| Date post: | 12-Jan-2015 |
| Category: |
Technology |
| Upload: | amazon-web-services |
| View: | 301 times |
| Download: | 1 times |
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
Backup and Archiving
in the AWS Cloud Amazon Web Services
August 12, 2014
Agenda
• AWS Global Infrastructure
• Traditional vs. Cloud Approach
• Cloud Integrated Backup and Archive Gateways
• Connectivity Options
• AWS Storage and Archive Options
• Retrieve / Restore
• TCO
Why AWS for Backup and Archive?
Metered usage:
Pay as you go
No capital investment
No commitment
No risky capacity planning
Avoid opex and risks of
physical media
handling
Control your
geographic locality for
performance and
compliance
AWS Global Infrastructure
10 Regions
24* Availability Zones
50+ Edge locations
AWS Regions and Availability Zones
Customer decides where applications and data reside
Asia Pacific (Tokyo) US West (Oregon) EU (Ireland) US East (N. Virginia)
US West (N. Cal) (Asia Pacific) Singapore
AWS GovCloud (US) South America (Sao Paulo) China (Beijing –
Limited Preview)
Availability
Zone
Availability
Zone
Availability
Zone Availability
Zone
Availability
Zone
Availability
Zone Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Asia Pacific (Sydney)
AWS Security
Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge Locations
Client-side Data Encryption & Data
Integrity Authentication
Server-side Encryption
(File System and/or Data) Network Traffic Protection
(Encryption/Integrity/Identity)
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customer Data
Am
azo
n
Cu
sto
me
r
• SAS-70 Type II
• SOC 1 and 2
• ISO 27001/ 2 Certification
• Payment Card Industry (PCI)
• Data Security Standard (DSS)
• NIST Compliant Controls
• DoD Compliant Controls
• FedRAMP Compliant Controls
• HIPAA and ITAR Compliant
• Customers implement their
own set of controls
• Multiple customers with
• FISMA ATOs
• DIACAP ATOs
AWS Security
2. Physical and logical security
• Unmarked buildings
• Access restrictions
• Deep Back ground checks
• Multi-factor authentication @ doors
• Armed security guards
• Physical access / Logical access
1. 3rd party attestations
• HIPAA
• PCI DSS Level 1
• ISO 27001
• FedRAMPSM
• DIACAP and FISMA
• ITAR
• FIPS 140-2
• CSA
• MPAA
• SOC 1/SSAE 16/ISAE 3402 (formerly SAS70)
• SOC 2
• SOC 3
3. Best practices
• Data encryption
• Network encryption
• Built in firewalls
• IAM
• MFA
• VPN / VPC
• Direct Connect
• GovCloud
• CloudHSM
Traditional Backup and Archive
• Time: Long/slow recovery time
• Money: Capital intensive with ongoing upgrades
• Effort: Complex to manage
• Quality: Low durability, Error Prone
Days or Weeks
Traditional Backup and Archive
• Backup Software • Edge to core topologies
• Dedicated people
• Tape Silos / Tape Libraries
• Tape Drives (LTO-X / DLT / etc)
• Virtual Tape Libraries (VTLs)
• Tape out / Vaulting
• Unified Backup Solutions
• Deduplication
• Compression
• Encryption
Traditional Backup and Archive Tape Systems
Traditional Backup and Archive Virtual Tape Library
Cloud Backup and Archive
Cloud Backup and Archive
• Backup Software • Edge to core topologies
• Single pane of glass
• Tape Silos / Tape Libraries
• Tape Drives (LTO-X / DLT / etc)
• Virtual Tape Libraries (VTLs)
• Tape out
• Unified Backup Solutions
• Deduplication
• Compression
• Encryption
Cloud Backup and Archive Topologies
1. Branch office backup to cloud
2. Core data center backup to cloud
3. Cloud backup to cloud
4. Hybrid cloud backup
Branch office backup to cloud
Considerations: - Backup Software
- Storage / Caching Gateway
- WAN or Internet
- Deduplication
- Compression
- Encryption
- WAN Acceleration
Core data center backup to cloud
Considerations: - Backup Software
- Storage / Caching gateway
- Direct Connect or Internet
- Telco Burst Models - Time Warner Telecom
