Enterprise Strategy Group X Information and Risk Management

Symantec backup applications get makeovers for speed, VMs

cwhitehouse — Mon, 06 Feb 2012 20:04:03 +0000

Symantec claims it increased the backup speed in its NetBackup enterprise backup application with the addition of a NetBackup Accelerator feature. The accelerator feature reduces traditional full backups to the speed of incremental backups for millions of small files, according to Symantec.

“They say the speed has been increased by 100 X, which is a bold claim,” said Jason Buffington, an analyst at Enterprise Strategy Group (ESG). “They integrated technology from client-side deduplication. First, files are identified and then the parts of the file that have changed are deduped.”

via Symantec backup applications get makeovers for speed, VMs.

Banks Push Hadoop Envelope to Open Big Data’s Secrets – Bank Systems & Technology

cwhitehouse — Mon, 06 Feb 2012 14:19:44 +0000

Given the promise of new analytics technologies, becoming more data-driven is on the minds of most IT decision makers these days. In a recent report on the impact of big data on analytics, “More than half of the organizations polled identified analytics as among their top five IT priorities,” says Julie Lockner senior analyst and VP of data at the Enterprise Strategy Group (ESG), an IT strategic advisory firm based in Milford, Mass.

“With the promise big data is poised to bring,” says Lockner, “organizations are exploring their options for solving business challenges with emerging [data] technologies. It’s just not practical or cost-effective to use traditional [database] platforms and technologies that were designed before the big-data era.”

Enter Apache’s Hadoop, the open-source software framework named by its creator after his son’s toy elephant. According to Lockner, the highly scalable Hadoop permits running analytics on massive data sets effectively and efficiently, whether that data is structured or unstructured.

“Where traditional databases hit their limits, Hadoop starts to emerge as a much better fit for solving unique analytics challenges,” Lockner says. “Because data can be incorporated from multiple sources with varying types of data structures, Hadoop enables more analysis across multiple data feeds in a single platform — solving some of the toughest data integration challenges commonly associated with relational data warehouse architecture.”

via Banks Push Hadoop Envelope to Open Big Data’s Secrets – Bank Systems & Technology.

eChannelLine USA – The hidden costs of virtual backups

cwhitehouse — Fri, 03 Feb 2012 21:14:25 +0000

In a research study conducted late last year by Enterprise Strategy Group, users were asked about their practices relative to data protection processes. Over 80 percent of respondents indicated virtual backup was a top 10 IT challenge, with 60 percent of respondents reporting that data protection for virtual servers was their most significant challenge or one of their top five problems. The responses suggest that as VMs proliferate, data protection will require greater business and IT alignment to achieve efficiency, minimize risk and increase satisfaction of stakeholders and clients.

via eChannelLine USA – The hidden costs of virtual backups.

Behind the Findings Video – U.S. Advanced Persistent Threat Analysis

Jon Oltsik — Fri, 03 Feb 2012 16:52:21 +0000

ESG is pleased to kick off 2012 with a new video series titled Behind the Findings where we will discuss research highlights and conclusions as we publish our research reports. This is a new offering for ESG Research Subscription clients to view at your convenience, on-demand.

In this first edition of ESG’s Behind the Findings program, Jon Oltsik, Principal Analyst and author of the ESG Research Report, U.S. Advanced Persistent Threat Analysis, offers his analysis based upon the results of his recent survey of 244 security professionals.

Advanced Persistent Threats (APTs) are defined as targeted multi-vector attacks usually initiated by a sophisticated and well-resourced adversary. APTs are typically used as a means for discovering and stealing sensitive data. ESG is now in a position to better understand end-users’ familiarity with and opinions about APTs.

If you have any questions, Jon can be reached via e-mail at jon.oltsik@esg-global.com.

The full report and associated research Infographic can be found here.

Anticipating the RSA Conference 2012

Jon Oltsik — Thu, 02 Feb 2012 20:08:14 +0000

It’s now February although you’d never know it from the balmy winter here in Boston. Aside from Valentine’s Day, February is significant because it is when security geeks from around the world get together in San Francisco for the RSA Conference.

The show doesn’t start until 2/27 but you can feel the anticipation in the air across the whole security community. That’s a good thing since 2011 was an especially difficult year – some have even labeled it “the year of the breach.” Hmm, what happens if 2012 is even worse – which is not unlikely?

In any case, RSA is always chock-a-block with a number of common themes. Here’s what I am anticipating, as well as my editorial comment on each.

Threat/malware management. This is a very important topic as Advanced Persistent Threats (APTs) and other types of sophisticated malware demonstrate that our existing security defenses are inadequate. I’m hoping to hear some good intelligence about cyber adversaries, and discuss best practice modifications around security processes and defense-in-depth controls to address these increasingly dangerous threats. Interesting vendors in this space include Countertack, Damballa, and FireEye, as well as old guard companies like Sourcefire and Trend Micro but I’m interested in hearing from others as well.
Security intelligence. Security situational awareness is marginal at best at many enterprises. Why? Lots of firms don’t have the right skills or tools in place while others need visibility to more host systems, applications, and network behavior. As I’ve said many times, this makes security a big data problem (I’m on a panel focused on this topic) and I’m interested in learning how the industry plans to address this. I’ll seek out HP, IBM, LogRhythm, McAfee, and RSA on this topic.
Security services. With security skills in short supply, the security service providers must be seeing lots of activity. Good discussion for Symantec, Unisys, and Verizon.
Mobile security. Yeah, I know about the malware and poorly written applications and I do see a lot of interest in this space. That said, ESG has yet to see a lot of demand for mobile security technologies. I expect a lot of buzz over mobile security, even if no one is making any money.
Cloud security. A complex topic but all I anticipate seeing at RSA is simple and tactical solutions (unless I get an architectural overview from Amazon, Google, or Rackspace).
Data center network security. We’ve had firewalls, IDS/IPS, and gateway devices forever but network security is still a major area of investment for enterprises. Data center network security is particularly challenging these days as large organizations deal with massive data center scale, web-based applications, and server virtualization/cloud. Does anyone offer a highly-scalable physical/virtual data center network security architecture? Good question to bring up when I talk to Cisco, Check Point, and Juniper.
Enterprise security software architecture. In the client/server days, departmental applications were subsumed into enterprise ERP systems. This same type of integration/centralization has to happen with security technologies. Which vendors understand this and know how to build scalable software security architecture a la Oracle and SAP? My goal is to find out.

Like all other similar events, RSA has its share of cocktail parties, tradeshow gimmicks, and give-aways. Entertainment is certainly a big part of the event, but RSA is really about cybersecurity – a very serious topic. Before imbibing their fourth Mai Tai at a Hawaiian-themed party at the W Hotel, I hope that RSA participants think about recent security breaches at New York State Electric & Gas (800k customer records exposed), Zappos.com (24 million customer records exposed), and our security colleagues at Stratfor ,and then consider the real objective of this event.

You can read Jon’s other blog entries at Insecure About Security.

Riverbed Steelhead EX + Granite

Tony Palmer — Wed, 01 Feb 2012 17:14:47 +0000

Optimizing Server, Application, and Storage Consolidation with Edge Virtual Server Infrastructure

Riverbed Technology provides a performance platform for enterprises implementing strategic initiatives such as virtualization, consolidation, cloud computing, and disaster recovery in a globally connected enterprise. Riverbed solutions are designed to enable a fluid, dynamic IT architecture by eliminating bottlenecks and increasing the performance of a full range of business applications including e-mail, ERP, CRM, backup, and file sharing. This ESG Lab Validation examines Riverbed’s WAN optimization and Virtual Services Platform (VSP) as well as the Riverbed Granite edge virtual server infrastructure that enables organizations to consolidate storage considered impossible to consolidate due to the response time requirements of branch-bound applications that rely on local storage.

Background

While IT priorities and challenges are often considered with data centers and other centralized corporate resources in mind, it is important to remember that organizations often have distributed locations that have significant and complex computing requirements. In fact, typical IT challenges are often exacerbated in these remote/branch offices due to distance and lack of onsite IT staff. ESG research found that companies face significant challenges when it comes to delivering applications over the WAN from a central location to employees at branch office locations. According to a recent ESG survey,^{^[1]} nearly half of respondents identified improving application performance for end-users as a key initiative (see Figure 1). Improvements to application accessibility and better collaboration capabilities were also high on the list.

Figure 1. Top Remote Office/Branch Office IT Priorities

Riverbed Steelhead EX + Granite Overview

Riverbed Technology’s Steelhead product family is designed to provide increased application performance and data transfer speeds over the WAN. Steelhead products address four main solution areas.

Application Acceleration—Steelhead optimizes both TCP and UDP traffic, addresses application-specific latency, delivers LAN-like performance and availability over the WAN, and enables improved collaboration, file sharing, and productivity for distributed enterprises.
Bandwidth Optimization—enables network managers to achieve better utilization of existing WAN bandwidth by eliminating redundant WAN traffic.
IT Infrastructure Consolidation—enables consolidation of IT infrastructure from remote offices to a centrally located facility, maintaining performance, availability, and security, as well as reducing capital expenditure and management costs.
Backup & Replication Acceleration—enables quick and secure backup and replication from branch locations.

