Home >Technology >AWS Webcast - Business Continuity in the AWS Cloud

AWS Webcast - Business Continuity in the AWS Cloud

Date post:16-Jul-2015
Category:
View:1,076 times
Download:0 times
Share this document with a friend
Transcript:
  • Business Continuity in the

    AWS Cloud

    Gerard Ngo Account Manager

    AWS Worldwide Public Sector

  • What is AWS?

    Basics of Business Continuity

    Why AWS for Business Continuity?

    AWS services that can be employed

    Common BC/DR architectures

    Agenda

  • What is AWS?

  • Application Services

    Compute Storage Databases

    Networking

    AWS Global Infrastructure

    Deployment & Administration

    AWS Platform

  • AWS Global Infrastructure

    11 Regions

    consisting of

    29 Availability Zones

    and

    53 Edge Locations (CDN)

    Customer Decides Where Applications and Data Reside

  • AWS Region View

    - Independent/Separate Geographic Areas

    - Isolated from other Regions (security boundary)

    - Comprised of multiple Availability Zones

    - Availability Zone = 1 or more data center

    - Availability Zones connected through redundant low-latency links

    - Customer chooses a Region and Data stays within Region.

    - Enables High-Availability Architecture

    Availability

    Zone A

    Availability

    Zone B

    Availability

    Zone C

    Sample US Region

  • AWS Availability Zone (AZ) View

    - Multiple Isolated locations within a Region

    - Availability Zone = 1 or more data center

    - Independent Failure Zone

    - Physically separated

    - On separate Low Risk Flood Plains

    - Discrete UPS

    - Onsite backup generation facilities

    - Fed from different segments of utility provider

    - Redundantly connected to multiple tier-1 ISPs

    - No Disaster Recovery Datacenter

    - Built for Continuous Availability

    - Customer decides Availability Zone for Compute

    Availability

    Zone AAvailability

    Zone B

    Availability

    Zone C

    Sample US Region

    ~ Data Center

  • Trusted by Enterprises Around the World

  • Public Sector Customers Worldwide

  • Certifications

    SOC 1, 2, and 3

    ISO 27001

    PCI DSS for EC2, S3, EBS,

    VPC, RDS, ELB, IAM

    FISMA Moderate Compliant

    Controls

    HIPAA & ITAR Compliant

    Architecture

    Physical Security

    Datacenters in nondescript

    facilities

    Physical access strictly

    controlled

    Must pass two-factor

    authentication at least twice

    for floor access

    Physical access logged and

    audited

    HW, SW, Network

    Systematic change

    management

    Phased updates

    deployment

    Safe storage decommission

    Automated monitoring and

    self-audit

    Advanced network

    protection

    Built to enterprise security standards

    http://aws.amazon.com/security

  • Basics of Business

    Continuity

  • DR is part of a wider set of policies and controls

    DR & business continuity

    Its not an all or nothing thing

    Choose what needs to failover and what does not

    Some things more important than others

    Some things will still be working

    High availability Backup Disaster recovery

    Keep your applications

    running 24x7

    Make sure your data is protected

    and can be recovered if it is lost

    Get your applications and

    data back after a major

    disaster

  • Each set of IT assets will have different requirements

    DR & business continuity

    Recovery Time Objective

    (RTO)

    How quickly you need this asset to be recovered?

    e.g. 1min? 15min? 1hr? 4hrs? 1day?

    Recovery Point Objective

    (RPO)

    How fresh the recovery must be for the asset?

    e.g. zero data loss, 15mins out of date?

  • Assets will sit on a spectrum of technical complexity

    DR & business continuity

    Rebuild when

    required from

    offsite backup

    Run hot-hot

    configuration with

    auto-failover

  • Why AWS for Business

    Continuity?

  • The fundamental economic model

    Traditional, second datacenter

    Primary SiteRouters

    Firewalls

    Network

    Application Licenses

    Operating Systems

    Hypervisor

    Servers

    SAN fabric

    Primary Storage

    Backup

    Archive

    Secondary SiteRouters

    Firewalls

    Network

    Application Licenses

    Operating Systems

    Hypervisor

    Servers

    SAN fabric

    Primary Storage

    Backup

    Archive

  • The fundamental economic model

    Utility, on-demand datacenter

    Primary SiteRouters

    Firewalls

    Network

    Application Licenses

    Operating Systems

    Hypervisor

    Servers

    SAN fabric

    Primary Storage

    Backup

    Archive

    AWSRouters

    Firewalls

    Network

    Application Licenses

    Operating Systems

    Hypervisor

    Servers

    SAN fabric

    Snapshot Storage

    Backup

    Archive

    Secondary

    site costs

  • With utility services you might be able to:

    Business & technical drivers

    Reduce costs

    Slash DR budgets by up to 50%

    Reduce on-premise

    Eliminate 30%+ of on-premise

    physical equipment

    Consolidate sites

    Eliminate the need to run a

    secondary site

    Remove aging

    technologies

    Eliminate tape for backup and

    archive

  • Challenges around Cost

    Conventional DR Sites

    High Cost

    Low ROI

    Implemented only for

    most critical systems

    Usually scaled down to

    50% of production

    Systems in a remote

    region challenging

  • Cost Effective On Demand Infrastructure

    Business Continuity on AWS

    Unprecedented

    capabilities to implement

    DR sites

    Easily set up DR sites on

    different geographic

    regions

    Cut down DR site cost by

    up to 70%

    Substantial savings on

    software licenses

  • AWS services that can be

    employed

  • Amazon

    Simple

    Storage

    Service (S3)

