2/13/2012
Computerworld - IT managers weighing the pros and cons of picking either an upcoming Windows on ARM (WOA) tablet or an x86-based Windows 8 tablet still face a number of unknowns.
Many analysts assume that WOA tablets will cost less, be lighter and have a longer battery life than an x86- or x64-based tablet from Intel or AMD. But Microsoft has also made it clear that legacy Windows-based apps, widely used in enterprises, won't work without being updated to run on a WOA tablet. (WOA models are expected to be out late this year.)
Given that issue, does buying a WOA tablet make sense? Ultimately, it depends on how users -- or the IT staffers deciding on tablets for workers -- plan to use a Microsoft tablet: Will it be more like a traditional computer that generates information or as a consumption device -- a kind of "glass window to look into apps?" as analyst Jack Gold at J. Gold Associates put it.
To sort through some of those issues, here are a few points to keep in mind:
Won't a WOA tablet's up-front cost be cheaper than an X86 or X64 tablet running Windows 8? Analysts see the prevalence of ARM-based chips in tablets already on the market as a sign that they will be cheaper for Microsoft to use in WOA tablets. ARM is widely used now in smartphones, as well as in Android tablets and even the highly popular iPad from Apple.
Just how much hardware savings will be is not at all clear. Gold and IDC analyst Al Hilwa don't envision WOA tablets selling in the $200 range like the Kindle Fire from Amazon, but they figure ARM-based tablets would start at prices below the entry-level $499 cost of the iPad.
Part of the reason for that is because Windows is considered a heavy-duty OS, meaning the processor and memory would have to be powerful -- read more expensive -- than what's seen in many low-cost tablets, Gold said.
But won't WOA tablets have free Office 15 apps like Excel and PowerPoint? If that turns out to be true, then WOA tablets would almost certainly be cheaper than X86 tablets, analysts said. Nobody was ready to venture a guess as to how much cheaper. But given the cost of Office, WOA tablets could be $100 to $200 cheaper per device.
Hilwa believes Microsoft actually means to offer Office 15 apps for free in a WOA computer or tablet; Gold disagreed, saying he would be surprised if Office 15 really comes for free.
In a blog, Microsoft has said that WOA "includes desktop versions of the new Microsoft Word, Excel, PowerPoint and OneNote..., codenamed 'Office 15.'" Hilwa said the word 'includes' means Office 15 will be free with WOA. Microsoft would have used another phrase like "WOA supports" or "WOA will run" if it did not plan to provide the apps for free, Hilwa said.
Hilwa pointed out that he wrote an analyst note on the WOA news that was checked for accuracy by Microsoft. Hilwa's note said, "every WOA device would ship with full versions of...Office 15." Microsoft didn't balk at that wording.
But aren't others saying Office 15 won't be free in WOA? Yes. Gold, for one, said he would be "shocked" if Office 15 is free in WOA. "I can't imagine Microsoft is saying customers would [be able to] buy Office 15 for free, with full-blown Office applications," Gold said. "That cost alone would likely pay for the cost of the tablet hardware."
Does it make sense for Microsoft to give away the family jewels like that, given the value of Office to Microsoft's bottom line? Hilwa sees the idea of a free Office suite in WOA as Microsoft's way of prodding people into buying ARM-based devices since Office is already used by millions of people globally.
Since Microsoft is already late to the touchscreen tablet party, it makes sense to try and pull users away from rival tablets with the promise of Office, Hilwa said. "Given that Microsoft is coming late to the tablet battles, having a differentiated offering such as full PC-style management as well as included Office apps may be critical to the early success of the [WOA] platform with potential users," Hilwa wrote in a note to his IDC clients.
In an interview, Hilwa added that since legacy Windows apps won't run on WOA, customers will need an incentive to move to ARM. Office would be that incentive.
Note: Microsoft did not respond to questions about whether Office 15 will be truly free.
If end users aren't paying for Office 15 apps in WOA, then manufacturers will likely be absorbing that cost, analysts said. Hilwa speculated that having tablet manufacturers cover the Office 15 licensing costs could be synonymous to Apple getting big up-front payments from wireless carriers for the right to sell and subsidize the cost of the iPhone.
"It's going to be fascinating to see how Microsoft monetizes the writing off of the revenue for those Office apps in WOA," Hilwa said.