Figure 2. Riverbed Steelhead

The Riverbed Steelhead family of products is designed to optimize WAN traffic between distributed remote and branch office locations and a central data center. Steelhead appliances run the Riverbed Optimization System (RiOS), which is the software platform that enables data-, protocol-, and application-level WAN optimization and allows a central office to consolidate the majority of its remote office server infrastructure, taking the first step toward true infrastructure consolidation. Riverbed Steelhead EX combines WAN optimization capabilities with VMware on the appliance, enabling a branch to virtualize local servers and minimize the bandwidth required by users and applications.

Figure 3. Riverbed Steelhead EX + Granite

Granite was developed by Riverbed to deliver edge virtual server infrastructure that extends an enterprise storage area network (SAN) out to remote offices. It enables organizations to centralize and consolidate branch office storage at a primary data center. Steelhead EX + Granite combines Riverbed Steelhead and Granite software capabilities with the goal of serving write-intensive and custom applications in the branch with a global storage infrastructure projected from the data center, eliminating storage at remote branch offices previously considered too difficult to consolidate.

ESG Lab Validation

ESG Lab performed hands-on evaluation and testing of the Riverbed Steelhead EX + Granite WAN optimization and storage consolidation appliance at a Riverbed facility in San Francisco, California. Testing was designed to demonstrate how Steelhead EX + Granite improves application performance and availability, as well as delivers infrastructure consolidation and data security for branch locations in a distributed enterprise.

Getting Started with WAN Optimization

Steelhead appliances at remote locations, along with Steelhead Mobile software on remote user laptops, work together with one or more Steelhead appliances in the corporate data center to optimize traffic flowing over the WAN. Riverbed addresses three areas that affect WAN efficiency: application chattiness, data redundancy, and transport protocol inefficiency.

To speed application performance, application-specific optimizations complete transactions locally in the branch on behalf of servers in the data center, eliminating the need to wait for application responses over a WAN connection. To reduce the amount of data sent over a WAN, Steelhead appliances and software intercept and inspect WAN data to determine whether the data or a portion of it has been seen before. When a user attempts to access data already encountered by the local Steelhead datastore, the data is served locally, eliminating the delay of pulling data over the WAN. With this capability, Steelhead appliances allow users and applications to read and manipulate data, while only requesting or sending unique blocks across the WAN. To overcome transport protocol limitations, Steelhead appliances more intelligently scale and pack TCP payloads, significantly reducing round trips and more efficiently transmitting data across the WAN.

Figure 4 shows the test bed used by ESG Lab, which consisted of a simulated data center and remote office. A Network Nightmare WAN simulation device was used to limit bandwidth and inject latency, simulating a transcontinental T1 link. The data center was configured with one NetApp FAS 2050 connected to both Steelhead and Granite core appliances. The remote office had a Steelhead EX + Granite appliance running Steelhead WAN optimization software, Granite block-storage acceleration, and the Riverbed VSP. The connection between the two environments was limited to 1.5 Mbps (T1 equivalent) and had 100 milliseconds of round-trip latency injected to simulate a remote office connecting to a data center up to 3,000 miles away.

Figure 4. The ESG Lab Test Bed

ESG Lab Testing

For the first round of tests, Steelhead WAN optimization was used to optimize typical knowledge worker operating tasks. Data reduction and optimization-related metrics were captured using the Steelhead management console as well as wall-clock timing of certain operations. As shown in Figure 5, simple file transfers, Microsoft Exchange messages with attachments, and Microsoft SharePoint transaction performance were measured with and without Riverbed Steelhead WAN optimization enabled. The corresponding results show performance improvements of anywhere from 5X to 50X, depending on the type of transaction.

Figure 5. Riverbed WAN Acceleration

The data in Table 1 includes the sizes of the objects used in performance testing and the number of seconds to completely execute each operation. The largest time reduction was seen with the transfer of a 65.3 MB file from a remote client to the corporate file server.

Table 1. Riverbed WAN Acceleration Performance Summary

Why This Matters

Today’s enterprises are working toward infrastructure consolidation to improve resource utilization, security, and cost reduction. Organizations with distributed enterprise environments (with numerous remote users and offices) have the same goal but face the added challenge of users from a remote office connecting to the data center over the WAN. In an ESG survey of IT administrators in distributed environments, 48% of respondents identified improving application performance for remote end-users as a key initiative.^{^[2]} The need to consolidate servers from remote sites yet maintain application response times—while still reducing costs—has driven many organizations to look at WAN optimization. Riverbed Technology’s Steelhead EX + Granite WAN optimization appliance enables IT administrators to consolidate servers while maintaining performance without the added cost of more bandwidth.

ESG Lab has confirmed through hands-on testing and actual production use that Riverbed Steelhead solutions provide outstanding WAN data reduction. Whether leveraged to avoid costly network upgrades or used to quickly access important data, Riverbed Steelhead solutions enable greater performance and productivity for remote offices. ESG used Steelhead Appliances to optimize WAN connectivity and improved performance by up to 50 times, demonstrating how the solution enables more productive collaboration between remote and central offices.

Consolidation of Branch Services

Organizations are using server virtualization to simplify their IT infrastructures while reducing costs in their data centers through consolidation. For services required in branch offices, consolidation (minimizing infrastructure in the branches) is also a key goal. However, organizations are faced with a challenge in that certain applications require local compute and storage resources to meet performance requirements for end-users. Steelhead EX features the Riverbed Virtual Services Platform (VSP) that incorporates VMware virtualization technology to consolidate branch servers and applications onto the Steelhead EX appliance.

ESG Lab Testing

ESG Lab began testing the ease of consolidating branch office services and applications using Riverbed Steelhead + Granite technology by simulating the user experience of moving from a traditional branch office with dedicated servers, applications, and local storage to a virtualized Riverbed WAN-optimized and consolidated model, as illustrated in Figure 6.

Figure 6. Branch Service Consolidation with Steelhead EX + Granite

ESG Lab first virtualized a Microsoft Windows Server 2008 system in the remote location by installing the VM onto the Riverbed VSP. This is accomplished via the Steelhead management interface. The Steelhead EX + Granite appliance can host up to five end-user virtual machines. ESG Lab connected to the Steelhead EX + Granite appliance through the Riverbed Steelhead Management Console to install the virtual server as shown in Figure 7.

Figure 7. Steelhead Management Console: Loading a Virtual Machine

Once the virtual machine was loaded and running, ESG Lab simulated a Microsoft SQL server workload using the Iometer load generation utility. SQL Server is an application that, due to the response-time sensitivity of transactional databases, is often hosted on physical servers with local storage in a branch office. In this test, a 4 KB block size was used with a 67% read, 100% random access pattern.

Figure 8 shows the Iometer results displayed during the test. The most important metric to note here is “Average I/O Response Time (ms).” While the back-end connection to the storage array was over a simulated T1 connection with 100 ms of round-trip latency, Iometer reports only 31 milliseconds of latency to disk because data is being written to the local Steelhead blockstore.

Figure 8. Running a SQL Server over WAN-extended SAN Storage

It’s important to note here that without Steelhead EX + Granite, ESG Lab was unable to obtain a usable result due to the restricted bandwidth and high latency of the WAN link. In fact, the connection to the LUN in the data center timed out, and the mount failed.

Why This Matters

ESG research indicates that two of the top three challenges that IT managers face when trying to deliver IT services to remote and branch offices are poor application performance and the cost of WAN bandwidth.[3] Our research also indicates that spending more on WAN bandwidth doesn’t always fix the performance problem. As a matter of fact, 56% of organizations cite poor application performance as a challenge—regardless of whether they are spending less than $1,000 or more than $5,000 per month on WAN bandwidth.

When running an OLTP database workload in a Riverbed appliance-hosted virtual machine, Riverbed Steelhead EX + Granite technology provided LAN-like access to the database volume over a simulated WAN link. Latency to the storage decreased by more than 67%, making it possible to consolidate business-critical branch services over the WAN.

Consolidating Branch Office Storage

Riverbed Granite extends iSCSI block storage from the data center to the remote site in a way that is transparent to users and applications, and that takes advantage of Riverbed Steelhead WAN optimization technology. Granite enables organizations to maintain local servers at branch offices while actually storing and protecting their data within their data centers. Riverbed VSP provides the ability to host those servers directly on the Steelhead EX appliance.

ESG Lab Testing

ESG Lab tested Granite by mounting iSCSI LUNs from the data center on physical branch server nodes as well as within the virtual machines hosted in the Steelhead EX + Granite appliance. To verify the challenge of accessing “unoptimized” iSCSI storage over the WAN, ESG Lab first attempted to mount an iSCSI LUN directly from a traditional branch server to a data center SAN without Granite, and observed that the connection timed out and the mount failed.

