May 2008 Entries
How much should you spend on disaster recovery (DR)? - May 31, 2008
Orlando Florida -- It's a trick question that few, if any, storage administrators know how to answer. You can easily spend a king's ransom to protect your data, but few companies have that kind of money. The key to cost-effective DR is first placing a value on the data--and understanding how the data's value changes over time--and then matching various data protection technologies to that value. Here in Florida Hurrican season starts tomorrow, June 1 and last until November 30th. So my guess to those of us in the Gulf States - Will you be ready?
In an earlier blog (see The search for cost-effective disaster recovery), I described how to develop an application/data classification foundation (ADCF) that lays the groundwork for cost-effective DR. This foundation has six steps:
Classify each application and its data into four categories:
- Mission critical
- Essential
- Important
- Less critical
- Determine the required recovery point objective (RPO) and recovery time objective (RTO) for each class of data.
- Determine the available DR options per class of data.
- Establish each option's TCO for the expected life of the implementation.
- Evaluate the skills required at all DR locations.
- Match the data, DR options and skills to the budget to determine the breadth of the DR GAP (the difference between the level of DR required and the level of affordable DR, or the difference between the actual level provided and the level required).
- Remote mirroring
- Remote mirroring provides data accessibility protection for an application using physically separate locations. While similar to mirroring within a RAID array, remote mirroring takes place over MAN or WAN distances. It's usually between storage arrays or storage appliances, and can be synchronous or asynchronous.
Synchronous remote mirroring is the highest possible level for DR RPO and RTO. The RPO is "zero" lost data, and the RTO is typically seconds to minutes. Synchronous remote mirroring does this by neither completing nor acknowledging the local write until the remote write is completed and acknowledged. Additional writes can't occur until each preceding write has been completed and acknowledged. This means local performance is directly related to the performance of the DR remote device; distance is the limiting factor. Remote synchronous mirroring is rarely deployed for circuit distances greater than 160km (100 miles). http://www.sencilo.com/storage-software.php
With asynchronous remote mirroring, local writes are completed and acknowledged before the remote writes. Asynchronous remote mirroring is a "store-and-forward" technique that reduces I/Os and wait delays, allowing remote writes to fall behind the local writes. This means the RPO for lost data can range from seconds to minutes, and even hours in some cases. Asynchronous remote mirroring is most often utilized when the remote site is a long distance from the local site.
The primary advantage of both synchronous and asynchronous remote mirroring is the minimal (asynchronous) to zero (synchronous) risk exposure in losing data during a disaster. A secondary advantage is the potential for quick data recovery when a disaster occurs. Remote mirroring doesn't require server agents, and it provides heterogeneous server and application support.
Remote mirroring applications are often pricey, the equipment is usually expensive, and it typically requires at least twice the primary disk space and sometimes much more. However, when the lowest possible RPO and RTO are the requirement, remote mirroring is the answer.
Another disadvantage is that remote mirroring doesn't prevent a rolling disaster, data damage, corruption or accidental deletion. If data is corrupted, damaged or deleted at the primary site, it will also be at the DR site. Some asynchronous remote mirroring products timestamp each transaction and allow recovery to a point in time before the corruption or deletion occurred, but they're exceptions to the rule. This means procedures other than remote mirroring must also be implemented to allow for recovery of corrupted, damaged or deleted data. Other disadvantages include lack of support for heterogeneous arrays, no support for internal storage, and nearly no application and file information.
Less-expensive alternatives to remote mirroring can also provide the lowest possible RPO and RTO. They're generally continuous data protection (CDP) products and include time-based continuous snapshots, automated backup, replication of changed data and automated, generational-change distributed backup. They offer a lower TCO than remote mirroring, support heterogeneous storage and provide better rollback capabilities. But they usually require installing and managing agents.
Backup
Backup applications copy primary stored data directly from the application server and move it over TCP/IP networks to a local backup server or remote DR backup server. The server then writes the copied data to disk or tape. RPO is the window between backups or incremental backups. RTO is minimally hours, but usually days to weeks.
While backup is the primary DR application deployed in most IT organizations, it also has the highest failure rate. Failures can be attributed to user error, bandwidth issues, throughput issues, tape issues and even application server availability requirements. http://www.sencilo.com/prod-storagesoftware.php
The primary advantage of backup is its familiarity--it's a known quantity, both good and bad. Storage administrators know how to deploy and use backup, and the TCO is relatively low depending on the storage environment.