- Deduplication
- Compression
- Encryption
- WAN Acceleration
Cloud backup to Cloud Applications running on EC2 backing up to S3 / Glacier
Considerations: - Backup software
- Encryption
- Deduplication
- Compression
- Native S3 and Glacier
integration
- AMI Backup Appliance? - AMI = Golden Master
- EBS Snaps / Scripting
Hybrid Cloud Backup
VPC – Datacenter #4
Single GUI for Management
Cloud Integrated Backup and Archive Gateways
AWS Storage Gateway
• On-premises, virtual iSCSI
storage appliance
• $125 / Month*
• Local cache enables low
latency access to data
• Server Side Encryption (SSE)
• 5 TB of throughput per day
• Recover to Amazon EBS
AWS Storage Gateway-VTL (Virtual Tape Library)
• On-premises, virtual tape library
storage appliance
• $125 / Month
• 10 virtual tape drives / 1500
virtual tape slots
• 150 TB local cache – VTL – virtual tape library
• Restore in seconds from VTL
– VTS – virtual tape shelf • Next Generation Offsite Vault
• 24 hour retrieval from VTS
• Encryption in transit and at rest
• Gateway VTL-AMI
AWS partner backup and archive solutions
Avere → S3
AWS SGW → S3
AWS VTL → S3-Glacier
BridgeSTOR → S3-Glacier
CA Arcserve → S3
CA Mainframe → S3-Glacier
Commvault → S3-Glacier
Ctera → S3
Druva → S3
Maginatics → S3
Oracle RMAN + OSB Module → S3
Panzura → S3
Riverbed Whitewater → S3-Glacier
Sonian → S3
Veeam → S3-Glacier
Zmanda → S3
Commvault
• Unified platform integrates
Backup, Archive, Replication,
Analysis and Search, Alerting,
Reporting, and Tracking of all
data via a single common
code base
• Integrated with Amazon S3
and Amazon Glacier with
deduplication & encryption
support
• Single console management
Amazon S3 Amazon Glacier
Riverbed SteelStore
• Local caching appliance
• Presents NAS protocols – CIFS / NFS
• Up to 30x deduplication
• S3 and Glacier support
• AMI Available
Maginatics
• Create a globally accessible, NAS
archive based on SW clients
• NO HARDWARE REQUIRED
• High throughput migration
• Global Namespace, Deduplication,
Locking
• Purpose built cloud file system
• POSIX / SMB compliant
• Windows / Mac / Linux / iOS /
Android
• DEMO!
Amazon S3
EC2 - VPC
On-Premises
and/or
In-Cloud
Data Ingestion Options
Data Ingestion Options
AWS Direct Connect Dedicated bandwidth between
your site and AWS
Internet Transfer data in a secure SSL tunnel over
the public Internet
AWS Import/Export Physical transfer of media into and
out of AWS
AWS Ingest Options Internet / One Common Theme: Parallel Uploads
1. Multipart upload
2. Request rate optimization
3. TCP window scaling
4. TCP selective
acknowledgement
AWS has customers that ingest roughly 1 PB per day
AWS Ingest Options AWS Direct Connect
• Private connectivity to AWS – Physical connection – 1 Gbps or 10 Gbps
port
• Consistent network performance • Consider burst models on ingest • Reduces costs for bandwidth-
heavy outbound workloads
Locations
• CoreSite 32 Avenue of the Americas, NY
• CoreSite One Wilshire & 900 North Alameda, LA
• Equinix DC1 – DC6 & DC10 - DC11, Ashburn, VA
• Equinix SV1 & SV5, San Jose, CA
• Equinix SE2 & SE3, Seattle, WA
• Equinix SG2, Singapore
• Equinix SY3, Sydney
• Equinix TY2, Tokyo
• Eircom, Clonshaugh
• TelecityGroup Docklands, London
• Terremark NAP do Brasil, Sao Paulo
AWS Ingest Options AWS Import/Export
• Rapidly move data into and
out of AWS
• Portable storage device
shipment to AWS
• Supports – Amazon EBS
– Amazon S3
– Amazon Glacier
• Use cases – Initial data migration
– Content distribution via portable
devices
– Disaster recovery
AWS Storage and Archive Options
AWS Storage and Archive Options
Amazon Simple Storage Service (S3) Highly scalable object storage
1 byte to 5 TB in size
99.999999999% durability
Amazon Elastic Block Store (EBS) High-performance block storage device
1 GB to 1 TB in size