Next, ESG Lab tested whether Riverbed Granite could allow the use of iSCSI over the WAN by configuring Granite appliances in both a data center and a remote office location. Figure 9 shows the basic functional design of storage extended with Granite. In effect, there are two iSCSI connections (working from right to left):

Within the data center (right), between the actual iSCSI SAN target to the Granite core iSCSI initiator.
Within the remote site (left), between the production server iSCSI initiator to the Steelhead EX + Granite iSCSI target.

Using the same branch server, ESG Lab was able to successfully mount with no errors or timeouts the same iSCSI LUN that had previously failed to mount in the “unoptimized” test.

Figure 9. Extending Block-Level Storage from the Data Center via Steelhead EX + Granite

The combination of Granite with Steelhead WAN optimization makes it possible for a data center LUN to be successfully mounted by a remote office production server—either a physical server located in the branch or one that is virtually hosted within the Riverbed VSP hypervisor.

Next, ESG Lab examined performance and usability. For this test, ESG Lab (working right to left in Figure 9):

Configured multiple LUNs within the data center SAN, which is completely unaware of the Steelhead EX + Granite extended storage scenario.
Configured the Granite core iSCSI initiator to mount the LUNs that are to be extended.
Assigned a specific Steelhead EX + Granite edge device from the Granite core at the data center to extend each LUN. By doing so, the Steelhead EX + Granite device became an iSCSI target and offered the LUN to devices within the remote site.
Connected the LUN to the production Windows server using its iSCSI initiator, with the server being completely unaware that the LUN is not within the remote site but actually extended from the data center.

From there, the LUN behaved like any other iSCSI-attached device and could be mounted and utilized. A common concern about remote storage is that the latency associated with initial use or access requests will have an impact on the end-user experience. To observe the behavior, ESG Lab configured an extended LUN within Steelhead EX + Granite that contained a known data set and requested various randomly selected files.

Figure 10 shows the Steelhead EX + Granite Blockstore Metrics report, which measures the amount of “hits” (requested blocks that were already available at the branch) and “misses” (blocks that needed to be sent from the data center) in megabytes. This, in effect, measures the effectiveness of the Granite technology to pre-fetch and/or quickly transmit the necessary blocks, such that the branch server experiences the storage as though it is local.

Figure 10. View of Steelhead EX + Granite Device During Initial IO Requests—Hits and Misses

ESG Lab used AutoCAD software to open a 33.5 MB file (cifs.dwg). The first time the file was accessed across the WAN, the file-open process took 27.7 seconds. The file was closed and the workstation was rebooted to clear client cache. When the workstation was restarted, the same file was opened using AutoCAD, and the file opened in 5 seconds, the same as baseline testing over the LAN.

While Figure 10 shows the Granite technology’s effectiveness in pulling data from the data center to the branch, Figure 11 shows the behavior of data written at the branch being committed to the data center.

The dark blue line tracks the amount of data being written to the Granite blockstore.
The light blue areas show data received but not yet written back to the data center storage array, implying minimal latency in transmitting those blocks to the data center.
The grey areas show data that has been committed to the data center.

Figure 11. View of Steelhead EX + Granite Device During Initial IO Requests—Writes and Commits

Overall, ESG Lab found the Riverbed Granite extended storage solution to be surprisingly easy to configure and utilize. Neither the production server at the remote site nor the data center SAN felt any impact from the extended distance. The iSCSI implementation was intuitive and performed well over a simulated 3,000-mile WAN connection. The combination of Granite with Steelhead technology dramatically accelerated data transfers over low-bandwidth, high-latency connections.

Why This Matters

While ESG research[4] shows that more than 84% of infrastructure purchase decisions are made at corporate, the implementations are often done as near-standalone configurations per branch office. While consolidated storage at the data center has always been regarded as a powerful method to reduce costs and management complexity, branch offices with applications requiring local block storage performance have had to rely on traditional direct-attached storage deployed with local server platforms. Granite’s ability to extend iSCSI LUNs from a data center SAN to a remote office opens up data center cost and manageability benefits to remote sites.

In hands-on testing, ESG Lab found performance over a simulated transcontinental WAN link to be remarkably viable, demonstrating performance that rivaled local attached storage in both throughput and latency.

Remote Office Scenarios and Implications

After the servers were virtualized and the SAN storage was extended from the central data center, ESG Lab was ready to explore the performance and resilience of a Riverbed-enhanced remote office when a WAN link goes down and is restored.

ESG Lab Testing

First, ESG Lab set a baseline by opening several large files that resided on an extended iSCSI SAN volume shared on the remote office LAN by a virtual server hosted in the Steelhead EX + Granite appliance without Granite acceleration. ESG Lab opened a 39.4 MB AutoCAD file named “http.dwg” using a client on the remote office LAN. Without Steelhead and Granite optimization, the file opened in 721 seconds, or just over 12 minutes. The AutoCAD application was completely unresponsive while the file was pulled across the WAN.

Next, the same file-open test was performed with Steelhead WAN optimization and Granite active. The first time the file was accessed, the operation completed in 39.1 seconds. After closing the file and opening it a second time, the file opened in 5.0 seconds. As expected, the second open was much faster, being serviced by the blockstore cache on the Steelhead EX + Granite appliance. Saving the file to a new name took 3.1 seconds.

As seen in Figure 12, at 18:07, ESG Lab disconnected the simulated WAN between the remote office and data center, and attempted to open the same file. The file opened successfully, in 5.6 seconds. Next, the file was saved to a new name, which completed in 3.1 seconds. This is comparable to the performance observed when the WAN was connected.

ESG Lab repeated these procedures multiple times, opening files and saving them to new names. Performance was consistent. Figure 12 shows the data writes/commits report from the Steelhead EX appliance.

Figure 12. Data Writes and Commits, WAN Disconnected

As shown in Figure 12, as data was written to the network share, the uncommitted bytes that had been accepted by the Steelhead appliance but not yet transmitted to the data center increased. Note that the entire time that the volume was disconnected, the client and server at the remote site remained connected, and the volume remained online.

After approximately 30 minutes, more than 40 MB had been written to the shared volume. ESG Lab then reconnected the WAN and monitored the data writes/commits report. As can be seen in Figure 13, the Steelhead appliance committed the 43.6 MB of data to the NetApp FAS in the data center in about 45 seconds.

Figure 13. Data Writes and Commits, WAN Reconnected

The resynchronization was automatic and completely transparent. Users and applications saw no change in connectivity or access when the WAN link was down, nor when it came back up. Figure 14 shows a network traffic summary report for the time period that the resynchronization was executing.

Figure 14. Optimized Traffic After WAN Reconnect

The port number indicates the type of traffic: Port 7951 is traffic flowing between the Steelhead EX + Granite edge device and Steelhead and Granite core devices in the data center. The actual data transmitted across the WAN link was highly optimized, and, of the 43.9 MB of iSCSI data transmitted by the virtual server, only 3 MB was actually transmitted across the WAN, a reduction of 93%.

Why This Matters

ESG Research indicates that improving application performance and improving accessibility for end-users are the top-two IT priorities with respect to remote and branch offices.[5]

ESG Lab validated that Steelhead EX + Granite improved performance by a factor of 18 to 26 times when opening and editing large CAD files across a high-latency, low-bandwidth T1 link, providing WAN access to centralized project files at LAN-like speeds. If an engineer has to open and edit just five of these drawings per day, this would equate to an hour per day of reclaimed productivity (if they could even open the file at all without the Riverbed solution), while reducing the risk of business interruption and data loss due to connectivity issues at a remote office. Steelhead EX + Granite demonstrated the ability to provide uninterrupted operations for remote users with data housed in a central data center, whether the WAN was up or down, with excellent performance.

Data Protection Scenarios and Implications

When extending storage from the data center to the remote office, data protection becomes multifaceted, incorporating not only backup and recovery of production data, but also protection of remote office data from loss or theft.

Securing Data in the Appliance

Riverbed appliances utilize integrated storage to hold cached data in remote locations, designed to enhance the remote user’s experience by providing local access to frequently used data. The Riverbed Steelhead + Granite appliance offers AES encryption (up to and including AES-256) to securely encrypt the data on disk. The AES key for the Granite blockstore is kept in a secure vault area, which is also encrypted using AES-256.

The default key to each appliance vault is unique, derived from a unique identifier of each appliance. The vault key can be changed by organizations to comply with their own security standards. When an appliance boots, the vault key must be provided, or the contents of the blockstore are not accessible. A visual representation of Riverbed encryption is shown in Figure 15.

Figure 15. Data Encryption in Steelhead and Granite

Backup and Recovery

When considering backup and recovery, multiple data protection scenarios are either enabled or enhanced, including:

File/application-based protection of the remote data, from the data center
Block-based protection of the LUNs used by the branch platforms, from the data center

In principle, because server-centric storage utilized at the branch is in fact extended from the data center via Granite (and user-centric data from the branch is stored locally on Granite-extended volumes), Riverbed suggests that data protection can be done entirely from the data center instance of the data.