Back to the hardware: Is ARM is really better, costs aside? Unknown. Gold said it remains to be seen how a WOA tablet will run video and other rich-media applications. But given how ARM has performed thus far in tablets and hundreds of millions of smartphones, it appears to be more power-efficient than what Intel has so far offered.
"WOA has got to run better than all the other tablets on the market, and that includes Android and iPad as they run in six to nine months from now," Gold said.
Even if the hardware's up to par, the fact that existing Windows apps won't run on WOA is a problem, right? No question about it. Companies that need legacy apps based on Windows won't be able to use them on WOA devices without retooling. That means development costs are involved.
"The major disadvantage in picking ARM on a Microsoft tablet would be that big businesses with lots of apps that run on Windows PCs today won't run [those apps] on WOA," Hilwa said. "The businesses can rewrite their apps for WOA, sure. But it's going to be a while before the app portfolio catches up. It gets really complicated."
Gold said some of the compatibility issues are still unknown. "Compatibility of apps with WOA will be the major issue for businesses," he said. "Any old apps running on Windows 7 probably will run on Windows 8 if it's an Intel machine, and probably won't if it's ARM-based. And many companies are still running Office 2007, which is unlikely to run on ARM."
So how do I decide between ARM-based devices and Intel? It boils down to how the tablet will be used, Gold said. "The fundamental question with WOA versus X86 is what does a business want to do with these tablets?"
If the WOA tablet really is cheaper and comes with free Office 15 apps, it could be quite attractive compared to an X86 tablet. In particular, WOA tablets could be popular among outdoor workers and companies seeking rugged, portable hardware because replacement costs could be kept low.
Gold said IT shops need to weigh whether their users are going to primarily generate data on tablets, as they do with traditional laptops, or will primarily use them as consumption devices to watch video and view corporate apps. The latter scenario, he said, would favor a WOA tablet.
"If you are trying to run real corporate applications in the cloud through Citrix, then the tablet can be just a glass window into your app," he said.
That puts the ball in the WOA court.
Still not convinced you know enough about the tablet choice at hand? Given that the devices won't ship until late this year anyway, you've got time to make up your mind -- as soon as Microsoft weighs in with more info.
Article written by Matt Hamblen 2/8/2012
Importance of Recovery > Importance of Backup
Backups aren’t necessarily the issue here. In some cases, mistakes do get made, and some of the data never makes it to backup media. More often than not though, the problem lies with the backups whose data is useless. And data that’s inappropriately captured to backup media is just as unusable towards recovery as data that’s never backed up at all.
It is for this reason that we must focus our attention more on recovery and less on the backup. Yes, it’s important that you’ve got the servers backed up, but, in doing so, you must also think about the recoverability of that backup. How can you verify the recoverability of EVERY backup, EVERY time? Add to it the concept of virtualization and you get complications from all sides. You also get new areas from where backups can be sourced and requiring new strategies in doing the job successfully.
Are you using the right tools to back up your virtual machines? More importantly, do your tools guarantee those VM backups are recoverable across all the types of data they might contain? If you can’t answer these questions with certainty, consider the six recommended action items that follow to help assure your recoverability, and protect yourself from becoming just another story.
Recommendation #1: Evolve past tape backups. Perhaps don’t eliminate them.
Managing backups has never been IT’s most favorite task. It ranks high in the “thankless work” category most of the time, because backup tasks are just activities performed by IT that are assumed by most end users. And with those rare thanks of appreciation also comes an immense risk of failure. Make one mistake at the wrong time, and no previous record of success will overcome the finger pointing that ensues.
Only until recently, part of backups’ thanklessness was concentrated on the relative stagnation in backup technologies. Until just a few years ago, exciting news was rare in the world of backups. What you got were new iterations of tape speeds, maybe new robotics, or occasionally a software update, but certainly nothing that one could call revolutionary.
It took a wholesale shift in backup media to kick off this most-recent round of technological advancement. Evolving backups from tapes’ linear-read/linearwrite roots to the far more powerful random-read/random-write approach disks provide establishes a platform atop which an entirely new generation of technologies has flourished.
There are new technologies that facilitate near-instantaneous recovery, deduplication and compression, backup window elimination, and continuous data protection among others. By merely shifting backups media from tape to disk, we can resolve virtually every stumbling block plaguing this activity in years past.
