Professional Documents
Culture Documents
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
Backup to
the Cloud
NetApp Special Edition
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
For general information on our other products and services, or how to create a custom
For Dummies book for your business or organization, please contact our Business
Development Department in the U.S. at 8774094177, contact info@dummies.biz, or visit
www.wiley.com/go/custompub. For information about licensing the For Dummies brand
for products or services, contact BrandedRights&Licenses@Wiley.com.
ISBN 9781119149903 (pbk); ISBN 9781119 149910 (ebk)
Manufactured in the United States of America
10 9 8 7 6 5 4 3 2 1
Publishers Acknowledgments
Some of the people who helped bring this book to market include the following:
Project Editor: Jennifer Bingham
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
Introduction
Foolish Assumptions
Its been said that most assumptions have outlived
their usefulness, but Ill assume a few things
nonetheless!
I assume you have at least a basic understanding of
dataprotection concepts specifically, backup and
recovery and cloud technologies.
I also assume that youre a technical decision maker,
such as a chief information officer (CIO), VP, or director of infrastructure. Or perhaps youre a storage/
backup manager or administrator or a cloud or enterprise architect for a midsize business or a large
enterprise.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
2
Finally, I assume that youre evaluating backup solutions for your organization.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
Chapter1
4
Clearly, these three priorities are closely related, and
storage technologies play a central role in any associ
ated strategic initiatives.
Over the past decade, data theft has become the pri
mary objective of cybercriminals seeking to exploit
sensitive financial or personal data. Robust storage
platforms that protect the confidentiality, integrity, and
availability of critical data are a must for every
organization.
Disaster recovery (DR) and business continuity (BC)
and therefore data backup and recovery are basic
building blocks of an information security strategy. But
traditional backup and recovery cant keep up with the
requirements of organizations today. Traditional
backup and recovery strategies have the following
problems:
Too slow: Users expect instant recovery and mini
mal data loss, but legacy backup and recovery
technologies cant keep pace. As a result, many
organizations fail to meet backup and recovery
windows as data footprints grow, while bandwidth
and throughput stay the same.
Too expensive: As data storage needs grow, com
panies struggle with the rising cost of protecting
that data. Research by IDC shows that the emer
gence of wireless technologies, smart products,
and other factors contribute to worldwide data
growth, with volume expected to multiply tenfold
between 2013 and 2020. Meanwhile, storage and
backup budgets remain flat and bandwidth costs
and constraints become more acute with larger
datasets.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
5
Too risky: Legacy technologies increase risk
exposure. Many organizations still rely on tape,
increasing risk due to lost or damaged tape media
during use, handling, and transport. Tape can
also lead to increased downtime and data loss,
and reduced ability to test DR procedures.
Managing data growth requires strategies that use
innovative data storage technologies including com
pression, deduplication, encryption, and replication.
CloudIntegrated Data
Protection
For IT organizations struggling with data backup and
recovery, the sheer number of available data protec
tion strategies and technologies can be overwhelming.
Disk, tape, backupasaservice (BaaS), and backup to
the cloud are all viable technologies for data protec
tion. For most organizations, a hybrid architecture
makes the most sense.
6
provide many benefits over directtotape strategies,
including
Minimizing backup windows by taking advantage
of faster diskbased technology
Supporting stringent recovery time objectives
(RTOs) and service level agreements (SLAs) using
faster diskbased technology, and stringent recov
ery point objectives (RPOs) using snapshots and
transaction logs, for example, to enable more fre
quent backups
Supporting data deduplication to help control
data growth and improve efficiency
Enabling faster data restores with random access
to data (compared to sequential access in tape
based systems)
Lessening wear and tear on tapebased systems
(when used in disktotape, or D2T) by reducing
thrashing between production systems feeding
data to backup media servers and tape libraries
7
data protection strategy isnt necessarily practical. For
example, organizations that have longterm data
retention requirements spanning many years even
decades found their only viable option was
archiving to tape. Today, many organizations still
struggle with legacy implementations in spite of well
documented problems with tape storage systems,
including the following:
Failed backups: Tape systems are susceptible to
drive failures, media failures, and missed backups
due to a combination of data growth and s hrinking
backup windows.
Lengthy restore times: It can take days or weeks
to restore data from tapes stored at an off-site
location.
Data security: Tapes can be lost or stolen when
transported off-site for storage. The loss of unen
crypted tapes can trigger requirements for public
disclosure and result in substantial penalties.
Data loss: Mislabeled tapes, lost tapes, and media
failures can all result in the loss of critical data.
