Friday, November 15, 2013

Introducing the XtremIO All-Flash Array

 

Today EMC announced the general availability of XtremIO, the first all-flash array to provide consistent, predictable extreme performance to any application workload over any period of time.

To achieve this, XtremIO features several unique flash innovations: a scale-out multi-controller architecture with linear scalability; inline deduplication that is always on; data protection that is 6X more efficient and 4X faster than traditional RAID.

Under the covers, XtremIO is architected differently than any other all-flash array.

Four of key technologies that power XtremIO:
  • Content-Based Data Placement
  • Dual-Stage Metadata Engine
  • XtremIO Data Protection (XDP)
  • Shared In-Memory Metadata

IDC forecasts the all-flash array market to grow to $1.2 billion in revenue by 2015. XtremIO is already positioned as a leader in the all-flash array market, in high demand, with 10 Petabytes of effective deduplicated capacity already sold.

About the technology
Customers are looking to all-flash arrays to enable SLAs with constant predictable performance and low-latency. Including workloads that frequently change – such as VDI, virtual servers, massively consolidated databases and test/development environments. With XtremIO, these workloads achieve better performance, improved $/IOPS and management simplicity.

There are four key architectural differences that set XtremIO apart from other all-flash arrays:
  • Content-Based Data Placement keeps the array inherently balanced and optimized to within a fraction of a percent across all SSDs and array controllers and removes duplicate data inline in the data path.
     
  • Dual-Stage Metadata Engine allows the array to fully leverage the random access nature of flash and place data anywhere in the array without requiring system level back-end cleaning processes (also known as garbage collection). This enables XtremIO to avoid the up to a 50% performance hit in IOPS, up to 1000% increase in latency, and up to 10X reduction in flash endurance compared to other flash arrays that use system level garbage collection.
     
  • XtremIO Data Protection (XDP) is a flash-specific algorithm that guards against SSD failures while delivering up to 6X more usable capacity than traditional RAID. XDP allows end-users to utilize 100% of the capacity on XtremIO – while maintaining maximum levels of performance. Other all-flash arrays will begin to show degraded performance when they reach 60% to 80% of capacity. This means that XDP delivers up to 40% more usable capacity compared to other all-flash arrays. In addition, the efficient XDP algorithms deliver up to 4X better performance and flash endurance than RAID in long-term production data center conditions.
     
  • Shared In-Memory Metadata enables the array to deliver the widest range of performance, and to rapidly clone information already in the array to massively accelerate common tasks like deploying virtual machines. Virtual machine clones are created at up to 20X the network bandwidth between the host and the array, several times faster and with lower impact to production virtual machines than other all-flash arrays.

XtremIO is a scale-out array based on building blocks called X-Bricks. Each X-Brick is available with 10TB of capacity – with an additional option for 20TB of capacity expected to be available early next year. XtremIO arrays deliver up to one million fully random IOPS with over 250TB of effective capacity in a single XtremIO cluster with inline deduplication. A single XtremIO cluster scales from two to eight controllers and up to 128 cores, capable of handling any OLTP Database, virtual server and VDI workload – with all data services active.

In addition, XtremIO is integrated within the EMC ecosystem to provide additional capabilities, ease-of-use, and compatibility. A VCE Vblock Specialized System for Extreme Applications based on XtremIO all-flash arrays provides unparalleled VDI end-user computing performance at unprecedented cost per virtual desktop, which customers can begin ordering by the end of 2013. XtremIO array management is also integrated with VMware vSphere and accelerated with VMware's VAAI storage APIs.

In addition, XtremIO is supported with other EMC technologies including VPLEX, PowerPath and EMC Secure Remote Support (ESRS). Lastly, EMC Global Services has developed new service offerings to optimize VDI on XtremIO. The new service offerings provide customers with proven end-user computing strategy, comprehensive review of VDI design and configuration specifications, and migration guidance for optimal storage performance.

Analyst Quote
IDC - Laura Dubois, Research VP of Storage
“What I find most compelling about XtremIO is the unique architecture. Core functions such as granular metadata processing, shared in-memory metadata handling and content-based data placement are enablers to XtremIO's impressive sustained IOPS metrics while offering core services – including deduplication and copy data services. There are other all-flash arrays with impressive performance metrics – but not for a sustained basis. The other standout capabilities with this system are native inline deduplication, in-memory metadata only copy and a scale-out architecture. These are attributes not all of the ‘all-flash array’ solutions on the market offer.”