And equipped with the right software in your environment, you’ll easily find solu tions for many of those long-held problemsRecommendations to Ensure Your VM Backup is Recoverable
First off, consider carefully the investment you already have in equipment like tapes, drives and robots. Disks will serve a powerful function for recoverability when speed is your primary concern, but they accomplish that task partly because they aren’t rotated offsite. However, your policies and regulations might require offsite rotation, and having a second (now) third copy at a different location that protects you against disk failures and site-wide disasters.
Recommendation #2: Back up data as databases
Making the move from disk to tape gets you nowhere if your approach doesn’t evolve with the media. Tape was a powerful tool when backups were mostly file-oriented. You could easily backup a file to tape, and have a second copy for restorability.
Recovering files as part of a backup has become less and less of an issue. Today’s data that’s important for recoverability is less often found in files and more often found inside database-like structures. These structures were never well-suited for tape backups.
While traditional databases like those associated with Exchange, SQL, and Active Directory are “database-like structures”, r ecognize that virtual machines are also like databases. While the files and folders that comprise a VM are no different than those on a physical disk, they are encapsulated into disk files and operate differently than a database. They require quiescence for backup integrity, and extra effort in restoring their contents.
In a virtual environment, this recognition changes the priority for how data should be backed up. Once virtualized, you can still back up your servers just like in the old days, one file at a time. But doing so doesn’t deliver the benefits virtual servers are built for. Back up virtual server disk files like databases, from the perspective of their host and their restorability, are immediately improved.
Additional improvements from this database mindset shift are seen through backups that are captured to disk. A backed up virtual machine disk file becomes a point in time from which changes can be tracked. Subsequent backups need only incorporate changed block tracking to transfer what’s different to disk.
Combine this with deduplication and compression, and your amount of data under management drops significantly.
Recommendation #3: Run VMs from backup files
Shifting to disk used as the primary medium and also the database as the approach introduces powerful improvements in how backed up data is later accessed.
Never forget that virtual machine disk files (at the core) are still simply files on disk. When VMs are powered down, their disk files are little different than Word documents or Excel spreadsheets. Dormant, they’re merely files consuming space. It’s when VMs get powered on that they come alive as a functioning computer that can perform tasks.
This realization introduces the concept that disks used for storing backups could become a place for hosting VMs. With backup disks typically prioritizing density over performance, their speed could be greatly affected, and you certainly wouldn’t want to do this in production. However, you absolutely could for cases where the content required restoration.
The process from a high level isn’t hard to imagine: Some data inside a VM needs restoration. That data might be files and folders, or it might be contained within a database. To get it, just power on the VM from whatever disk files you’ve backed up, and recover the data it contains to the location it needs to go. After that, all you have to do is power down the VM. Task complete. And if you can automate this process with the aid of a smart recovery solution, then the formerly time-consuming process of data restoration becomes a task that’s quickly accomplished.
Recommendation #4: Create virtual labs with “views” of backup data
Now, take this concept even a step further. Now you understand that backups on disk are stored in a database-like fashion. Call it a catalog, or even just a database of changes that have occurred linearly through time and are captured by changed block. You’ve backed up this data frequently, creating snapshots that link data to points of time in the past.
One might assume that the solution creating these database-like backups should also be able to restore them from any previous point. Also understand that the disks storing your backup data have few differences from the disks storing your production data. And because of this, implementing the right solution could expose a “view” of those backups for any previous point in time.
Such a view is obviously useful for restoring data; it provides a static point from which data can be recovered to the production server. With a bit of imagination, that view becomes useful for other reasons as well. For example, a potentially risky operation you’re about to perform on a production VM might first be attempted on its’ backed up disk file. If nothing goes wrong, simply eliminate the view and execute the operation on the production VM.
Views of virtual machines can also quickly create duplicate environments – VM labs that are temporary and “throw-away” in nature. Such a lab proves useful for running tests, simulating loads, or verifying automations prior to their use in production. There is no better regression test than performing it against an exact copy of its production environment. Repeating that test against the very same environment requires little more than refreshing its view back to a previous point in time. This concept adds significant value to what might otherwise be “just a backup solution”, giving you the power to use backed up data for more than just simple recovery. Administrators gain protection from changes gone wrong. Developers gain from the rapid provisioning (and re-provisioning) of assets they’re developing against. IT gets the test lab it has always dreamed about.
Recommendation #5: Isolate VM views
One can automatically assume that resurrecting a VM “view” must be done with a measure of care. Big problems arise when duplicate machines appear on your production network, problems that aren’t easy to solve. Thus, isolating these VMs becomes of absolute importance no matter why they’re brought back.