High management costs: The time required to
manage physical tapes, resolve failed backups,
and manage restore operations increases as the
amount of backup data increases.
Understanding BackupasaService
BackupasaService (BaaS) can be a viable data protec
tion option for smaller organizations that arent subject
to stringent regulatory requirements, or for backing up
end-user devices in a bring-your-own-device (BYOD)
environment.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
8
Contrary to what you may have heard, many BaaS
offerings are designed and marketed as consumer
oriented products rather than enterprise solutions, and
therefore may have the following drawbacks:
Not optimized to handle large volumes of data
Insufficient security safeguards to meet regulatory
requirements
Inadequate governance and custodianship of data
Dont ensure minimally acceptable SLAs in the
event of a disaster
Although BaaS can be a useful component in your
backup strategy, committing your entire data protec
tion strategy to BaaS can have major pitfalls, including
the following:
Vendor lockin: Your BaaS provider may store
your data in a proprietary format, making it
difficult to switch providers later.
Migration costs: Moving to BaaS requires
replacing the backup agents on all of your
systems with your providers agents. Youll also
have to recreate backup job schedules and
retrain IT staff. If you move to a different BaaS
provider later, youll have to rinse and repeat.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
9
disktocloud (D2C) solutions that send a copy of data
directly from a production server to the cloud.
A typical backup-to-the-cloud architecture uses on
premises backup components (including backup soft
ware, media servers, server agents, and backup disk
targets) to provide the first tier of backup and recovery
capability, and replicates backup data to the cloud in
order to provide the second tier of backup and recov
ery capability for off-site disaster recovery and
archiving.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
10
Low cost backup storage: The cost for cloud stor
age has dropped to an average of less than 2 cents
per gigabyte per month, making backup to the
cloud a very cost-effective solution and enabling
organizations to forgo capital investments in
expensive backup storage.
Enhanced security: Security was once the pri
mary concern of organizations considering a
cloud strategy. Today, many cloud service provid
ers have better security safeguards in place than
some of the organizations that they serve!
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
Chapter2
Choosing an Appliance
In This Chapter
Backing up to the cloud
Getting physical with backups
Going virtual
Understanding cloudbased appliances
12
Looking at AltaVault
Virtual Appliances
AltaVault Virtual Appliances for Microsoft HyperV and
VMware ESX are good solutions for mediumsized businesses getting started with cloud backup. They also
work well for enterprises that need to protect branch
and remote offices with the same level of protection
they require in the data center.
AltaVault virtual appliances offer the flexibility of deployment onto heterogeneous hardware, while still providing
the features and functionality of hardwarebased
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
13
appliances (discussed in the previous section). AltaVault
virtual appliances can be deployed onto VMware or
HyperV hypervisors, giving you flexibility to choose the
hardware that works best for your organization.
AltaVault virtual appliances include the AVAv8,
AVAv16, and AVAv32. All models support VMware
and HyperV hypervisors, and customerprovisioned
RAID protection levels.
Understanding AltaVault
CloudBased Appliances
For organizations that need additional off-site protection, cloudbased NetApp AltaVault appliances on
Amazon Web Services (AWS) and Microsoft Azure offer
lowcost, cloudbased data recovery. Data is backed up
at the primary site using onpremises AltaVault physical
or virtual appliances. If the primary site becomes
unavailable for any reason, you can quickly recover your
data directly from a cloudbased AltaVault appliance.
If you have production workloads running in the public
cloud, cloudbased AltaVault appliances offer an efficient and secure option for backing up these workloads. Using your existing backup software, AltaVault
cloudbased appliances deduplicate, encrypt, and rapidly back up cloud applications directly to longterm,
lowcost cloud storage.
In both cases, usagebased payasyougo pricing allows
you to only pay for what you use.
Data is deduplicated, compressed, and encrypted onto
the AltaVault physical or virtual appliance, which
caches recent backups locally and vaults older backup
copies to the cloud (see Figure 2-1).
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
14
15
FlexClone technology to create spaceefficient copies of
the data. AltaVault can be used in the cloud for long
term backup vaulting or to replace an existing tape tier,
for instance going from disktodisktotape (D2D2T) to
disktodisktocloud (D2D2C).