ESG Lab audited the operating methods that Riverbed uses for storing its data to understand the viability for customers to use their current data-protection methods within a Steelhead EX + Granite deployed configuration.

Traditional File/Application Backups from Guest-VM Branch Servers

For production servers running at the branch, presumably as virtual machines within the Steelhead EX + Granite (VMware Virtual Server) host environment, traditional file- and/or application-centric backups are still achievable.

ESG Lab looked at how a typical backup agent can be installed within a virtualized production OS to send backup data to the requesting backup server located at the data center, as shown in Figure 16. In this configuration, as files are queued to be sent from the production VM to the backup server, Steelhead WAN optimization is designed to recognize the data that already exists at the data center from previous synchronizations. In this case, while both the remote backup agent and the data center backup server believe that the data is being sent across the WAN, only truly unique data segments and reference “pointers” to previously encountered data actually traverse the network.

Figure 16. Traditional File/Application Backups from Guest-VM Branch Servers

Based on how ESG Lab tested file transfers with Steelhead EX + Granite, file-centric data movement during backups should be nearly eliminated. Similarly, application-centric backups that generate storage IO as part of the backup process (such as SQL Server log files) will benefit. In those cases, as the data files are prepared for backup, their corresponding blocks within Granite will be committed to the data center and therefore may not need to traverse the WAN during the actual backup.

SAN-based Backup of the Branch from the Data Center

Perhaps the most intuitive and yet subtle method ESG Lab observed was the ability to back up the extended LUN from within the data center. Because the SAN is unaware of the Steelhead/Granite solution, LUNs can be backed up directly using storage-based snapshots and clones—traditional “serverless” backup solutions.

As seen in Figure 17, ESG Lab observed that by backing up the original LUNs from the SAN, all of the production data could be protected in the data center, including virtualized server-centric data and client-specific data that are Granite-extended.

Figure 17. SAN-based Backup of the Branch LUNs from the Data Center

As shown in Figure 17, ESG Lab found serverless backups of remote office volumes to be potentially ideal choices for those customers who already utilize them within their data centers. The IO burden is removed not only from the production resources, but also from the Steelhead and Granite appliances, freeing them up for production IO exclusively. Like any serverless backup, an understanding of the applications in use and the need for consistency and post-backup processing are keys to success.

Riverbed SAN Hardware Snapshot Integration

Along with extending and potentially enhancing customers’ existing backup methodologies, Riverbed has also developed a Riverbed Hardware Snapshot Provider (RHSP) mechanism to directly integrate its storage-extending capabilities with both the Microsoft Volume Shadow Copy Service (VSS) and SAN arrays from EMC, Dell EqualLogic, and NetApp.

Although RHSP was not tested by ESG Lab, a discussion with Riverbed highlighted RHSP capabilities that directly address the need for application consistency with backup. RHSP installs as a plug-in on Windows clients in the branch office. It is used within the VSS process to place a point-in-time marker into the Granite blockstore. This enables a backup agent to quiesce an application to indicate an application-consistent restore point. In turn, this indicator triggers a snapshot on the data center SAN storage array that can then be used for any required restores or subsequent secondary backups to disk or tape in the data center.

Why This Matters

ESG research[6] shows that 71% of remote office locations still perform local backups, even though the vast majority of companies that have spoken with ESG say they would prefer to centrally manage and secure their data. By extending the storage from datasets that coexist within the data center, Riverbed customers can secure branch data and may very well find that they can achieve their goal of “centralized backup” by backing up from the data center instance of the branch data.

Whether an IT department prefers guest-based or SAN-based backups, the Granite solution illustrates the viability of protecting branch data from the data center and provides new backup flexibility in situations where decentralized backups may have been presumed to be the only option. Based on ESG Lab findings, customers using SAN‑centric backup solutions (e.g., snapshots) should be especially pleased to discover that they can use these same methods for protecting branch data and for protecting their data center volumes, because all of the LUNs are now in the same place.

ESG Lab Validation Highlights

ESG Lab used Steelhead appliances to optimize WAN performance and reduced data by up to 50 times, enabling more productive collaboration between remote and central offices.
When running an OLTP database workload in a Riverbed appliance-hosted virtual machine, ESG Lab observed latency to storage over the WAN decreased by more than 67%, enabling a remote server to mount an iSCSI volume hosted in a distant data center, and making it possible to consolidate business-critical branch services over the WAN.
ESG Lab found Granite-extended block-storage performance over a simulated transcontinental WAN link to be remarkably viable, rivaling local-attached storage in both throughput and latency.
ESG Lab validated that Riverbed improved performance by a factor of 18 to 26 times when opening and editing large CAD files across a high-latency, low-bandwidth T1 link, providing WAN access to centralized project files at LAN-like speeds.
ESG found that customers’ existing backup methodologies were all potentially viable options for remote offices—in ways not achievable without the combination of WAN optimization and storage extension. Without changing their backup mechanisms, customers may find their solutions enhanced because of how Steelhead optimizes the data streams that Granite has already synchronized between sites.

Issues to Consider

It should be noted that one key to the performance of the extended storage is the built-in blockstore within the Steelhead EX + Granite appliance itself. When designing the storage to be used at the branch, customers should be aware that the Granite solution does not change normal design considerations around capacity or IO performance. Those aspects should still be considered when determining the size of the Granite edge device to place at a particular branch location.
While many data-protection scenarios are enhanced through this configuration, for SAN-based backup of the branch from the data center, a minimal amount of effort is still required to ensure the boot volumes of the virtualized VMs on VSP within each branch appliance are protected and recoverable. ESG Lab hopes that Riverbed will address this in future releases, so that even in the VSP scenario, an entire VM can be protected at the data center.
While many backup processes may potentially gain benefit from a Riverbed Steelhead solution with Granite technology, they do so without any awareness of Riverbed’s changes to infrastructure or topology.

The Bigger Truth

Riverbed provides comprehensive WAN optimization solutions, helping organizations share applications and data across global wide-area networks. Riverbed WAN optimization solutions have been proven in the field to give businesses order-of-magnitude increases in the performance and value of their existing IT infrastructure and mission-critical applications, including file sharing, e-mail, backup, document management systems, IT tools, and ERP and CRM solutions.

Riverbed has applied its field-proven WAN optimization technology to provide similar performance gains for SAN-based block data extended to remote offices. Achieving a data reduction of more than 26 to 1 in ESG Lab testing, Steelhead Granite technology not only reduces the amount of bandwidth needed to connect to data center SAN storage, but also provides access to remote users at local speeds, maximizing the productivity of those remote workers. Steelhead EX + Granite also enables organizations to utilize existing investments in data protection hardware and software and secures that data in the data center.

In a truly fluid enterprise, all data and storage resources will be centralized in the data center. When that occurs, organizations will gain the ability to provide desired performance in the branch and the ability to quickly provision systems and storage wherever or whenever they wish. In addition, data protection becomes much easier and more secure for remote offices—it is executed centrally along with all valuable corporate data in the data center.

ESG Lab confirmed, through hands-on testing, that Riverbed’s Steelhead EX + Granite solution is able to reduce remote office network traffic while extending data center SANs with little impact on remote office servers and clients. The solution integrated well with Microsoft Exchange and SharePoint business applications as well as basic file system services and iSCSI block storage, long considered all but impossible to extend over long-distance, low-bandwidth WAN links. Organizations interested in improving the remote user experience while bringing data-center-class performance and protection to their remote offices should seriously consider Riverbed Steelhead EX + Granite.

Appendix

Table 2. ESG Lab Test Bed

[1] Source: ESG Research Report, 2011 Remote Office/Branch Office Technology Trends, July 2011.

[2] Source: ESG Research Report, 2011 IT Spending Intentions Survey, January 2011.

[3] Source: ESG Research Report, 2011 Remote Office/Branch Office Technology Trends, July 2011.

[4] ESG Research Report, Remote Office/Branch Office Technology Trends, July 2011.

[5] Source: ESG Research Report, 2011 Remote Office/Branch Office Technology Trends, July 2011.

[6] ESG Research Report, Remote Office/Branch Office Technology Trends, July 2011.

ESG Lab Reports

The goal of ESG Lab reports is to educate IT professionals about emerging technologies and products in the storage, data management and information security industries. ESG Lab reports are not meant to replace the evaluation process that should be conducted before making purchasing decisions, but rather to provide insight into these emerging technologies. Our objective is to go over some of the more valuable feature/functions of products, show how they can be used to solve real customer problems and identify any areas needing improvement. ESG Lab’s expert third-party perspective is based on our own hands-on testing as well as on interviews with customers who use these products in production environments. This ESG Lab report was sponsored by Riverbed.

F5 Shakes Up the Firewall Market

Jon Oltsik — Wed, 01 Feb 2012 15:01:23 +0000

The high-end of the firewall market has really been dominated by two companies: Crossbeam Systems (with Check Point Software) and Juniper Networks. Over the past few years, these two firms won most of the high revenue/high margin enterprise and service provider deals.