Creating an unintelligent “air gap” between restored VM views and a production environment does little to enhance the recovery process. You need to construct the isolation in such a way that the right data can pass from protected environment to production. That same isolation must also allow whatever accesses, data or user, to pass into and out of the virtual lab.
Seek solutions that support the creation of VM views, and that also support the intelligent isolation of those views from the production environment. You need a solution that enables the kinds of accesses that bring added value to your backup architecture.
Recommendation #6: Automate backup verification
A final extension of this concept should become immediately obvious as you consider the complete VM recoverability architecture. That extension focuses on a backup task every IT professional agrees must be done, but few actually do on a regular basis: Testing the backups.
You’ve heard it from the experts, the uthors, and the conference speakers all through your IT professional life: “If you don’t test the backups, and you deserve what’s coming.” However, finding the right tools to test those backups—until now--have been insufficient in automating the process. Operationally speaking, how feasible is it to restore servers from tape, validate the success of their restore, and then repeat the process for every computer every few days? Lacking the technologies and tactics discussed thus far, the notion is laughable.
Yet consider how the recommendations here could help create a workflow to meet this requirement. Views of backed up VMs find themselves operating in an isolated environment. Checksums of those views are verified to ensure data integrity. Powered on, OS and application functionality can be verified through automated jobs. Once verified, views are then trivially removed in preparation for the next recovery or scheduled verification.
That’s nothing to laugh at.
The Nod of Thanks > Importance of recovery
As you consider these recommendations, the idea should become obvious that focusing on recovery is the right approach. Backups are indeed necessary, but backups that aren’t recovery-optimized are just not useful. Getting to that recovery- optimized state absolutely requires the right media. It also requires the right approach, one that you’ll achieve with software solutions that incorporate smart tactics and intelligent automations like the six you’ve seen here.
There is an entirely different set of stories we IT professionals also share, the stories and legends that you want everyone to hear and talk about. They’re the ones that have a happy ending recounting the time you resurrected the lost data, saved the day, and were greeted with that all-important nod and “Thank you”.
Article written by Greg Shields, Microsoft MVP and VMware vExpert 2/7/2012
Successful deployment of private clouds has some basic technical requirements, such as robust virtualization platforms with good management tools. Private clouds also depend on the adoption of certain operational practices for managing virtualized systems, including standardizing virtualized images; managing the lifecycle of the images; monitoring the behavior of virtualized workloads and tracking the internal consumption of resources by user or workload; and automating provisioning tasks. Once these practices are in place, it becomes possible to implement self-service driven catalogs that allow users to rapidly deploy their own computing environments with a minimal knowledge about the underlying computing infrastructure. By eliminating much of the administrative overhead required to deploy services in this manner, private clouds can introduce significant cost savings. The primary challenge for most users is to stage the gradual adoption of private clouds in a way that allows the benefits of cloud computing to be accrued as quickly as possible.
Taken from Ideas International February 2011 2/6/2012
1. How well does the backup app work with the VM interface and use the virtual environment?
One of the best qualities of VMs is that they are dynamic and highly mobile—new ones can be created quickly without much planning, and existing ones can be quickly moved to other locations to gain performance or capacity advantages. This, however, creates an extremely challenging protection environment. Any effective VM data protection system has to be able to find VMs wherever they are, discover new ones automatically, see them whether they're active or not, and make effective use of the hypervisor tools to manage them (like VMware’s vCenter to see VMs and the snapshot tools to create stable images to work from). So it’s important to evaluate any system by how well it carries out these functions. The ideal system would tie into the basic hypervisor API so all the key data about the VM environment is immediately available to the backup app, allowing any data protection tools to work without adding more administrative overhead. And it would have a policy system that would let certain VMs get backed up and others not, depending on your overall data protection strategies. It’s also important to know how much the VM protection actually takes advantage of the VM environment. Some VM backup applications require or recommend separate physical servers for maximum performance. That kind of requirement both raises costs and adds complexity. The ideal VM backup system would leverage virtualization to a high degree, even install as a virtual appliance, allowing users to take advantage of the flexibility and cost saving of the virtual environment.