Leading cloud provider solutions that integrate
seamlessly with NetApp AltaVault physical and virtual
appliances include
Public cloud
Amazon (Glacier and S3)
AT&T Synaptic Storage as a Service
CenturyLink
Dunkel Cloud Storage
EVault LTS2
Google Cloud Platform
IBM SoftLayer Object Storage
Microsoft Azure
Rackspace
Swisscom
Telefonica
TELUS
Verizon Terremark
Private cloud
NetApp StorageGRID Webscale
Cleversafe
Cloudian HyperStore
EMC Atmos
OpenStack Swift
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
16
Financial services firm implements AltaVault
to optimize backup process
A technologyfocused proprietary trading firm built on
applied technology is using the latest in innovation to solve
problems in the financial markets. The firm deployed Amazon
Glacier and NetApp AltaVault to leverage key technologies
including backup, cloud storage, encryption, and
deduplication.
Challenges
Data storage process involved managing and storing
tapes, which was time-consuming
Wanted to better utilize the talents of the IT team
Results
40 hours a month were reclaimed by the IT team to focus
on new strategies and systems
Annual archival storage cost reduced by 96 percent
Twoyear return on investment (ROI) for AltaVault appliance, including cloud storage costs and $500,000 potential cost avoidance by eliminating a costly storage area
network (SAN) upgrade
85 percent dataset reduction with deduplication
Restores in minutes (from AltaVault cache) or four to five
hours (from Glacier), versus two to three days with tape
For more details go to
spottrading.
www.netapp.com/
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
Chapter3
and choice
Efficient
Efficiency is the first AltaVault pillar. AltaVault uses
inline deduplication and compression, resulting in significant data reduction ratios this means you store
less data in the cloud and can get it there faster.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
18
Over three years, AltaVault with a public cloud
backend can save you money compared to
competitor diskbased appliances and tape.
Other efficiency features and benefits of AltaVault
include the following:
Network and cloud optimization
Builtin WAN optimization and deduplication
reduce the amount of data transported to the
cloud and speed transfer times.
AltaVault intelligently throttles data, which can
save you time (and money).
Quality of Service (QoS) ensures that data is
correctly prioritized to move to and from the
cloud at the speed your business requires.
Restore data faster
Shrink backup windows with faster ingest
performance.
AltaVault improves recoverability with file
restores occurring from local cache.
Intelligent prefetching enables AltaVault to
restore data from the cloud within minutes.
Organizations can restore data much more
quickly with AltaVault compared to tape.
Open
The second pillar of the NetApp AltaVault solution is
an open architecture that enables seamless integration
of the cloud into enterprise backup strategies.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
19
Although open is often used in the world of
technology to refer to open sources software,
NetApp uses it to refer to open integration
into other platforms.
Advantages of the AltaVault open architecture include
the following:
Flexible deployment and scale
Choose the offering that is right for your organization: physical, virtual, or cloudbased
appliances.
AltaVault appliances start from 8 terabytes and
scale up to 57 petabytes of protected data in
the cloud.
Compatible with your existing backup software
Love your backup software? So does AltaVault!
AltaVault is compatible with the majority of
leading backup and archiving software solutions, including EMC, Veritas, IBM, and
CommVault.
Dont waste time and effort ripping and replacing your backup software and retraining IT
staff.
Offers cloud choice and agility
Pick a cloud, any cloud, and AltaVault likely
supports it. AltaVault supports most of the
leading cloud providers and platforms on the
market today.
Keep your data mobile with AltaVault cloud
agility, which allows you to migrate your data
from one cloud provider to another, as
necessary.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
20
Secure
AltaVault keeps your backup data secure with security
features that enable you to do the following:
Encrypt data inflight and at rest
Ensure that data at rest is safe using AES
(Advanced Encryption Standard) 256bit encryption, compliant with FIPS (Federal Information
Processing Standards) 1402 Level 1.
Protect data inflight with industrystandard
SSL (Secure Sockets Layer) or TLS (Transport
Layer Security) encryption with keys managed
locally by your IT security department.
Control your data
Restrict access to backup data on AltaVault to
authorized personnel using rolebased access
controls and integration with TACACS (terminal access controller access control system)
and RADIUS (remote authentication dialin user
service).
Use the management ACL (access control list) to
secure the appliance by exposing only the necessary protocols, ports, and networks needed.
Minimize recovery time and data loss
Reduce RTO and meet SLAs by restoring files
from locally cached backups on the AltaVault
appliance.
Improve RPO by immediately replicating data
off-site so that recovery points are as recent as
your latest backup, rather than the last time
tapes were shipped off-site.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
21
Improve disaster recovery
Recover onpremises workloads in the cloud
during DR tests or declarations with AltaVault
cloudbased appliances in AWS and Azure.