Customer Quotes
E*TRADE - Russ Norman, Senior Manager of Systems Engineering
“Performance, reliability, and speed are critical in our application environments. We require an infrastructure that provides very low latency, allowing orders to be processed quickly. We are deploying XtremIO to get us to the next level of performance – but even more than that provide us with new levels of usability for our applications. With these lower storage latencies, we can process higher numbers of IOPS and move larger amounts of data. We found on average writing to the XtremIO array to be between 0.25 to 0.3 millisecond response time, with reads being somewhere around 0.2 millisecond. This was, consistent with workloads between 100,000 to 200,000IOPS. In addition, XtremIO’s thin provisioning and inline deduplication were selling points for us also for cost and capacity efficiency.”

CMA Consulting Services - Brian Dougherty, Chief Technical Architect
“CMA is a leader in building very large scale technical platforms for healthcare applications. Our multi-tenant Oracle RAC environment generates a mixture of large sequential and random IO workloads simultaneously. We needed a specialized weapon that could handle the large mixed random and sequential workloads, while never degrading performance. We also needed a solution that was simple to manage and configure – configuring 10’s of terabytes of storage in a matter of minutes versus hours – with protection. We chose XtremIO because it delivers better performance, is simple to manage and configure and significantly lowers our total cost of ownership. It stood far apart from other solutions and reset our expectations for what we can do as an IT organization in our Oracle RAC environment.”

Partner Quotes
VCE - Todd Pavone, Executive Vice President, Product Development and Strategy
“The Vblock Specialized System for Extreme Applications with EMC XtremIO all flash-based arrays delivers exceptional performance for scalable, data-intensive virtual desktop infrastructure (VDI) solutions such as VMware Horizon View and Citrix XenDesktop. VCE’s best-of-breed converged infrastructure provides customers with rapid response times, unmatched ease of use and, best of all, proven scalability for up to hundreds of thousands of virtual desktops at an incredible price point.”

VMware - Erik Frieberg, Vice President, Product Marketing, End-User Computing
“XtremIO provides flash memory performance for unique and demanding workload requirements found in VDI environments. XtremIO all-flash arrays with VMware Horizon View™ will enable our joint customers to achieve high performance and efficiency, with the ability to lower costs.”

Learn more:


Saturday, March 16, 2013

vSphere Data Protection - Built-in Backup for VMware

This article will save you thousands of dollars.

How? Simple. Drop your old backup software.

  • Stop paying thousands of dollars in backup software maintenance.
  • Stop throwing away money for off-site tape services and tapes you may never use or may never be able to recover from.
  • Stop using outdated software in a band-aid approach to "try" to protect your organizations data.
  • Start using VMware vSphere Data Protection.

In 2013, organizations have stopped using tape and old backup software.
Tape is over 60 years old, it's time to update.

Welcome to backup software that's built into the Hypervisor code with VMware... The logical place for it to be.

With context of individual Virtual Machines, backup at the Hypervisor level understands and provides consistency, across both Operating System and Application.

You can do Image-level Restores, Single File Restores, Single Email or Mailbox Restores, Database Restores... Oh, and one more thing, even End-User Restores!

It's free for up-to 2TB of deduplicated storage, that could be 3-7 years of retention on disk. Want more than 2TB? You can have up-to 10 data stores, that's 20TB of deduped storage! Still want more? Upgrade to the 8TB Advanced version for as little as $1,095... You can store it on your SAN, NAS, USB or even as-a-service with EMC Avamar.

And if that's not enough? EMC Avamar now has a Business Edition available to save you money on larger deployments.

Think about the thousands of dollars, you are throwing away, on old tape and backup software maintenance.

When you could protect all your virtual machines and business-critical applications with vSphere Data Protection Advanced, a new backup and recovery solution powered by EMC Avamar. vSphere Data Protection Advanced delivers the most efficient deduplication engine, seamless integration with vSphere and application-specific agents to protect Microsoft Exchange and SQL.