2. What kind of restores can you do and how long does it take?
VM backups need to be able to handle the normal options for full and incremental operation, just like any conventional backup app. But really ask about restores, because that is a topic that is dramatically different for VMs and the wrong answers can slow you down and make the job of keeping data available a difficult one. The first question is: If you back up the whole VM, can you get to individual files inside it when you restore and what does it take to do? Most apps have some way of doing this, but it is important to find out what that takes. In some cases, enabling single file restore means you have to do something different at the front end to make it happen, like adding an agent on each VM. In other cases, it may require a multi-stage process at the back end, like having to restore the whole VM first. The ideal solution would backup the whole image of the VM so the backup is fast—and agentless—but it would also give them the option of restoring the whole system if they wanted to or to find individual files inside the VM and get to those directly.
3. What’s the format of the backup copies?
This is something that IT departments didn’t have to think about much in legacy backup systems because virtually all the backup copies have been—and still are—in some kind of proprietary format. But there are new options in the VM backup world so it’s important to ask about format directly, and to think about the implications that the answer has for how you store, use and restore them. The big question is does the backup copy have to be read by the backup application that wrote it? Or can it be seen and read by other applications directly (like Word or a browser)? If speed of recovery is the goal, or use of the backup copies for some other need, then the ideal would be to have a format that is neutral or native—one that could be read by a standard file system browser and used directly by other applications. That also means that you can move the backup files to different locations and read/restore them without having to have a copy of the backup application deployed there. IONS FROM QUANTUM
4. How does the backup application handle the extra data inside the VM?
VMs have a maddening habit of holding on to lots of old data, even after it isn’t doing anybody any good. This data ranges from data expired in the guest file system that the VM doesn’t know about, to over-provisioned storage space. Most applications that backup VMs backup everything that is included in the whole image that represents the VM and its contents—which means that they treat the extra data exactly like they treat the useful data. So it makes sense to ask how the application that you are considering deals with that extra data—whether it is copied, moved, and stored and whether it becomes part of the backup copies. For users who want to increase backup speed, minimize network bandwidth, and reduce the amount of storage required, the ideal product would be aware of what’s important to backup and what’s not and make the right choices so junk data is filtered out.
5. How well does the application work with others?
One of the most important questions to ask of any application for protecting VMs is how well it gets along—or doesn’t get along—with other applications and with 3rd-party appliances. This question is especially critical for any IT departments that are tasked with providing similar standards of protection for data on both virtual and physical servers. If the specialized VM applications cannot work well with legacy apps, IT departments will have to create, manage, and maintain multiple parallel programs—usually time consuming and expensive. The ideal VM protection system would have an interface system that allows it to work synergistically with legacy backup applications to integrate into corporate protection processes. The same question needs to be asked about deduplication appliances. These solutions store more data in less space and can provide highly leveraged replication so users get off-site protection over low cost networks. VM backup applications that can work well with deduplication appliances provide extra value, and make backup and DR more effective and easier to administer. What to watch for? Any VM protection system that only does its own deduplication may make it hard to work with the more feature-rich, established deduplication solutions. The ideal system would make it easy to leverage well established deduplication solutions—best of all would be a VM backup app that could pre-condition data to make independent deduplication more effective.
6. How hard is it to set up and maintain, and what kind of support can you expect?
Whether you pick a specialized backup product for VMs or an option from a legacy supplier, you want to know what it will take to get the system up and running and how much ongoing care it will need. If you need an agent on every VM, for example, you need to think about what that means as your system grows and changes and as new VMs get created. Many IT departments forget about the impact of this requirement and end up discovering that the burden of agent management increases over time in the dynamic, VM-based environment. If additional physical servers are likely to be needed, you need to include them in your planning cycles. You also want to be sure to think about what kind of support you can get. Especially with startups or companies below a certain critical mass, it’s common to have the service and support arm lag behind the product development and sales side of the house. If you have the admin resources to be independent this may not be a concern, but it is important to understand what kind of help you can expect if you need it.
7. How much does it cost?
This is not as easy as it seems, especially with the impact of pricing model changes that seem to keep coming from the VM vendors, but it’s important to understand up front. The last thing you want to do is have the backup VM software introduce a new, unpredictable cost element into the protection strategy. When you ask vendors to explain costs, be sure to take into consideration not only the licensing charges for software, but also any ongoing support charges, and whether there is any additional hardware that might be needed. For example, if the product usually needs a separate server or dedicated storage to be effective, it’s important to include those costs up front. The same is true if the application requires agents. The ideal system keeps total costs as low as possible over the life of the deployment, not just at the time of the initial acquisition number, so it’s important to go through the whole list of all the items that may be involved in the deployment of a system and make sure that you understand the full cost of all of them.
