Veritas U-Connect Hackathon 2023

1. What is the Event Name – U-Connect Hackathon

2. How many phases the event is conducted - 2 phases
3. What are the 2 phases of the event –
a. The teams need choose any one theme from the options.
b. They need to work on their ideas, solution implementation and approaches.
c. Represent their work with PPT templet and share it back in the given link.
d. Top 10 teams will be invited at Veritas Campus on 4th March 2023, Saturday.
e. The detailed briefing will be delivered to the top 10 teams by Veritas team
members virtually in the last week of Feb 2023.

4. If I get shortlisted, what should I carry in the Veritas Campus – My Own laptop,
charger, Bag, College ID card, Govt. approved photo ID, Covid -19 Vaccination certificate
etc.
5. Whom can I approach for any quires- you can reach out to your college POC for any
quires then then the POC will reach out to us.
 Theme details and probable problem
statements

1. Protection in the cloud world

Protection of assets which reside in the cloud environment wherever they are located. The
data can be part application data which is hosted as a SaaS service, or it can be persisted as part
of storage maintained in cloud, or database instance which is running as PaaS service and
serving different applications. It can be at rest or in motion and managed internally by cloud
admins or third party.

Useful links –
https://www.veritas.com/information-center/data-protection-in-the-cloud

https://www.zscaler.com/resources/security-terms-glossary/what-is-cloud-data-protection

https://cloudian.com/guides/data-protection/data-protection-in-the-cloud-challenges-and-
best-practices

Q: What are different types one can look at protection of data in cloud ?
A: Data is critical and protection involves ensuring integrity, availability and accessibility. So one
can think on lines how will I ensure right people have access ? Authentication and identity,
access control. On the same line data is not leaked or exfiltrated , so encryption, secure
deletion, integrity checking, and data masking . Thirdly it is not accidental or intentionally
deleted by malwares, which requires making secondary copies on DR sites, data redundancy
and secure cybervault etc.

Q: Why is protection in cloud necessary?

A: With cloud-based data storage, security misconfigurations can leave data exposed to
unauthorized access and potential data breaches. Cloud data protection is vital to ensuring that
cloud-based data is properly secured against a potential breach. Additionally the cloud service
provider has limited control over application when it comes to SaaS and PaaS deployment
models.

Q: what type of protection can be applied in Cloud?

A: Cloud Providers provide different types of services IAAS, PAAS and SAAS. Based on the
services used, one must think of applying protection for that particular service. Example, in case
of IAAS, one must try to take the snapshots of the disks to protect the data or in case of PAAS
one must protect OS metadata, user configurations along with the underlying disk, etc.
Q: What can be done to achieve date protection ?
A: Since the resource creation/deletion is very frequent in cloud, organizations need to
Automate the protection of configurations and data. There needs to be a policy driven strategy
to protect various resources in the cloud including disk, VM's, snapshots, cloud native
applications along with their metadata.

Q: How to protect cloud resources ?

A: Every cloud provider provides way (API driven) way to protect and restore there cloud
resources, one can make use of these options to protect the cloud resources along with few
intelligence built on top of these APIs to protect PAAS and SAAS applications.
 2. Application backups and Restores

Backup and restore of applications without data loss Or minimal data loss

Q: Why backups are needed?

A: To provide protection against data corruption, accidental deletion, malwares ransomwares

Q: Why application backups ?

A: The applications needing high availability, resiliency need backup to support the same even though
there might be disaster recovery in place. This help mitigate threats like data corruption, migration,
regulatory compliance, meeting SLA's, help test and dev etc.

Q: Types of backups?
A: Full, Clone, differential, Incremental, Change block tracking(CBT), Snapshot or Redirect on write

Q: Which applications need to be considered for backup?

A: Any organization running mission critical applications like databases application, cloud native apps,
SaaS applications, Kubernetes based applications etc.

Q: What is application consistent backup ?

A: The backup copy from which application can be completely restored to the time when the backup
was created. Using this backup copy organizations should be able to run the application seamlessly.

Q: What kind of content need to be considered for restore from the application?
A: Application metadata, configurations, app/user data and application creds.

Q: How to have application consistent backup?

A: Generally mission critical applications provide libraries, SDK, API's, utilities to take the consistent
backups. These hooks can help quiesce the application or perform snapshot which can be used for
further backup. Some applications also provide ways to backup themselves.

Q: Restore from application backups?

A: The application can understand the backup and can help perform full or partial backups. For example
mysqlbackup (mysql) and pgdump (postgresql) can help perform full or partial restores
 3. Data protection in Kubernetes

Initially K8s applications were simple and stateless. As complex enterprise applications for eg.
Databases need to persist data, K8s has evolved to support stateful applications.
It is imperative for Enterprise applications to be resilient to ransomware and malware.
So, the next step in the evolution is to provide a K8s native way to perform Data Protection.