Backup and recovery for midsize vSphere environments

vSphere Data Protection Advanced is a backup and recovery solution powered by EMC Avamar designed for midsize vSphere environments. It extends the capabilities of vSphere Data Protection – available with all vSphere editions – to provide the most proven, efficient and easy-to-use protection for virtual machines with greater scalability and integration with business-critical applications.

 

What vSphere Data Protection Advanced Delivers

Proven Technology
vSphere Data Protection Advanced is built specifically for VMware vSphere, the market-leading virtualization platform and powered by EMC Avamar, a market-leading deduplication backup and recovery solution.
Efficient Backup And Recovery
Reduces backup storage and bandwidth requirements with industry-leading variable-length deduplication. Shrinks backup and recovery times by leveraging Changed Block Tracking.
Simple Management
With vSphere Data Protection Advanced, vSphere administrators have a “single pane of glass” console to manage their entire virtual infrastructure, including backup and recovery.
Application Awareness
vSphere Data Protection Advanced adds application-specific agents to ensure application-consistent backups and more granular recovery of Microsoft SQL Server and Microsoft Exchange Server.

 

Proven, efficient and simple backup and recovery

vSphere Data Protection Advanced is a backup and recovery solution powered by EMC Avamar designed for midsize vSphere environments. It provides the most proven, efficient and easy-to-use protection for virtual machines with added scalability and integration with business-critical applications.

Efficient

  • Variable-length: data is broken into segments of variable length, which enables the highest rates of deduplication – on average 99% for file systems and 96% for databases.
  • Global: Deduplication is compared across all VMs backed up by the same VDP Advanced virtual appliance, reducing the required backup storage by up to 95%.
  • Client-side: for guest-level backups, the agents deduplicate at the VM reducing the daily impact on the virtual network by up to 99% as compared to traditional full-backup methods.
VADP Integration: offloads the backup process from production VMs. Up to eight VMs per virtual appliance can be backed up simultaneously to increase backup throughput.
Changed Block Tracking Backup: leverages Changed Block Tracking in combination with variable-length deduplication, sending truly unique changed blocks to the VDP Advanced virtual appliance.
Changed Block Tracking Restore: only restores the delta of changed blocks between the current state of the VM and the last backup, reducing recovery times up to 30 times as compared to full VM recoveries.
Deduplication Graphic
Changed Block Tracking Graphic

Simple

vSphere Integration: fully integrated with vCenter Server and managed natively through the vSphere Web Client. VDP Advanced enables vSphere administrators to manage their entire virtual infrastructure, including backup and recovery, from a “single pane of glass."

Ease of Deployment: deployed as a virtual machine appliance with very little additional configuration required post-deployment.

Ease of Use: delivers simple and efficient wizard-driven creation of backup jobs with customized policies based on specified retentions and schedules set at the backup job level.

One-step Recovery: enables easy browsing to perform file-level recovery and full VM restores to the original VM or a new VM.

Self-service Recovery: facilitates self-service restore performed by end-users, such as application owners or guest OS administrators, offloading restore requests to the IT department.

Application-Aware

Agents for Microsoft SQL and Exchange: provides application-specific agents to protect these business-critical applications. The lightweight agent installed inside the VM deduplicates data, moving only unique changed blocks to the VDP Advanced appliance. VDP Advanced achieves the highest levels of deduplication at the guest level.

Application Consistency: guest-level backup and recovery ensures application-consistent states crucial to guarantee reliable protection of business-critical applications
Recovery of Individual Items
  • Microsoft Exchange Server agent - provides recovery of individual databases with options to restore to special Exchange databases to perform granular recovery of mailboxes and messages.
  • Microsoft SQL Server agent - enables recovery of the entire application, individual databases, or only logs.

 

Choosing Your vSphere Data Protection 5 Edition

VMware vSphere Data Protection is available in two editions to help you protect your virtual machines depending on the size of your vSphere environment and with the level of granularity that your applications require.

VMware vSphere Data Protection 5 Advanced

vSphere Data Protection Advanced is a backup and recovery solution powered by EMC Avamar designed for midsize vSphere environments. It extends the capabilities of vSphere Data Protection – available with all vSphere editions – with greater scalability and integration with business-critical applications. vSphere Data Protection Advanced provides fast agent-less image-level backups, as well as guest-level application-consistent protection of Microsoft® SQL Server™ and Microsoft® Exchange Server™.