Information taken from Quantum 7 Questions you must ask before buying a VM protection product. 2/2/2012
Cyberspace is sometimes called the silent battleground, as both hackers and hacked want to stay off the public radar screen. However, the harm being done to businesses’ online presence is very real. Every industry is at risk: retail and financial sites are targeted for credit card and account data; enterprises are targeted for intellectual property and proprietary data; government organizations are targeted for political or ideological reasons; and popular Web sites—including social media, online gaming, and entertainment destinations—are targeted for their massive user base. Small businesses are not safe either, as many attacks are untargeted, with cyber criminals using automated methods to detect and infect vulnerable sites.
Application layer attacks in particular are one of the biggest threats enterprise IT faces today. These attacks are proliferating as criminals look to exploit the highly vulnerable and largely unprotected Web application layer that serves as the new enterprise perimeter—one that unfortunately gives inadequate protection to the business-critical data and operations within.
The damage being inflicted is serious. A recent Purdue University study involving more than 800 CIOs estimates that cyber crime cost businesses more than $1 Trillion in 2008, through theft of data and intellectual property, as well as damage to customer trust and brand reputation. Repairing the fallout from data breaches is costly, as businesses can be subject to reporting and notification requirements as well as lawsuits and fines.
Regulatory compliance is another issue. The credit card industry, for example, has implemented specific regulatory requirements to ensure that merchants involved in online credit or debit card transactions secure their Web applications in order to safeguard customer account data.
Unfortunately, as enterprises attempt to harden their applications and secure their perimeters, they will face a number of challenges, including a complex and vulnerable application environment as well as increasingly sophisticated attacks that can render traditional, centralized security solutions ineffective.
Existing Security Approaches
Traditional network firewalls and intrusion prevention systems provide insufficient security against these treacherous Web-based attacks. To augment these protections, there two primary approaches used today for securing the Web application layer. Each one has its practical limitations, as we will see, but a comprehensive security architecture is likely to leverage some techniques of each.
Secure Coding and Code Review Practices
In theory, designing and building security directly into Web application code is an excellent approach to protecting sites. Best practices include strict code review at product design, development, testing, and deployment stages, using both automated and manual methods, including penetration testing and code vulnerability assessment tools.
In practice, however, companies lack the resources to carry out these time-intensive tasks consistently. It is also difficult for companies to maintain up-to-date, in-house expertise, as the technology and security landscapes evolve quickly.
Moreover, fixing flaws takes time—and expertise, particularly in today’s complex, application environment. A recent WhiteHat study showed that companies took anywhere from one to four months, on average, to fix known Web site vulnerabilities that were rated either urgent, critical, or high risk. This number does not even account for vulnerabilities that did not get fixed; 80% of urgent cross site scripting flaws and 70% of urgent SQL injection flaws remained unresolved during the year-long study. 13
So, even with the best of intentions, code reviews generally aren’t realistic as the primary way of securing applications. In the face of market pressures, companies simply don’t have the time or resources to do them.
Centralized Web Application Firewalls
Web Applications Firewalls (WAFs) provide a practical way to augment code reviews, providing a broad blanket of application protection by filtering all incoming Web requests. Unlike traditional network firewalls, WAFs have the ability to understand Web traffic payloads through their Deep Packet Inspection capabilities. They are typically deployed as hardware appliances that sit behind the enterprise firewall and in front of the Web servers.
While WAF appliances can be very effective, they demand significant resources for deployment and management, as they often involve changes to the existing network architecture and they can be difficult to scale across large deployments.
Capacity planning is another challenge, as WAF appliances require an up-front CAPEX investment based on estimates of peak traffic flow. This overprovisioning results in expensive infrastructure that sits under-utilized most of the time, while underprovisioning can result in completely application failure.
Finally, companies must also purchase and manage failover boxes since the WAF appliances are deployed inline, producing a single, critical point of failure. If the fire-wall fails, the entire site fails—or, at the very least, lies completely vulnerable to attack.
*Above information take from a white paper from Akamai 2/1/2012
How does Deduplication work?
As with many things in the world of IT, there are numerous techniques in use for deduplicating data, some are unique to specific vendors, who guard their technology behind patents and copyrights, others use more open methods. The goal of all is to identify the maximum amount of duplicate data using the minimum of resources.