Of course, others took notice and wanted their own piece of the pie. Cisco came out with its ASA 5580 a few years back. Network security guru Sourcefire introduced a high-end hardware architecture and a firewall in 2011. Finally, Check Point jumped in with its own high-end hardware as well.

As if this space wasn’t crowded enough, F5 Networks threw its hat in the ring this week with the announcement that its Big-IP 11.1 software passed the ISCA Labs test for network firewalls.

This may seem like just another feature for Big-IP but it’s not. F5 has a unique position amongst its competitors because:

F5 is already in the right accounts. Big-IP is a staple product at large enterprises, wired/wireless carriers, and cloud service providers. F5 should be able to leverage these relationships to get a CISO introduction.
Everyone knows that F5 can build a high-end network hardware box. Like Juniper, F5 built its reputation on building high performance boxes that can scale. This status may get F5 on the evaluation short list right away.
F5 offers a consolidation play for the network. F5 sits behind the firewall but in front of a boatload of critical web applications. With a few network architecture tweaks, you can configure a Big-IP to perform firewall and ADC functions from the same box. This could simplify network architecture and operations.
F5 brings a new recipe for network/application security integration. With all the industry talk about next-generation or application-aware firewalls, F5 goes a step further. Big-IP can be configured for security and customized with iRules to offer extremely strong network/application security integration.

F5 has a lot of potential to alter the high-end firewall market but there is still work ahead. Remember that many people still perceive F5 as the load balancer company, so for F5 to succeed it must first demonstrate its network security chops. This means convincing its customers that it is committed to network security and that its product is as strong on security protection as it is on performance.

Finally, the introduction of a high-end firewall just made F5 an even more attractive acquisition target. With a current market cap of $9.5 billion, the list of potential suitors is small, but F5 would certainly add value to HP’s networking and security portfolio. IBM may be tempted to make a play since F5 makes sense from a security, data center, cloud computing, services, and WebSphere perspective. You could even make a case for Cisco to buy F5 but that’s the longest shot of all.

You can read Jon’s other blog entries at Insecure About Security.

CommVault Simpana now offering “One Pass”

Jason Buffington — Wed, 01 Feb 2012 14:15:00 +0000

Today, CommVault is holding a virtual event to announce some of its latest innovations for the Simpana 9.0 product. I had the opportunity to do some early hands-on testing of a few of the new capabilities during an ESG Lab Review — including its new “OnePass” technology and its ability to integrate with Scale-out NAS.

Click here to read the new ESG Lab Report on CommVault Simpana 9.0 “OnePass”

Click here to read a new ESG Analyst Brief on CommVault Simpana 9

With data growing at ever increasing rates, more data sets are simply becoming “too big” to back up — at least not in the traditional sense. To help combat this, Archive is becoming more and more the steady-partner to Backup, whereby once something is adequately backed up, dormant data can be archived off — making future backups better.

That all sounds like steps in the right direction, but let’s take a look using a “Good, Better, Best” perspective for how these come together:

	Good > Some IT environments are now doing Archive and Backup (and Storage Resource Monitoring), which is solving their tactical backup window and retention challenges — but they are using multiple point products; with each niche technology installing its own agent on the production servers, its own management console, and creating its own I/O/CPU impact on every production server.

	Better > Some data protection vendors have either built or bought complementary archiving and/or SRM functionality. Often this eases buying and evaluation cycles, as well as support resolution. But the multiple agents, back-ends, management interfaces, and I/O/CPU impact on the production environments still apply.

	Best > One agent … One back-end … One console … and (most importantly) One CPU/I/O stream on each production server.

In other words — One Pass on the data, which (not coincidently) is the name of Simpana’s new feature.

CommVault may not be the only vendor to have ever converged its software’s methodologies, but it is now on a very short list of vendors who are addressing multiple data management problems with a truly unified solution through an elegant architecture. And most impressively, they did it while not even asking for new licensing or deployment methods. That’s right, existing Simpana 9.0 customers can take advantage of this by simply applying the most recent quarterly software update and then doing their normal agent update process. After that, two simple checkboxes in the Simpana management console will enable the unified “OnePass” behavior within the Simpana system. (check out the ESG Lab Report on all of this)

While I would love to say that consolidating the 3 workflows of Backup, Archiving, and SRM into one process gives you 3X return for your backup window, there are too many variables to make that claim, including: file types and size, amount of redundancy, archiving retention rules, etc. But by only traversing the disk system once (instead of for each of the three processes) every Simpana customer should see an appreciable improvement in backup window SLA compliance, as well as the less quantifiable but more appreciable reduced I/O impact on production disks and networks and CPU — all of which will free the production environment to do less backup tasks and more production work.

As always, thanks for reading.

Click here to read earlier ESG coverage of CommVault Simpana

Building a Strategic Archive with CommVault Simpana Software

Brian Babineau — Wed, 01 Feb 2012 14:01:54 +0000

CommVault Simpana software, a data management platform that delivers backup, archive, search, and analytics capabilities, can be a viable cornerstone of an organization’s information retention strategy. Simpana provides archiving capabilities that organizations may not believe they need now but, given current archive market trends, will be extremely useful to them in the near future.

Introduction

ESG has long argued that it is not a question of if organizations are going to archive; it’s how. For years, organizations have reacted passively to digital information retention requirements by electing to put in place minimal resources to preserve information for compliance, legal, business reference, or system optimization purposes. Most companies have dealt with the archiving market’s evolving dynamics by addressing an immediate need rather than by building any type of long-term strategy.

For example, many companies have had to deal with growing e-discovery demands that make it imperative to retain select archived data online for easy retrieval and export. The short-term resolution is to store the information on faster (yet more expensive) media. Deploying such a strategy does address the short term challenge. But over time, putting all information on costly storage is likely to be very expensive.

It is hard to fault IT departments and their business customers for simply addressing archive-related challenges as they come up. After all, it is far too complicated to predict what retention issues will occur in the future. The concern with constantly executing archive environment “fire drills,” though, is that they run counter to the logic of an overall information retention process.

By nature, archiving involves long-term information retention. Shortsighted technology decisions usually end up costing a company more in the long run by forcing:

Disruptive data migrations
Unplanned purchases of additional systems
Increased risk because business users cannot properly address legal and compliance needs

Today, when a long-term archive strategy supported by adaptable technology solutions isn’t in place, potential costs rise even further: The already-flawed situation is exacerbated by explosive information growth (frequently called “big data” because the explosion is driven by higher content volumes and larger file sizes), increasing demand for end-user data access, tight budgets, and other factors.

Companies can continue to try to keep up by making tactical-level archiving process and technology decisions. Or they can embrace an archive strategy that balances solutions for today’s pressing issues and with flexibility to address future retention requirements.

For example, by applying a more strategic mindset to the e-discovery situation referenced above, a company might shift its archived data to disk—choosing a platform that supports heterogeneous storage solutions, a private cloud environment, and public cloud environments. Doing so would give a company more control over its archive storage costs: The strategy and the underlying technology would enable the IT organization to pick what storage it uses for archived data and introduce cloud options for data that must be kept for extremely long periods of time.

The same type of analysis is suited to many archive solution capabilities in the marketplace today. The capability in question may not solve an immediate problem, but having a strategy that centers on both adaptability and flexibility will be extremely valuable in a few short years.

Of course, changing one’s purchasing behavior relative to archiving is entirely dependent on the appropriate solutions being available. This paper discusses the reasons ESG believes CommVault Simpana software, a data management platform that delivers backup, archive, search, and analytics capabilities, could be a viable cornerstone of an organization’s information retention strategy. ESG specifically examines Simpana archiving capabilities that organizations may not believe they need now but, given current archive market trends, will be extremely useful to them in the near future.

Getting More Familiar with the Archive Market

In an organization, many constituents—IT, legal, compliance, records management, knowledge worker representatives, etc.—usually get involved in information retention process and technology deployments. One factor playing into tactical archive decision-making is a lack of baseline archive market knowledge across those groups. Many people know what “has to be kept,” but some don’t know how or respect why it would be accessed. In other words, few know what actually drives retention in the first place.

Improving organizational understanding of the archive market, especially in regard to the trends that have affected and could affect it, will help enhance the perspective of cross-functional teams responsible for archiving technology decisions and implementations.

What We Know

Data Growth—It Is a Given

There is a reason why the IT market is enamored with the term “big data.” The industry has rarely seen today’s combination of increasing manual and machine-generated data and exponentially larger file/message/database sizes. For a variety of reasons, a good portion of this data needs to be archived.

As a result of primary data growth and market drivers discussed below, ESG estimates that organizations will archive more than 700 exabytes of data between 2012 and 2015 (see Figure 1)[1].