VMware vSphere Data Protection 5

vSphere Data Protection, a feature available with all vSphere editions, is ideally suited to protect small vSphere environments. Based on EMC Avamar technology, vSphere Data Protection provides the most efficient agent-less image-level backup and recovery for virtual machines.

VDPVDP Advanced
Licensing and Pricing
Per CPU (license only)
Included with vSphere ESS+ and aboveUS $1,095
Max protected VMs per CPU
UnlimitedUnlimited
Scalability
Max deduplicated storage per appliance
2TB8TB
Max supported VMs per appliance
100400
Max appliances per vCenter instance
1010
Features
Agent-less backup
Variable-length deduplication
CBT for backup and restore
vSphere Web Client management
Self-service backup and recovery
Full VM and file-level recovery
Integrity check and rollback mechanism
Dynamic provisioning
2TB->8TB

MSFT Exchange Server agents

MSFT SQL Server agents

Migration from VDP

Note: List Pricing is for reference purposes only and is subject to change without notice. Pricing reflected in this document is suggested retail price in USD, for sales in the US. Regional prices may vary.

Licensing

Midsize companies constrained in time and resources can’t afford to deal with complicated and expensive licensing models. However, these organizations should not have to settle for less capable solutions simply because they can’t invest on enterprise-level products. With enterprise-class deduplication and streamlined backup and recovery management, vSphere Data Protection Advanced is the most cost-effective backup solution.
Licensing unit – vSphere Data Protection Advanced is licensed per CPU.
What this means to customers
  • Protect as many VMs as needed on properly licensed vSphere hosts.*
  • Deploy virtual appliances as needed at no additional charge (up to 10 per vCenter Server instance).
  • No charge for the agents deployed throughout the environment – they are included with the solution.
  • No need to perform complicated calculations to forecast backup storage capacity as in “per TB” licensing models.
Licensing vSphere Data Protection Advanced is as simple as matching the number of vSphere licenses in the environment.
*Actual limit in the number of VMs that can be protected is dictated by the technical scalability limitations of the solution.

Friday, March 15, 2013

Enterprise File Sharing Challenges?

Syncplicity breaks down barriers of File Sharing and Large Attachments in the enterprise. Streamline information access to help teams collaborate, whilst making corporate information sharing more secure. Syncplicity is the only online file sync and sharing solution designed for enterprise scale with the simplicity of the best mobile apps.

Available as-a-service for small to medium business or as an on-premise solution to be deployed for large enterprise.


Allow users to work the way they want.
Automated file sync and backup features, one-click file sharing, and access to files online and offline across multiple devices, platforms and cloud applications.
Enhance control and protection of corporate data assets, with the ability to set, monitor and manage file access and sharing policies to secure corporate data.
With no hardware required and a one time set up that happens in minutes, Syncplicity is fully equipped to usher your organization into a new age of file management.



Solve your mobile access challenge

Say yes to BYOD and the devices your users demand. Say yes to file sharing and collaboration. Say yes to Syncplicity, true file sync, that puts the right content everywhere it belongs, from desktops to laptops to mobile devices, with complete enterprise visibility and governance.

The IT tools and visibility you need

Smart policies and intuitive tools make it easy to secure, protect, and deploy enterprise-wide file sharing. Inside or outside the firewall with complete transparency and control.

Reduce risk and maintain compliance

Syncplicity understands the range of requirements our customers face and how to match our product to your security architecture. Choose a full cloud-based deployment or keep the storage layer on-premise for complete control.






SYNCPLICITY DELIVERS:

Frictionless User Experience

Get a complete solution for file sync and sharing that users will love.
  • No extra steps— save files and access them anywhere
  • Access files online or offline from your mobile device of choice
  • Share files with just a click

Industry-Leading IT Security and Controls

Syncplicity gives IT all the features and tools they need to secure, protect, deploy, support and monitor file sync and sharing throughout their business.
  • Use Active Directory or SAML-based authentication
  • Set policies for sharing and file retention
  • Deploy at scale
  • Manage accounts and devices
  • Gain visibility with usage and audit reports

Storage Flexibility and Compliance

Gain ultimate control over file storage by choosing cloud or on premise storage.
  • Syncplicity cloud storage utilizes SSAE-16 SOC2 audited data centers and features 99.999999999% data resiliency
  • Choose to store files "on premise" with EMC Isilon Scale-Out NAS or EMC Atmos Object Storage (Enterprise Edition Only)— Your files never reside within our data centers

    Compliments of EMC Corporation.