    AWS Import/Export

    AWS Storage

    Gateway Service

    AWS Direct

    Connect

    Amazon Virtual

    Private Cloud

    (VPC)

    Amazon

    Route 53

    Amazon Elastic

    Compute Cloud

    (EC2)

    Amazon Relational

    Database Service (RDS)

    Amazon

    Elastic Block

    Storage (EBS)

    Object storage &

    transfer services

    Networking services Foundation services

  • S3 and Elastic Block Store

    AWS storage is ideal for DR

    Simple Storage ServiceHighly scalable object storage

    1 byte to 5TB in size

    99.999999999% durability

    Elastic Block StoreHigh performance block storage device

    Volumes of 1GB to 16TB in size

    Mount as drives to instances with

    snapshot/cloning functionalities

  • Glacier

    DurableDesigned for 99.999999999%

    durability of archives

    Cost effectiveWrite-once, read-never. Cost effective for long

    term storage. Pay for accessing data

    3 to 5 hour Retrieval time

  • Direct ConnectDedicated connection between your IT

    infrastructure and the AWS datacenters

    Extend your network infrastructure and

    VLANs into AWS

    VPN ConnectionA Hardware VPN connection connects

    amazon environment to your datacenter

    Internet Protocol security (IPsec) VPN

    connection

    Commonly used hardware supported

    Virtual Private CloudPrivate, isolated section of the AWS Cloud

    Launch resources in a virtual network that you

    define

    complete control over your virtual networking

    environment

    Internet

    Internet

    Connecting to AWS

  • Common BC/DR architectures

  • 4 main patterns

    Common BC/DR architectures

    Backup & Restore Pilot light

    Warm standby in

    AWS

    Multi-site solution in

    AWS & on-premise

  • Lets start with Backup & Restore

    Common BC/DR architectures

    Backup & Restore Pilot light

    Warm standby in

    AWS

    Multi-site solution in

    AWS & on-premise

  • Advantages to starting a journey with this pattern

    Backup & Restore pattern

    Simple to get started

    Easy starting point for exploring the AWS cloud

    Low technical barrier to entry

    Focus on incorporating cloud into your DR

    strategy, not on complex technical issues

    related to hot-hot systems

    Cost effective

    Very high levels of data durability at low price

    Cost of storing snapshots in S3

    Archiving possibilities beyond tape using Glacier

  • The preparation process

    Backup & Restore pattern

    Take backups of

    current systems

    Store backups

    in S3

    Move to long term

    archive in Glacier

  • The process

    Backup & Restore pattern

    Take backups of

    current systems

    Store backups

    in S3

    Detail how you will restoring from backup or

    recover from archive

    Move to long term

    archive in Glacier

  • Push backups to AWS

  • Recover servers during DR

  • Lets look at the Pilot Light pattern

    Common BC/DR architectures

    Backup & Restore Pilot light

    Warm standby in

    AWS

    Multi-site solution in

    AWS & on-premise

  • Moving along the DR spectrum

    Pilot light architecture

    Build resources

    around replicated

    dataset

    Keep pilot light on by replicating core

    databases

    Build AWS resources around dataset

    and leave in stopped state

    Scale resources in AWS

    in response to a DR

    event

    Start up pool of resources in AWS when

    events dictate

    Match current production capacity

    through auto-scaling policies

  • Pilot light

  • Pilot light

  • Lets look at the Warm standby pattern

    Common BC/DR architectures

    Backup & Restore Pilot light

    Warm standby in

    AWS

    Multi-site solution in

    AWS & on-premise

  • Moving along the DR spectrum

    Warm standby architecture

    Build resources

    around replicated

    environment

    Operate a warm standby by replicating

    app servers and core databases

    Build AWS resources around dataset

    and run in limited capacity

  • Moving along the DR spectrum

    Warm standby architecture

    Build resources

    around replicated

    environment

    Operate a warm standby by replicating

    app servers and core databases

    Build AWS resources around dataset

    and run in limited capacity

    Scale resources in AWS

    in response to a DR

    event

    Scale up pool of resources in AWS when

    events dictate

    Match current production capacity

    through auto-scaling policies

  • Warm standby - prep

  • Warm standby - recovery

  • Lets look at the Multi-site pattern

    Common BC/DR architectures

    Backup & Restore Pilot light

    Warm standby in

    AWS

    Multi-site solution in

    AWS & on-premise

  • Moving along the DR spectrum

    Multi-site architecture

    Deploy resources

    necessary to operate

    full production

    Operate a full stack by replicating app

    servers and core databases

    Fail over to AWS in

    response to a DR event

    Sufficient resources in AWS to handle full

    peak load

  • Multi-site - prep

  • Multi-site - recovery

  • Where to learn more

  • Resources

    Disaster Recovery on AWS: aws.amazon.com/disaster-recovery

    Architecture Center: aws.amazon.com/architecture

    Using AWS for Disaster Recovery

    http://media.amazonwebservices.com/AWS_Disaster_Recovery.pdf

    Backup and Recovery Approaches Using AWS

    http://media.amazonwebservices.com/AWS_Backup_Recovery.pdf