AltaVault is already protecting more than
150petabytes of customer data in the cloud
today.
Simple
AltaVault offers simplicity in design and operation to
help streamline deployment and management of your
backup architecture. The simplicity of AltaVault
enables organizations to do the following:
Deploy faster
Get up and running with AltaVault in less than
30 minutes. In three simple steps, you can start
sending data to the cloud.
Accelerate your cloud storage onramp with
rapid deployment and faster data transfers.
Manage smarter
Reduce tape management overhead and
manual tasks that are error prone and time
consuming.
Perform remote monitoring and management
from a GUIdriven management dashboard.
Allocate valuable employee resources to other
projects.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
22
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
Chapter4
Backup Software
NetApp AltaVault appliances are purposebuilt for
backup and archive applications. Through integration
with many of the leading backup, database, and virtual
backup solutions, AltaVault offers a lot of flexibility for
organizations that want to leverage their existing
backup software in a cloudintegrated backup strategy.
AltaVault looks to provide optimal data transfers based
on the unique methodologies of the backup applica
tion. For example, Commvault Simpana inserts tape
markers into its backup streams. This can impact data
deduplication performance if not handled correctly by
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
24
the deduplication engine. Similarly, Veeam Backup and
Replication uses specific data read routines when per
forming vPower based virtual machine (VM) recovery
operations.
Public Cloud
Reliably offloading backup data to a public cloud is
critical to any cloud storage gateways success.
AltaVault appliances optimize data transfer to public
clouds, while providing users with options to throttle
bandwidth use, and scheduling when transfers can run.
AltaVault data transfer is done using cloud provider
APIs (application programming interfaces), which are
typically HTTP/REST (hypertext transfer protocol/
representational state transfer) based protocols. These
protocols are designed for multisession ingests of small
data segments. The data segments are then stored col
lectively in a single target location (commonly referred
to as a cloud bucket).
AltaVault networking parameters have been carefully
tuned to optimize throughput with each supported
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
25
cloud provider. AltaVault allocates multiple threads to
transmit data to and from the cloud provider, based on
networking performance, the data in the queue, and
the cloud provider selected.
Transactions are batched together for maximum
throughput and efficiency of the threads. Objects sent
to the public cloud provider are typically anywhere
from several kilobytes up to a few megabytes in size. In
the event of a problem with a data object, transfers will
automatically pause and alert the user that the appli
ance was unable to maintain connectivity to the cloud
storage bucket.
Private Cloud
For organizations that dont use the public cloud
(either because they cant or dont want to), AltaVault
integrates with many private cloud object storage
solutions, including NetApp StorageGRID Webscale.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
26
Private or hybrid cloud infrastructures can provide
efficiency and security for your data protection
strategy.
A combined NetApp StorageGRID Webscale and
AltaVault solution is one example of a private cloud
infrastructure that enables organizations to efficiently
store, manage, and retrieve their data.
NetApp StorageGRID Webscale is a scalable, software
defined object storage solution for large archives,
media repositories, and web datastores. StorageGRID
Webscale combines more than ten years of production
deployments with intelligent policy-driven data man
agement to create an enterprisegrade, highly scalable
object repository built for the hybrid cloud.
You can connect the AltaVault appliance and
StorageGRID Webscale over a WAN or LAN. Either
way, the builtin network optimization and deduplica
tion of AltaVault significantly reduce the amount of
data transported and can speed up transfer rates.
The StorageGRID Webscale policy engine provides
automated data placement across storage tiers,
physical sites, and hybrid clouds, according to your
sitebased performance and availability requirements,
and is optimized for cost as your data ages. Realtime
auditing provides continuous and active monitoring for
SLA verification and reporting. Finally, the StorageGRID
Webscale data durability framework ensures data
integrity and accessibility.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
Chapter5
28
Ensure that your retention requirements are current,
relevant, comprehensive, and understood.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
29
location. This is particularly important when
considering a backup-to-the-cloud strategy. Ensure
that you know the legal requirements for your organizations data.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
30
As you start your backup to the cloud initiative, take the opportunity to review your SLA
and retention requirements, and classify your
data appropriately.
These materials are 2016 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use
is strictly prohibited.
These
Thesematerials
materialsare
are2016
2016John
JohnWiley
Wiley&&Sons,
Sons,Inc.
Inc.Any
Anydissemination,
dissemination,distribution,
distribution,ororunauthorized
unauthorizeduse
use
isisstrictly
strictlyprohibited.
prohibited.