“With Syncplicity, we finally have a solution that solves all the headaches of managing, sharing, backing up and syncing files. And we’ve reduced our infrastructure costs by 65% and reduced support tickets 75%.”
Brandon Gage

Saturday, January 26, 2013

Passwords are never enough...


Passwords date back to the ancient cities of Babylon, when the Roman Army used "watchwords" to identify friendly soldiers...

In 431BC, Greece declared war against Sparta and the Peloponnesian War ensued, by 415 BC, Athens dispatched a massive force to attack Syracuse, Sicily. The Greeks landed with some 5,000 troops. Syracusae, seemed certain to fall, but the attack failed disastrously.

A chaotic nighttime battle took place. Greek forces were scattered, while attempting to regroup they began calling out their watchword. Their foe, the Syracusans, picked up on the "watchword" and passed it through their ranks, infiltrated the Greek troops and destroyed the entire army.

The Peloponnesian War reshaped the ancient Greek world. Athens fell and Sparta was established as the leading power of Greece. The economic costs of the war were felt all across Greece; poverty became widespread in the Peloponnese, while Athens found itself completely devastated, and never regained its pre-war prosperity.
To put this story into context, the concept of a password is 2,444 years old. Yet they are still used today,  as the primary means of identifying you as "friendly" and providing access to your data.
You might have personally experienced this same ruse, through a hacked account or stolen password. Companies on the other hand, like Athens, can be financially crippled by such attacks.


So who's to blame? Who invented the computer password?

52 years ago, researchers at MIT developed the computer password, to secure users files and time-share privileges on the CTSS computer.
In the mid-1960s, researchers at the Massachusetts Institute of Technology, built a massive Compatible Time-Sharing System (CTSS) computer.

The passwords used were small and easy to store, given the very limited storage space at the time.

In 1962, one of the researchers looking for a way to increase his time allocation, simply printed out all of the passwords stored in the system. Each researcher was allocated a quota of 4 hours per week, but that wasn't enough time to complete complex research simulations. Using different usernames and passwords allowed them to gain more time to complete complex operations.

MIT researchers, didn’t really care too much about security. CTSS subsequently became one of the first computer systems to be hacked. In 1966, a software bug garbled the systems welcome message and master password file, anyone who logged in was presented with the entire list of usernames and passwords.


What are the consequences of poor password security?


A famous example, is that of technology journalist, Mat Honan. Who's digital life, was completely erased in the space of just one hour.

"First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook."


So how do we defend ourselves against such attacks?



4,000 years ago man invented the lock, it secured elements of the Khorsabad Palace in Egypt.
The oldest known lock was found by archeologists in the Khorsabad palace ruins near Nineveh. The lock was estimated to be 4,000 years old. It was a forerunner to a pin tumbler type of lock, and a common Egyptian lock for the time. This lock worked using a large wooden bolt to secure a door, which had a slot with several holes in its upper surface. The holes were filled with wooden pegs that prevented the bolt from being opened.


How can you protect yourself and your organizations?


At Khorsabad Palace, multiple layers of defense protected the citizens; city walls, gates, locks and guards.

When it comes to protecting your organization, a layered approach to information security will provided, the best defense against an attack.


Some layers of defense include: 


Two-factor Authentication
Thinking about the failures of the "password" system, RSA, the security division of EMC, developed two-factor authentication systems. Revolutionising the way a friend or foe could be identified.

By requesting a password (something you know) and a token code (something you have), this provides two factors of authentication. Two-factor overcomes the issues associated with compromised passwords, as the foe would still lack the "something you have" code to be identified.

What would this have meant to the Greeks in the Battle for Syracuse? A victory. Even if the Syracusans had the Greek password, they would have failed the of 2nd factor authentication, the request of the soldiers individual token code, leading to an immediate recognition that they had been infiltrated by their foe.