Mount as drives to instances with
snapshot/cloning functionalities
Amazon Glacier Long-term object archive
Extremely low cost per gigabyte
99.999999999% durability
AWS Storage and Archive Options
Amazon Elastic Block Store (EBS)
• High I/O block storage for Amazon EC2
• Point-in-time snapshots to Amazon S3 • 99.999999999% Durability
• Snapshot software is FREE
• Point-in-time snapshots across regions
AWS Storage and Archive Options Amazon S3: Trillions of objects under management
• New!: SSE-C
• Time: Instant access, any time, any where
• Money: Pay for what you store / 51% price reduction
• Effort: Scales as you grow
• Quality: 99.999999999% durability
AWS Storage and Archive Options
Amazon Glacier
• $0.01 per GB/mo, $120 per TB/yr
• 3-5 hour data retrieval latency
• Archives: single file or zipped files
• Vaults: collection of archives
• Infinite archival storage
• 99.999999999% durability
• Immutable, encrypted by default
AWS Storage and Archive Options Object Lifecycle Management: Amazon S3 → Amazon Glacier
→
• Seamlessly move data from Amazon S3 → Amazon Glacier
• 3-5 hour asynchronous retrieval
• Data lifecycle policies
• $0.01 per GB for Amazon Glacier costs
Retrieve / Restore
Retrieve / Restore back to On Premises Data Centers
Amazon
Glacier Amazon S3
3-5 Hour
Retrieval
(staging)
Immediate
Restore
*Storage Gateway mitigates restores from cloud
Retrieve / Restore in AWS
$$
Hours
Amazon
Glacier Amazon S3 Amazon EC2
/ HPC
Amazon
CloudFront
Generating
Business
Value
Mins / Seconds
TCO: On-Premises Cost Considerations
1. Primary storage hardware (primary / remote site)
2. DR / Remote site storage hardware
3. Raw to utilized storage (both primary and DR)
4. Storage growth (cost of upgrades)
5. Storage management software and 3rd party tools
6. Professional services
7. Hardware maintenance
8. Software maintenance
9. Backup software
10.Backup hardware (primary / remote site)
11.Offsite tape storage / vault
12.Archive software
13.Archive hardware
14.Power
15.Cooling
16.Space
17.Labor
18.Cost of capital
19.Training
20.Asset depreciation
21.Migration
22.Decommission / remove
23.Recycle
Customer Stories AWS Storage Gateway is used in a variety of ways
Jollibee (JFC) is using the AWS Storage Gateway to backup and
mirror their Oracle SQL server database from their on-premises
data center to AWS. JFC is the largest fast food chain in the
Philippines with revenues well over 2 Billion USD.. The Storage
Gateway also provides us access to the same database
snapshots for use in Amazon EC2, providing a cost-effective in-
cloud DR solution.
AWS Storage Gateway provided us the most cost
effective way to backup our SAP workloads to AWS, it is
helped us perform SAP System ‘refresh’ much faster and
in a more convenient way, backing up to S3 has also helped us
to prepare for DR & also run SAP Dev/QA restores easily on EC2
“Amazon Web Services and AWS Storage Gateway are great
assets that help us scale fast, store data in an ultra-secure
environment, spend more time on product development (rather
than disaster recovery & backup)
…By using AWS Storage Gateway, we went to just hours instead
of days to restore from backup.”
The large Japanese Retail chain uses AWS
Storage Gateway to share & store files in S3 and
drastically cut down it’s spend on premise NAS
footprint.
AWS – Your Global Data Center for Backup and Archive
• Choose the region that fits your business and compliance needs
• 10 regions world wide – set up with a few clicks
• Broad range of backup/archive tools that are AWS integrated
• Low cost, reliable AWS Transport and Storage options
• Enhance Security Posture
• Increase Scalability
• Significantly Higher Data Durability
• All at a lower TCO
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
THANK YOU
John Downey