The most common technique in use is that of “chunking” the data. Deduplication takes place by splitting the data stream into “chunks” and then comparing the chunks with each other. Some implementations use fixed chunk sizes, other use variable chunk sizes. The latter tends to offer a higher success rate in identifying duplicate data as it is able to adapt to different data types and environments. The smaller the chunk size then the more duplicates will be found, however, performance of the backup and more importantly the restore is affected. Therefore, vendors spend a lot of time identifying the optimal size for different data types and environments, and the use of variable chunk sizes often allow tuning to occur, sometimes automatically.
During Deduplication every chunk of data is processed using a hash algorithm and assigned a unique identifier, which is then compared an index.
If that hash number is already in the index, the piece of data is considered a duplicate and does not need to be stored again, and instead a link is made to the original data. Otherwise the new hash number is added to the index and the new data is stored on the disk. When the data is read back, if a link is found, the system simply replaces that link with the referenced data chunk. The deduplication process is intended to be transparent to end users and applications. 1/20/2012
VMware has been the dominant platform in the early part of the virtualization era. Having to support only a single platform has made the job for software and hardware providers much easier. Now though Microsoft's Hyper-V is gaining traction in many virtualized infrastructures and it’s becoming more common to see both hypervisors used in a single data center. Just as supporting multiple operating systems was a key differentiator for legacy backup applications, modern backup applications will need to support multiple hypervisors.
One of the key differences between VMware and Hyper-V is their snapshot technology, the process that most modern backup applications leverage when backing up virtual machines. Differences in capabilities and functionalities in each hypervisor's snapshot implementation needs to be hidden as much as possible from the user in both GUI integration and potentially adding capabilities that are lacking in one hypervisor vs. another. This challenge is going to differentiate good developers from great developers. Failure to do so will make the users job of managing backups more difficult.
What is a Snapshot?
“Snapshot” is a term overused in the storage industry to describe capturing a volume state at a certain point in time. Most snapshots are initially capacity-neutral. The blocks of a volume are typically set to read only and updates to those blocks are written to a separate disk area. How these changes are tracked impacts the performance of the volume and the quantity of snapshots that can be taken and managed.
VMware Snapshots
When VMware issues a snapshot or when it’s told to by a software application or storage array it essentially creates a redo log for each VM's snapshot. Changes to the VM's primary disk volume are recorded in the redo log until the snapshot has expired. VMware will allow multiple snapshots per VM but as the number increases and the length of time that the snapshot is in effect, performance can degrade because each represents another redo log which VMware must keep track of.
The length of time that the snapshot is in existence also impacts performance. When the snapshot has expired the recorded changes are rolled back into the VM's primary volume. To do this the VM needs to be "stunned" which is basically a very short, typically milliseconds, pause of the VM. However, there are times, when rolling a very large redo log back into the primary volume, that multiple and more time consuming stuns have to occur. This can cause application degradation and even application lockup. As a result backup applications should finish their use of snapshot data quickly so that fewer changes need to be rolled back in.
Hyper-V Snapshots
Hyper-V handles the snapshot process differently than does VMware and it’s something that backup applications that count on snapshots need to be aware of. Hyper-V is more of a classic snapshot technology. The virtual volume is set to read-only and as changes to blocks come in, the old block to be updated is copied to a snapshot volume and the new block is written into the active virtual volume.
This eliminates the need for a rollback and the potential issues that stunning a VM can cause. When a snapshot has expired Hyper-V has to simply drop the association to the snapshot and start using the primary volume as normal.
However Hyper-V snapshots do have their limitations. Probably the biggest issue for backup vendors is that it can only have one active and accessible snapshot per VM. Also, when a snapshot expires it’s not deleted from disk until the virtual machine is rebooted. How the backup software handles this difference from the VMware method is critical. If they count on the snapshot technique and one is already active for the VM, that means they are either going to have to delete it or use what is there. The problem with deleting and taking a new up-to-date snapshot is there may be other tasks active that are counting on the current snapshot, like a replication job or even a reporting function. The problem with leveraging a snapshot that is already in place is that the backup application is not getting the latest version of the data which will impact the accuracy of the recovery.
There is an alternative however; Hyper-V does support Volume Shadow Copy Service (VSS) which allows storage arrays or backup software to trigger volume level snapshots and then maintain those snapshots. This brings significant benefits. First the number of snapshots that can be kept are now limited to the capabilities of the storage system itself. An increasing number of storage systems can now maintain near limitless snapshots with little to no performance loss. Second, it gives the backup vendor the capability to use a common interface to communicate with a variety of storage systems without having to individually create support for each one.
