VMware quietly made available a new multi-writer flag for VMFS that, when combined with a solution like the VERITAS Cluster File System (CFS) from Symantec, enables VMs on the same or different physical ESX servers to access the same VMDKs.

The VMware Virtual Machine File System (VMFS) and its Virtual Machine Disks (VMDKs) included with VMware vSphere abstract away the underlying storage hardware making them some of VMware vSphere's more desirable features. Together they make VMware features like vMotion possible so a VM may move between different physical ESX machines.

The one "gotcha" with vSphere is its inability to virtualize highly available applications that already use or want to use cluster file system software. This software needs to directly access and communicate with the underlying storage to maintain a highly available cluster.

However if these applications with cluster file system software are virtualized, vSphere inserts VMFS and VMDKs between the cluster file system software and the physical storage rendering the cluster file system software inoperable.

To date the workaround to VMFS and VMDKs has been to use VMware's RDMs. Using RDMs, the cluster file system software can directly access and communicate with the storage as RDMs expose the native properties of the underlying disks that the cluster file system software needs to operate.

By using RDMs and bypassing VMFS and VMDKs, vSphere features like vMotion become unavailable. This decreases VMware's value proposition since access to vMotion is often a big motivation for virtualizing highly available applications in the first place.

VMware's availability of its VMFS multi-writer flag makes virtualizing highly available applications that use a cluster file system a viable option. Prior to the availability of this multi-writer flag, sharing a VMDK was disabled by VMware vSphere to prevent a VM from inadvertently accessing another VM's VMDK and corrupting the data on the VMDK. By turning this flag "on," a single VMDK may be shared among multiple VMs whether the VMs are on the same or different physical ESX hosts.

This is not to imply that enterprises should by default turn this multi-writer flag "on" when they create a new VMDK. Turning on this flag makes a VMDK available to many VMs as vSphere relinquishes its control over the VMDK. This control is now given to the guest VMs that must have software in place which can assume the responsibility for managing which VMs have access to the VMDK and when.

This granular level of control is exactly what these highly available applications that use cluster file system software need. Now as VMs are created and applications virtualized, the VMDK associated with the VM is instead presented to the cluster file system software.

By enabling this multi-writer flag, any VM with the cluster file system software installed on it may communicate with any VMDK(s) associated with any VM in the cluster. What makes using VMDKs particularly appealing is that the VMs in the cluster get access to VMware's vSphere vMotion feature since they are using VMDKs as opposed to RDMs.

They also get access to all of the benefits associated with cluster file systems in addition to the benefits afforded to them by VMware vSphere. For example, using the VERITAS Cluster File System (CFS), organizations can:

Control file access. VERITAS CFS ensures that reads and writes to a file by each VM occur in the correct order to maintain the integrity of the data in the file.
Achieve sub-minute application recovery times. The high availability component of VERITAS CFS detects application failures instantaneously and initiates the service recovery on any other node which currently has access to the application data, providing a very fast service recovery architecture.
Get efficient storage utilization. Applications and work-flows can now be distributed across different VMs, providing a single pool of storage where all of them can immediately read and write, avoiding data duplications and eliminating the need to transfer data between the VMs.
Do in-place migration from physical to virtual. As many organizations are looking to virtualize their highly available applications, VERITAS CFS gives them flexibility to first introduce some VMs into their existing cluster of physical machines and then non-disruptively migrate physical nodes over to VMs over time.
Offer access to up to 64 VMs to the same file. Some applications require multiple VMs that are part of its cluster to access the same file at the same time. Using VERITAS CFS, up to 64 nodes (physical or virtual) may currently access the same file at the same time.
Take application consistent snapshots. Using VERITAS CFS application consistent snapshots may be taken across all of the nodes in the cluster to improve the application's protection and recoverability.
Experience little to no performance degradation. Preliminary testing that Symantec has done in-house on VMDKs and RDMs with the same application reveals little to no performance degradation when going from RDMs to VMDKs. In some cases, performance even improved using VMDKs. It is Symantec's current belief based upon this testing that the performance impact caused by VMDKs will be minimal at best and only observed by the most performance sensitive applications.

Now before every organization that currently runs VERITAS CFS or is considering its use in vSphere environments rushes out to deploy it, it is worth noting that not all of the features that disks and RDMs offer are yet available from VMDKs.

For example, VMDKs do not yet support SCSI-3 persistent group reservation (PGR) bits. While this may seem trivial, highly available applications that use I/O fencing rely on this bit to manage access to a disk from different VMs. In this example, organizations will need to continue to use RDMs when virtualizing these applications until such a time this feature becomes available. Aside from this cautionary note, VMware has finally thrown open the doors for organizations to use cluster file systems for virtualized highly available applications with the availability of its VMFS multi-writer flag.

Using the VMware VMFS multi-writer flag, organizations no longer have to make unpleasant trade-offs when looking to virtualize applications using cluster file systems. Rather they may virtualize their existing applications that use VERITAS CFS that reside on physical machines (or introduce VERITAS CFS on applications that are already virtualized) and maintain the levels of application performance needed once they are virtualized even as they introduce the even higher levels of flexibility and mobility that VMware vSphere and VERITAS Cluster File System collectively offer