Figure 1. Total Worldwide Digital Archive Capacity, 2010-2015

Staple Market Drivers

There is no foreseeable reprieve in reasons companies must or should archive. In the “must” category, electronic records management to satisfy compliance and corporate governance mandates won’t subside unless the business world suddenly reverts to creating relevant documents on paper or if global governments and industry regulatory bodies relax specific rules requiring data retention.

In the “should” category, e-discovery continues to force companies to centralize critical data sources and place a subset of corporate information on indefinite retention until matters are resolved or disposition is legally acceptable. Most matters now involve electronically stored information, and it is unfeasible for companies to manually print out, preserve, and review all relevant digital data. Also, rampant data growth is stressing primary application environments and slowing response times. Shifting data from a primary environment while keeping it accessible is an effective way to balance application response times, data accessibility, and IT cost-control efforts.

Resources Are Limited, Not Infinite

Everyone talks about flat budgets and headcount freezes. We have to look at how those issues pertain specifically to archiving. Some companies have stretched backup environments too far to support meaningful archiving. Others have deployed separate, purpose-built archive solutions for every content type they need to archive. Still others are using a combination of backup and archiving solutions.

Which one is right? It depends on the IT staff’s skills and the budget. Some companies save all data. Others delete nearly everything. In both cases, they often don’t know to identify and save only what is dictated by business policy. A company should strive to be more efficient in executing archiving because based on underlying market drivers, the process isn’t going away and in fact will get harder due to the expected data growth.

What We Can Expect

Requirements/Drivers May Arise or Change

It is impossible to know what governments and industry regulatory bodies may do in dictating what content must be saved and for how long. But it is safe to assume that existing mandates will evolve, new ones will appear, and few are likely to disappear. e-Discovery requirements are influenced by local and national judiciary bodies as well case precedent. Any legal matter can result in a new opinion or sanction that influences how electronically stored information has to be managed.

And cloud computing, too, is dramatically altering how companies tier their infrastructures, offering an entirely new way to cost-effectively optimize IT environments. Data already stored in the cloud may later be mandated for archiving. Clearly, cloud could be a great place to store archival data.

Different Content Types Will Have to Be Retained

Too many people think archiving applies only to e-mail because that was where the focus of “electronic” records management and “electronic” evidence started. Today, though, we have to account for data repository sources such as SharePoint that we didn’t have a few years ago. Cloud applications are on the horizon as well. In addition, industry-specific data—such as healthcare medical images, telco call detail records, and oil and gas-related seismic imaging data—are (or could be) subject to retention requirements. Or, a business may simply want to keep this newer data for business-reference purposes.

Archive Access Will Evolve

Just a few years ago, access to archived information still had to go through IT, which meant access delays. More recently, IT organizations worked to offer broader, faster access to compliance, legal, and other groups. Today, many employees need ready access to what’s been archived.

And the process now has to work without IT’s involvement. It is even better if the archived information is available through the application that was originally used to create it (a native access experience). It is easy to envision external constituents such as contractors, service providers (external law firms or auditors for instance), and suppliers who may benefit from archive access. And, just as what happened with other corporate applications, archive access has to be extended to mobile devices (which have become integral to maximizing people’s productivity).

What It Means and How to Prepare

Bigger Archives, Bigger Challenges

A bigger archive creates multiple challenges, including the challenge of accurately identifying what data has to be saved and how long to keep it. With a bigger archive, it also becomes more complicated to:

Analyze the data and determine where to store it during its archive lifecycle
Apply and update retention policies
Delete all copies of data when retention requirements expire
Properly secure data to allow only authorized access
Find relevant information in a timely manner

Archiving Will Always Be a Moving Target

There is no wrong way to solve information retention challenges. However, it is smart to admit that room for improvement exists, and such improvements, if executed properly, can have financially positive benefits.

For example, most companies still solve archive needs with backup processes and technologies. This isn’t wrong. But most of these approaches make it hard to archive individual files. (You either backup an entire data set and save it, or you don’t copy it all.) These approaches also make it hard to alter retention policies upon receiving a discovery request.

A better way might be to use a platform designed to analyze, archive, and subsequently manage individual files. The savings manifest in faster e-discovery response times, reduced burdens on IT (if the archiving platform is self-service vs. requiring IT involvement), and lower storage costs because only a subset of data (vs. an entire backup data set) is actually kept. Companies can spur even more improvements if they can combine common backup and archive processes (such as file scanning and data deduplication) in a single operation while still supporting the two functional use cases (recovery and retention).

Apply a Strategic Perspective to Archive Decisions

In short, organizations have to be aware that information retention is unlike other IT back-end processes due to the lengths of time involved. Companies may need to or want to save data for many, many years. Investment decisions have to be based on today’s problems and on future readiness. Otherwise, a company will be making archive-related purchases every time the market changes or evolves which, if history is any indication, will be frequently.

CommVault Software’s Viability as a Strategic Archive

Known primarily for helping companies protect their critical business data, CommVault is quickly gaining momentum in the archive space. The rapid expansion—CommVault boasts thousands of archive customers—is attributable to the unique Simpana software platform. The Simpana Archive module runs on the same technology platform as the CommVault Simpana data protection offering and utilizes extended content capture options, a sophisticated search engine, and e-discovery and compliance information management workflows to support customers’ long-term information challenges. These feature sets are the foundational elements of traditional purpose-built archive solutions. Yet many do not give CommVault credit for being a visionary in this market.

Customers using Simpana software for data management, that is, for both backup and archiving, will attest that they have actually separated these processes. They have just chosen to do so with a single technology platform, which has obvious economic and operational benefits.

This thoughtful approach to backup and archiving will be more valuable to companies as they optimize their archiving strategies. The Simpana software feature-set, which supports the cost-saving, risk mitigation, and process improvements discussed below, is becoming too hard to ignore for those that traditionally bought or upgraded archiving solutions to only solve an immediate need.

A Strong Architectural Foundation

Simpana software is built on a single platform. It provides a virtual information retention repository called Content Store, combined with an intelligent index that simultaneously supports data protection, archive, and storage infrastructure reporting operations.

Customers can achieve immediate savings by having only one solution to manage—there is no need to have separate application “silos” for archiving and backup. Instead, customers can set retention policies for backup and archive in one place. For legal purposes, a single query data repository to obtain the most comprehensive results in the least amount of time streamlines discovery. The legal department will also appreciate a central place to delete data, reducing the risk of lingering copies.

The centrality helps customers who are preparing for the future: Organizations running archiving as a derivative to backup today can make an easy transition/addition. Customers wishing to consolidate two separate processes can do that if they wish. And customers wanting the benefit of a purpose-built archive without the separate environment get what they want as well.

Because Simpana technology is a data management software-only offering, customers have the option to choose their own storage, avoiding hardware lock-in and potentially higher costs. Support includes immutable storage for those customers with unique legal and compliance requirements, lower-cost tape devices, and cloud storage. That option may not be needed (or even desirable) today, but it will be very good to have over the next five years, as companies look to reduce archive capital and operating expenditures, and as cloud offerings mature and become more central to mainstream IT.

By supporting both backup and archiving, CommVault has a unique engineering design point, especially when it comes to supporting new content types for either function. From a data-protection standpoint, all business information, no matter what application created it or where it is saved, has to be protected.

As result, the product has to find ways to identify and analyze the data so it can be managed under the Simpana platform. Many of the techniques, including snapshot management, application-aware data-management copy operations, and file system analysis techniques, can be used to bring data into the Simpana platform so that data-protection or archive policies can be applied.

Additionally, the company has architected unique archiving capture capabilities, such as e-mail journaling and SharePoint Blob Storage integration, into Simpana software. CommVault has also established partnerships, such as a relationship with Informatica, to add optimized functionality to identify database record archive candidates and help move data into the Simpana software. The result is that customers should be extremely comfortable that Simpana software will handle any current or potential content needing retention for data protection or archiving purposes.

Optimizing Data Management Functions

Information capture is just one of the data management functions that can be converged with Simpana software. Creation and enforcement of retention policies is another. Customers can establish rules that determine what must be archived and protected, the specific retention policy, and what happens when the data is deleted (automatically expired, notification before expiry, etc.).

The centralized, automatic management of retention and disposition eliminates redundant administrative efforts and provides business users, especially records managers and legal staff, with comfort that data is being properly managed and retained and that the policies can be easily audited.

Another set of efficiencies resulting from the single Simpana information management platform manifests in the storage process. Data is deduplicated globally across both data protection and archive functions, reducing the amount of information that needs to be physically stored. The capacity-reduction benefit is obvious, but it may be unappreciated in terms of what it means for deletion purposes. Once all retention policies for a file have expired, the content can be deleted. There is no risk that another copy of that file resides elsewhere in archive or in the data protection environment.

Companies will undoubtedly need CommVault’s storage resource management capabilities as both primary and archive environments get larger. Right now, IT departments do undertake some form of resource management, trying to figure out what type of data they have, where it is, and when it was last accessed. Such an exercise is extremely helpful to optimize storage. Simpana software allows customers to take the next step and archive data after the resource management analysis has been done.