RSA Authentication Manager Express, takes things to the next-level with two-factor authentication, that offers on-demand SMS tokens and Risk-Based authentication. Seamlessly deployed for SSL VPNs, Web Portals and Citrix/VMware thin-clients, without the provisioning process traditionally associated with two-factor hardware or software tokens.

The key differentiator is the Risk Based Authentication engine, which differentiates and authenticates users based on their device (what they have) and behavioral profiles (what they do). RSA has many years of experience delivering this technology to over 250 million users in on-line banking applications, and has now adapted it for use in the enterprise.
 


Security Analytics
A revolutionary way to look at the security of an organisation. Security Analytics (formerly NetWitness) is a network security monitoring platform that provides organisations with situational awareness of everything happening on the network, to solve a wide range of information-security challenges.

Visualize application and user content in a revolutionary way, with powerful analytics enabling the security professional to zoom in and out of collected traffic using body gestures, fingers on a multi-touch device. If the thought of standing around the office monitoring security with body gestures puts you off, it will work with any traditional mouse.

Drill down with Tom Cruise, Minority Report like visualization, to see network traffic and events, as they transpired over the course of time. Try the live Visualization demo at: http://visualize.netwitness.com/

  • Achieve Pervasive Visibility: Obtain situational awareness into the content of all network traffic and discrete behaviour of entities operating across the network.
  • Detect Advanced Threats: Identify insider threats, zero-day exploits and targeted malware, advanced persistent threats, fraud, espionage, data exfiltration, and continuous monitoring of security controls.
  • Obtain Actionable Intelligence: Perform real-time, free-form contextual analysis of network and log data captured and reconstructed by the NetWitness network security monitoring platform.
  • Increase Security Operations Center Agility: Leverage the scalability and powerful analytics of the NetWitness platform to automate processes, reduce incident time, and adapt to changing threats.



Governance, Risk & Compliance Systems
Build an efficient, collaborative enterprise governance, risk, and compliance (eGRC) program across IT, finance, operations, and legal domains. With Archer eGRC modules, you can manage risks, demonstrate compliance, and automate business processes.

  • Building Your GRC Program: Archer enterprise governance, risk, and compliance allows you to manage the lifecycle of corporate policies, assess and respond to risks, and report compliance with internal controls and regulatory requirements across your enterprise.
  • Tailoring GRC: Enable business users to configure Archer eGRC according to your organization’s unique governance, risk, and compliance processes through point-and-click configuration—no custom code required.
  • Expanding Your GRC Program: Easily create new solutions with the Archer eGRC platform or download applications created by risk and compliance experts from Archer eGRC Exchange.
  • Using GRC Content Library: Take advantage of RSA’s comprehensive knowledge base of eGRC content which includes premapped policies, control standards, procedures, authoritative sources, and assessment questions.
  • Reporting and Dashboards: Gain a current view of your eGRC activities through Archer reports and dashboards, which provide users at every level with the information they need to complete tasks and make informed decisions.


Data Loss Prevention
Data Loss Prevention (DLP) systems provide a policy-based approach to securing data in data centers, networks and end points, enabling organizations to discover and classify their sensitive data, educate end users, ensure data is handled appropriately, and report on risk reduction and progress towards policy objectives.

The RSA DLP Suite reduces the total cost of ownership with high scalability, automated data protection services, and the most extensive data policy and classification library available in the industry. Improve security by protecting the tenant’s confidential data, such as intellectual property, product roadmaps, and company financials. Facilitate compliance by securing customer records and other sensitive data as required by regulations and standards.


Data Loss Prevention Networks
Data Loss Prevention (DLP) networks identify and enforce policies for sensitive data transmitted through corporate e-mail (SMTP), webmail, instant messaging, FTP, web based tools (HTTP or HTTPS), and generic TCP/IP protocols.

Key Features
  • Depth of policy and classification library increases ROI by eliminating the need to fine tune policies and helping organizations realize the value of their DLP deployment more quickly.
  • Comprehensive support for numerous protocols dramatically reduces risk exposure.
  • Retention of end user actions logs helps administrators simplify the compliance process.
  • Numerous automatic and manual remediation options allow organizations to customize policy responses based on varying levels of risk.
  • RSA DLP Network provides deep visibility into network policy violations by sender, recipient and content type.