This was taken from an article written by George Crump. 1/18/2012
Reports by leading industry analysts like Gartner, IDC and Concentrated Technology suggest virtual servers in 2011 will eclipse physical servers in total server deployments. The majority of today’s business computing environments already have both virtual and physical servers at the same time.
This hybrid reality drives the need for protecting both virtual and physical environment needs. In so doing, the following list of "Must-Have" requirements should serve as a basic roadmap for IT managers as virtualization use continues to outpace physical server utilization.
• Must Have Requirement #1 (Complete Protection): Protecting both physical servers and virtual servers
• Must Have Requirement #2 (RTO): Reducing recovery time from hours or days to an RTO of minutes. Today’s datacenters are no longer willing to accept downtime of any measurable quantity. Any selected data recovery solution must meet this need.
• Must Have Requirement #3 (RPO): Completely eliminating backup windows. Doing so reduces the RPO to just minutes. Losing time is an impact, but losing data is a mission critical failure. Solutions that prevent data loss also prevent business impacts.
• Must Have Requirement #4: 100% Reliability / assurance of recovery. The notion that backups must be manually tested has become quaint to the point of ridiculousness. The right solution automates this activity for you, eliminating manual verifications while ensuring data is correctly captured.
• Must Have Requirement #5: Universal recovery across virtual or physical environments (anywhere to anywhere). It includes restoring to dissimilar hardware. This also includes the capability for granular recovery that ranges from files and folders to email messages and database rows, to application objects, and ultimately full bare metal server recovery.
Article writen by Greg Shields, Microsoft MVP and VMware VExpert 1/17/2012
Imagine trying to cram all of your valuables into a rusty old metal box with a broken lock without any guarantee that you can access them again when you need them. If that’s how you feel when you attempt to back up your corporate data—the company’s crown jewels—with the same old backup software you’ve been using for decades, and risking massive data loss, it’s time to explore the innovative approach called Modern Data Protection. First, some background. “The exponential growth in the volume of digital information is resulting in almost unbridled growth in demand for storage capacity,” says principal analyst Amy Larsen DeCarlo in a January 2011 Current Analysis report.
“Nor is there any sign of a slowdown anytime in the near future, with some industry estimates that individual storage volumes could continue to grow 90 to 100 percent year over year for the foreseeable future.”
Indeed, as data rapidly becomes one of the enterprise’s most valuable assets, determining how to analyze, replicate, protect, archive, search and recover it whenever necessary is quickly becoming more complicated. The key to wrangling today’s data chaos under control is to reduce risk of loss, reduce operational complexity, and lower the cost of data management by developing a more complete, more granular understanding of your data. How to accomplish that? By leveraging management techniques designed to achieve efficiencies not previously possible.
Quite a challenge. In addition to the ever-intensifying data growth you’re no doubt experiencing, and the pressure to control and manage that data in huge volumes, you’re being hit with burgeoning virtual server deployments, applications with enormous data requirements, heightened business demand to reduce downtime, greater regulatory and governance requirements, and emerging “infrastructure as a service” models such as cloud storage. All of these factors impact your resources—time, money, and personnel— and make current data management circumstances, and the ability to plan for future data management needs, even more critical concerns.
Legacy approaches to data management have fallen behind in the areas of protection and recovery of these massive volumes, or addressed them in a piecemeal fashion. With enterprises in jeopardy of losing irreplaceable business data, and personnel and budgets stretched to the breaking point, traditional backup and recovery is broken.
Information was obtained from a CommBault White Paper 2011 1/13/2012
Executive Summary
Increasingly, it is clear that green IT is not merely a fad or a federally mandated annual compliance paper chase—ultimately, it makes good business sense. Reducing an organization’s carbon footprint requires the implementation of virtualized IT solutions, as well as a migration of many applications and workloads to cloud computing to dramatically increase efficiency and use less power. Another critical element in the march toward greener IT operations rests on the efficiency of each agency’s overall network infrastructure. Since many government organizations today use outdated/aging networks to run their IT operations, it is important not to overlook crucial network components that can be used to help public sector audiences yield the full benefits of energy-efficient IT operations. Advances in technology now make it possible to transport more traffic while consuming less power per bit. |
|
|
|
|