IT is also able to leverage the product’s resource management capability—analyzing data managed by Simpana software to determine if they should shift some data to a lower-cost storage platform or delete it because the retention policy expired but customers configured the system to “not automatically delete.” Having direct insight into the archive enables customers to manage it intelligently from a single console while taking advantage of a heterogeneous storage hardware environment.

Simpana OnePass represents an even greater level of data management function convergence. From a single scan across the file system, customers can perform backup, archive, and reporting functions without redundant operations affecting resources. Multiple agents installed on file servers and multiple file scans supporting these processes are not needed. This is an example of an ideal future-friendly feature. File capacity is growing exponentially, and scale-out systems (file systems spanning multiple physical devices) are more common. Moving data once, customers can eliminate redundant process and reduce the frequency in which these large quantities of data have to be analyzed in order to be properly managed.

Extensible Archive Access

Simpana software’s archive capture techniques leverage unique integration points such as SharePoint Blob Storage from Microsoft. It enables archive data to be accessed from within the application in which it is created, minimizing the need for end-users to go to separate environment to initiate a retrieval. This type of access is possible via Object-Based Retention, a feature within Simpana software that facilitates intelligent stubbing. A link (stub) is left in the primary application environment, yet the data is stored centrally. Users enjoy a native access experience, and retention policies can be applied in a single location.

It is also much easier to delete content after retention requirements expire. And the operation can be executed with confidence that no other copies exist. The resulting benefit: Both IT and end-user productivity are boosted.

Companies will find that the extremely sophisticated search engine within Simpana software—supporting both auto-classification and manual tagging/classification of data—will be of great benefit to attorneys and compliance officers. Today, they have to search large volumes of data specific to a topic, and they need it to be organized in order to make critical legal/compliance decisions. It will also be very useful for employees in future years who are looking for that “needle in a haystack” without even knowing where to start their searches.

With role-based access to search, companies can set up any number of secure roles with unique permissions. Employees can search their own data across backup and archives. Legal can search all content. In the future, organizations may want to create roles for partners or outside counsel or other external constituents. Today, this may seem like a strange concept. But keep in mind that requirements are going to evolve. In addition to defining access, Simpana software supports retrievals without IT intervention, speeding-up “time to information.” IT gets tapped to set up the roles, but that is far less of a burden than servicing backup/restore requests and old-style daily data retrieval requests.

Simpana software has planned support to allow access to managed data via mobile devices running on the Windows, iOS, and Android platforms. The benefit of that capability is self-explanatory. Empowering a distributed workforce is key to productivity because archive is becoming a business-reference, quasi-business-intelligence application for many. Access from anywhere is crucial to keeping knowledge workers connected to information.

The Bigger Truth

When IT application infrastructures are overloaded with data, or when records managers need to extend retention requirements to a new digital data source, or when attorneys have to quickly search and preserve data for a “make or break” case, it is very hard to think about anything but the problem at hand, which can be solved by an archive solution.

Unfortunately, a hastily made technology purchase may not adequately address the next retention fire drill. Or, when IT departments evaluate financial and operational resource allocations for the upcoming year, they may realize how expensive a tactical archive decision really is, whether it involves using an aged backup process or an non-scalable purpose-built solution. These realizations are exacerbated by the longevity of the information-retention process and the market drivers that evolve over that time frame.

It is time for organizations to start to strategically evaluate archive solutions for capabilities they need now and feature sets that are likely to address to future needs. It is hard to predict the future. But as an industry, we already do know some things about archiving. Clearly, it is wise to focus investments on platforms with value, ones that have:

A history of supporting new content types
A plethora of storage options including cloud
Access capabilities that are prepared to organize large quantities of data
An ability to reduce IT management needs

CommVault is well positioned to meet these needs and, while no technology solution is future proof, Simpana software can make customers “future ready.” Even if an organization doesn’t need all the capabilities Simpana software has to offer (which are far too substantial to cover in one paper), they should consider ones that may be useful and beneficial to them down the line.

[1] Source: ESG Research Report, Digital Archive Market Forecast 2010-2015, July 2010.

Lab Review: CommVault Simpana 9 “OnePass” Including Integration with HP X9000 Scale-out NAS

Jason Buffington — Wed, 01 Feb 2012 14:00:39 +0000

This ESG Lab Review documents hands-on testing of Simpana 9 software from CommVault, specifically its “OnePass” data change gathering and retention mechanisms as well as its integration with HP X9000 (IBRIX) scale-out NAS.

The Challenges

Companies of all sizes continue to struggle with the various aspects of data protection. A great deal of attention is paid to solving not only traditional backup/restore, but also adding archiving and storage resource management to their infrastructures. Along with improving backups of virtualization platforms, laptops, and key workloads, ESG research[1] found that IT end-users planning to implement new data protection initiatives had other goals as well:

19% plan to implement data archiving
19% plan to implement data deduplication
18% plan to re-architect their backup processes
13% plan to implement reporting of backup/storage

Users attempting to address diverse backup, archive, and reporting needs often employ technologies from multiple vendors—each with their own agent technologies on individual production servers, as well as their own server back-ends and management interfaces. Each point solution performs its own operations on every production server, including traversing the disk, consuming memory/CPU cycles, and contributing to network traffic.

The Solution: CommVault Simpana 9.0 with “OnePass”

CommVault customers running Simpana software have already learned to appreciate something better than a myriad of point solutions. Simpana software’s common platform delivers backup, archive, search and storage resource management administered from a single console. While built on a single software code base, Simpana software modules have previously utilized separate processes and index databases to run archive jobs, followed by backup and, finally, reporting.

Throughout 2011, CommVault regularly added incremental features to its Simpana 9.0 platform—one of which is a new operating methodology referred to as “OnePass,” which enables backup, archiving, and analytical reporting from a single traversal of the file system. By only reading and/or moving data once, redundant backup, archive, and reporting processes are eliminated to speed operations, reduce storage costs, and simplify management.

ESG Lab Testing

ESG Lab tested the new OnePass functionality at a shared CommVault and HP test facility located in Denver, Colorado. The ESG Lab test bed consisted of a typical Simpana software configuration of one CommServe and two MediaAgents, each configured to protect three HP X9720 scale-out NAS nodes sharing a single file system, as seen in Figure 1.

Figure 1. The ESG Lab Test Bed: CommVault and HP Scale-out NAS

The test bed was provided by HP to assess Simpana 9.0’s ability to protect a high-volume of unstructured data.

ESG Lab investigated how CommVault consolidated data protection methodologies using the OnePass architecture. The left side of Figure 2 shows the typical IO patterns of three related data management workflows, including traditional backup, file-archival for reducing disk consumption, and reporting services. The right side of Figure 2 shows the combined workflow of the OnePass-enabled agent in Simpana 9.0.

Figure 2. Comparing Three Traditional Data Protection Workflows to “OnePass” within CommVault Simpana 9.0

Figure 2 shows how “OnePass” traverses the production storage only once, thereby eliminating significant IO redundancies on the primary server, which should dramatically reduce backup windows and the IO penalties associated with data protection and management tasks.

In a traditional environment using three data management tools, ideally with some level of integration or at least reporting, one might:

Perform a traditional backup for data recoverability using traditional incremental methods.
After the backup is complete and therefore recoverable (just in case), determine if any files are candidates for archive (hierarchical) management. These files should be “stubbed” to save space, meaning that the original file is replaced with a “stub” pointer referring back to the original file held in near-line storage. This ensures that the actual contents are able to be retrieved transparently when the file is accessed.
With the backup finished and the appropriate files migrated to near-line storage, update the reporting system for usage and capacity.

In the case of Simpana OnePass functionality, the operating methodology is similar … yet optimized:

The agent conducts a backup of changed files.
With the backup changes successfully committed on the media server, the same agent then assesses the files as candidates for archival, and, if so, stubs the file.

No additional file system traversal is necessary because it was done during the backup.
No additional disk “read” or network “send” operations are performed during stubbing, as would be required by a separate archival product. The archival process knows that the backup process already read the file and sent it during the backup operation—so it already exists within the Simpana unified storage pool.
Either way, the archival routines within the OnePass agent simply perform the stubbing operation of replacing the actual file with a stub—after which the file-system driver will handle retrieval requests in case the file is accessed.

With the backup complete and the appropriate files archived, the reporting mechanism updates its information. Again, this occurs without any incremental disk traversal or network operations because Simpana OnePass uses a common index and reporting mechanism from a single collection.

ESG Lab tested the unified OnePass operating model by first conducting separate backups, archives, and report generation using Simpana 9.0 without the OnePass methodology at work. The files were spread across six nodes of an HP NAS and were backed up in parallel by one of the two Simpana media server nodes seen in Figure 1. After the initial testing, ESG Lab audited the results of a similar prolonged test provided by CommVault.