Q: What is an example solution for Enterprise Data Protection in Kubernetes?

A: https://www.veritas.com/content/dam/www/en_us/documents/solution-
overview/SO_data_protection_foundation_for_containers_V1456.pdf

Q: What is current state of Data Protection support in Kubernetes?

A: https://github.com/kubernetes/community/blob/master/wg-data-protection/README.md
 4. Cloud Native Storage

Storage which is designed for use in a Cloud Native infrastructure like K8s. They display features
like Availability, Scalability, Durability, API based management, Storage Performance.
Cloud native is a new paradigm for developing and operating software applications, including
technology trends like cloud computing, containerization, serverless, and microservices. Cloud-
native storage is a storage technology designed for use in a cloud-native environment. A cloud-
native storage platform provides data management for stateful applications, and provides
solutions to ongoing data storage challenges in cloud-native environments based on
Kubernetes or other cloud native infrastructure.

Useful links -
https://github.com/cncf/tag-storage/blob/master/CNCF%20Storage%20Whitepaper%20V2.pdf

https://cloudian.com/blog/understanding-cloud-native-storage/#keycharacter

https://github.com/container-storage-interface/spec/blob/master/spec.md

Q: What is Cloud Native?

A: Cloud native is a new paradigm for developing and operating software applications, including
technology trends like cloud computing, containerization, serverless, and microservices.

Q: What is CSI?
A: “Container Storage Interface” (CSI) is an industry standard that will enable storage vendors
to develop a plugin once and have it work across a number of container orchestration (CO)
systems.
 5. Ransomware Resiliency

The threat of ransomware attacks is a top concern for businesses of all types and sizes.
Ransomware attacks have become commonplace with cybercriminals continuously evolving
and creating new, more sophisticated ways to deliver attacks. With demands becoming
excessive and the risk of data loss increasing, an advanced multi-layered resiliency strategy is
needed to help ensure that your IT services are secure, resilient, and recoverable while
providing the smooth user experience that your end users expect. Businesses today have to
navigate economic crises, global pandemics, shifting regulations, malware and ransomware.
Ransomware is big business and attackers are relentless in their pursuit to develop new,
creative ways to infiltrate corporate networks and IT environments to seize data and hold it
hostage. The key is to be resilient and be able to restore your on-prem or hybrid infrastructure
quickly at scale. What’s worse, attackers are becoming increasingly sophisticated in their
tactics. They’re becoming more organized, continually evolving creative techniques to get past
even the most vigilant frontline security. You can’t escape the inevitable—it’s a really a matter
of when, not if.

Useful links –
https://www.veritas.com/content/dam/www/en_us/documents/white-
papers/WP_ransomware_resiliency_strategy_V1551.pdf

https://www.veritas.com/blogs/realize-ransomware-resilience-with-netbackup
 6. Upselling in subscription based licensing model

In subscription-based licensing models, customers are typically making recurring payments.

Hence, cross-selling and upselling are important in a subscription licensing model because they
can help increase recurring revenue for the company by encouraging customers to purchase
additional products or services, or to upgrade to a higher-priced subscription.
This can also improve customer loyalty and satisfaction by providing them with more value and
a better overall experience. Additionally, cross-selling and upselling can help to offset the
potential loss of revenue from customers who cancel their subscriptions. This means that if a
company can successfully cross-sell or upsell to an existing customer, they can generate
additional revenue from that customer over time, thereby increasing the lifetime value of the
customer.
Lastly, cross-selling and upselling in subscriptions can also be a way to increase customer
retention. If a customer feels that they are getting good value from their subscription and that
the company is providing them with relevant, valuable products or services, they are more
likely to continue their subscription, eventually preventing any customer churn. Overall, cross-
selling and upselling are important in a subscription licensing model because they can help
increase revenue, improve customer loyalty, and satisfaction. It can also help to offset the
potential loss of revenue from customers who cancel their subscriptions. Business that continue
to grow their recurring revenue by successfully employing cross-sell and upsell command higher
business valuations from their investors.

Q: What is Cross-selling?
A: Cross-selling is the practice of encouraging customers to purchase related or complementary
products or services in addition to the item they are already buying. For example, a customer
who is purchasing a subscription to a software program might also be encouraged to purchase
additional training or support services. This can help to increase revenue for the company by
providing customers with more value and a better overall experience.

Q: What is upselling?
A: Upselling is the practice of encouraging customers to upgrade to a higher-priced subscription
or product. For example, a customer who is currently subscribed to a basic plan might be
encouraged to upgrade to a premium plan with additional features or benefits. This can also
help to increase revenue for the company and provide customers with more value.

Q: How is cross-selling and upselling done?

A: Both cross-selling and upselling can be done through various sales motions means like email,
in-app messaging, personalized offers, discussions, and more.