ESG Lab found that the overall backup time was reduced anywhere from 30% to 200% based on three key factors: data types and sizes, amount of redundancy among stored files (e.g., versioning), and archival retention settings that will vary by company. At the low end, even a 30% time savings may mean the difference between compliance with backup window SLAs or not. At the high end, the incremental nature of these backup processes, coupled with nearly transparent archival and SRM functionality, may make the entire backup tax nearly vanish for some production environments.

While less quantifiable, ESG Lab noted that by 1) only traversing the file system once, and 2) offloading the analysis processes to the Simpana MediaServer seen in Figure 2, an appreciable amount of disk IO and CPU processing should be relieved from the production server(s). This means that the production platforms should spend far fewer resources on data protection/management, reserving resulting in more IO and CPU for production purposes.

ESG Lab was impressed by how simple the process was to enable OnePass for Simpana customers. As is typical, the actual agent software components are upgradable through either a push from the Simpana administration console or an .MSI through the customer’s typical software deployment tool. The software can be deployed at any point even if the OnePass functionality is not immediately enabled.

Figure 3 shows how enabling the Archive or SRM reporting functions within the unified agent (i.e., enabling “OnePass”) is simply a matter of two checkboxes within the backup configuration in the Simpana administration console.

Figure 3. Enabling “OnePass” via Two Checkboxes within the Simpana File System Agent

Why This Matters

Most IT professionals instinctively hope for a unified data protection approach. Historically, they looked for a single backup solution that protected the range of devices in their environments. With continually growing data sets, systems are often becoming “too big” to back up with traditional methods, so solutions for archival and reporting are becoming equally sought after. And while those are good goals, the reality of running at least three different data protection, retention, and analysis agents and processes on a production server is highly undesirable if it means managing multiple tools, supporting many agents, and continually switching between tools due to various financial, environmental, or workload-specific constraints.

ESG Lab found that, with its most recent innovations in the 9.0 Simpana platform (which could arguably be called R2), CommVault seems to have achieved something that most suite-based or pseudo-integrated platform products strive for and that so many backup administrators with multiple products have longed for: not just interoperability across data protection and management processes, but actual unification with a single agent per production platform, running truly combined processes to reduce its disk/network/CPU footprint while still accomplishing multiple protection and management goals.

Simpana Archive Integration with Scale-out NAS

“OnePass” is not the only innovation recently delivered for the Simpana 9.0 customer base. Along with backing up large file systems, CommVault now also offers its archival capabilities as the near-line extension of scale-out NAS platforms, including the HP X9000 (IBRIX) product family.

By integrating the Simpana software’s archival ability with scale-out NAS, CommVault software is able to offer an additional tier of near‑line storage, enabling organizations to leverage a wider range of storage options at a better price point.

ESG Lab Testing

ESG Lab initially treated the HP X9720 platforms as the production server farm being backed up by Simpana. By reconfiguring the test environment, ESG Lab was also able to test Simpana archival storage as a near-line expansion of a scale-out NAS appliance.

Figure 4 shows the reconfigured test bed with the production NAS being archived by the recent enhancements in Simpana 9.0, using the HP X9000 (IBRIX) platforms as a recent example.

Figure 4. Using Simpana software’s Archive as Near-Line Extended Storage for Scale-out NAS

In Figure 4, files accessed from the X9000 platforms can be either taken from their own storage pool or transparently retrieved from the Simpana Archive. While the user “sees” all files just as they would expect to within the NAS, those files may be within the primary storage of the scale-out file system or within the Simpana archival storage pool (using any storage that Simpana software supports).

While some NAS vendors provide their own “archival” capabilities through storage tiering and near-line capacity, it doesn’t always align with the “unified” data protection benefits described above unless 1) backup and reporting are also performed within the NAS/SAN and 2) the NAS/SAN platform is common across the entire corporate environment. Using a software-based approach, customers may be able to leverage the unified data protection/management capabilities of CommVault software across a wide variety of production servers and NAS platforms consistently—and as a complement to any data management functions that may be offered by the NAS itself.

ESG Lab tested this by enabling the Simpana Linux file server agent on each of the HP X9000 NAS nodes. While many data management products purportedly present challenges when integrating with IBRIX platforms, CommVault is able to use its standard agent with the addition of a registry key on each IBRIX node.

After enabling the agent, ESG Lab tested the user experience by defining archival policies within Simpana software for various files and then retrieving them from an NFS client workstation.

Figure 5 shows two files used during testing of the archive integration with scale-out NAS:

The top file listing shows the files were originally 100 MB.
The left statistic reveals each file consumes 102,512 KB.
The right statistic reports each file’s size as 104,857,600 bytes in the directory listing.
The middle of the screen reveals that the files were stubbed after archive—consuming only 20 KB each within the NAS, while still displaying 100 MB in the directory listing.
The last file listing shows that after accessing one of the files, it has been retrieved and thus consumes its regular capacity within the NAS while the other file remains archived until first access.

Figure 5. NFS Client’s Experience in Retrieving Files from an Archive-Enabled NAS

Note, that while Figure 5 shows the attributes from an NFS perspective, Windows (CIFS) users would have a similar experience where the actual consumption size is masked and the user perception is all files being offered and stored on the HP NAS.

After enabling archival, ESG Lab configured recurring jobs to enable migration of data from the shared file system within the six IBRIX nodes to the Simpana ContentStore. Files that have been migrated will be returned to make file requests from a client workstation accessing the NFS shares on the X9000. ESG Lab observed no appreciable lag in performance or changes in the users’ experience as file requests were routed to the Simpana platform and transparently retrieved from the CommVault software-powered archive.

Why This Matters

ESG research[2] shows that scale-out NAS is no longer just for extreme usage scenarios; it is becoming more and more mainstream. And while platforms like the HP X9000 (IBRIX) offer significant storage performance, they sometimes require proprietary data protection methods and often lack the extensibility to be protected by more typical third-party software solutions. CommVault and HP/IBRIX have partnered in such a way that a simple registry key enablethe Simpana archive capability.

By combining the archive (and backup) capabilities of Simpana with the scale-out NAS functionality of HP’s X9000 series, CommVault customers can not only achieve their performance goals for NAS, but do so while managing costs and capacity through Simpana software’s archive ability.

ESG Lab Validation Highlights

ESG Lab examined and tested the combined methodology of “OnePass” with appreciably reduced overall data protection jobs, as well as reduced impact to the production servers due to the consolidated network and disk operations of “OnePass.”
ESG Lab observed how easy it was to enable Simpana software as an archive to a scale-out NAS, without perceivable changes to the end-users’ experience.

Issues to Consider

ESG Lab found that while it would be easy for an experienced Simpana operator to add the OnePass functionality to their environment, the Simpana administration console may appear complex to someone new. This is a reasonable result of a very mature ninth-generation codebase that continually adds new features and options based on feedback from over 15,000 customers.[3] Those considering converting to Simpana for its OnePass functionality, its other workload-specific capabilities, or its ability to provide an archival store for scale-out NAS should be prepared for a learning curve which can be offset by training.
While the HP X9000 is just one of the scale-out NAS platforms supported by the Simpana software archival function, customers will want to ensure that their specific platform is currently covered. With CommVault routinely producing updates and incremental functionality, those not directly supported today may be supported later in 2012.

The Bigger Truth

Most environments struggle with a myriad of data protection and management technologies, perhaps because of workload-specific requirements, data center solutions that are less ideal in remote offices, or simply different data management goals (e.g., backup, archive, and reporting). For many, the sentiment has often been “If there was a unified solution that did everything well, then we would all own it already.” For others, the potential interoperability of suite-based software or simply complementary products from the same vendor have left customers disappointed as they discovered that each product operates as if it were the only tool that matters.

By simply enabling the “OnePass” capabilities within Simpana 9.0, CommVault customers can enjoy something that many others should find very enviable: a single agent that backs up, archives, and reports on each production server, with only one network stream and significantly optimized disk-IO impact. The result is something that appears so intuitive that it should be the measure by which other unified products aspire—where functions/technologies may have originally been developed or even acquired separately, but eventually become folded into a single agent talking to a unified back end.

Along with observing the before and after effects of “OnePass,” ESG Lab also tested integration of the archival capabilities of Simpana software with scale-out NAS, showing an appreciable benefit to customers with applicable platforms. Without changing the client experience or installing client-side software, even the most advanced NAS platforms can take advantage of an additional tier of storage through the near-line capabilities of Simpana.

If you are currently using a variety of data and management technologies for different purposes and have been disappointed by the lack of integration or coexistence supportability, then Simpana may be exactly what you have been looking for. While individual test results will vary, the fact that common disk reads and network operations are unified should be a valuable optimization method that all environments can take advantage of. Looking at the unified workflow of Simpana software’s OnePass methodology should make you ask, “Why doesn’t everyone do it like that?”

[1] Source: ESG Research Report, 2010 Data Protection Trends, April 2010.

[2] See: ESG Research Report, Scale-Out Storage Market Forecast 2010-2015, December 2010.

[3] CommVault press release, November 2011