The two key disadvantages of backup are that its RPO and RTO are usually quite high, and backup is a local process. There are exceptions, however. Several backup programs distribute and centralize backup while providing continuous incremental backups, shrinking the RPO considerably. Unfortunately, recovery time is still a lengthy process. Data consistency and usability--the ability to use the backed up data without modification, reordering or re-creation--may also be a problem. Backup programs require server-based agents and backup costs escalate sharply as the environment scales and grows more complex.
Backup products are evolving and improving. Virtual tape, disk-to-disk-to-tape (D2D2T) and massive array of idle disks (MAID) technologies speed backups and recovery times. New types of backup software, such as content-addressable storage (CAS), reduce the amount of data required to back up by sending only changed data and meta tags about data. This significantly reduces recovery times and dramatically increases recovered data usability. Distributed backup eliminates the installation of server agents. These new types of backup have RPOs and RTOs that can be used for critical data. http://www.sencilo.com/storage-data-deduplication.php
Replication
Replication software replicates data from server to server synchronously and asynchronously. There are incremental and CDP modes. Replicated data travels over TCP/IP networks to a remote server's disk, and then a backup client is needed to move the data to a storage device. RPO for replication is similar to the RPO for storage array remote mirroring, depending on whether it's synchronous or asynchronous. RTO can be a little faster because the DR application servers are already collocated with the DR storage.
Replication software is easy to install and operate. It can run locally and distributed, and because it's server-, storage- and infrastructure-agnostic, there are no hardware lock-ins. Replication software costs are less than those for backup software and much less than storage array-based remote mirroring. Replication has evolved to include application-aware agents, continuous protection and rollback capabilities. One important benefit to replication is data migration. Replication software simplifies the process and replicates only the data that needs to be replicated in a non-disruptive manner.
Replication software can't prevent damaged data from being replicated, and server agents must be maintained and managed. RTO can be significantly increased if there's a single DR server caching the replication from different application operating systems. In the event of a disaster, all data must be recovered and rewritten before the applications can access the data. This is similar to backup. If there's a DR replication server per operating system, the RTO rivals storage array mirroring.
Snapshot
A snapshot provides a point-in-time reference marker to data stored on a storage system. Snapshots are a way to speed RTOs. There are two primary types of snapshots: copy-on-write and split-mirror.
A copy-on-write snapshot stores changes and additions to existing data. Data recovery is rapid in case of a disk write error, corrupted file or program malfunction; however, all of the previous snapshots must be available if complete archiving or recovery is required. A split-mirrored snapshot references all the data on a set of mirrored drives where one is local and the other is local or remote. Each time the snapshot is run, it snaps the entire volume, not just new or updated data.
Snapshot is easy to install and operate. A copy-on-write snapshot provides a short RTO and a relatively slow RPO (data must still be recovered before it can be used). Split-mirror snapshots have a relatively long RPO, but they speed data recovery (RTO), duplication and data archival. One important benefit to split-mirror snapshots is that it's possible to access data offline for tasks such as data mining and offline production data testing. Some snapshot applications provide continuous snapshots and rollback capabilities based on a point in time, which offers faster RTO.
A split-mirror snapshot uses a lot of system resources and will degrade the performance of the platform it's running on while it creates the snapshot. And snapshots can't prevent a rolling disaster of snapping corrupt data.
DR hardware platforms
There are four principle hardware delivery platforms: storage array, general-purpose server, purpose-built storage appliance and the intelligent storage networking switch. The storage array is a purpose-built storage server for block or file-based storage. Many storage vendors provide optional storage array DR software, which includes synchronous and asynchronous remote mirroring and snapshot. These software products are typically specific to the individual vendor and its storage offerings. http://www.sencilo.com/storage-area-network.php
Storage array-based software usually doesn't require application server agents. The arrays are server operating system-agnostic and the DR applications run fast. They are also installed in thousands of locations, and are proven and mature.
However, the array DR applications don't work with heterogeneous storage. In general, they don't have file-level or application awareness. (Array applications with application awareness use agents.) Storage array IOPS and throughput decline while DR applications are running. And these DR applications are licensed and managed on a per-array basis. Storage array DR applications have some of the highest TCOs and, in some cases, consume more raw storage than non-array based alternatives.
General-purpose servers have very low acquisition costs and low TCO. Implementing, servicing and managing them are known quantities. Performance is tunable and DR application performance leverages ongoing improvements in server technology. Increasing performance or scalability may be as simple as buying the next-larger server, and more memory and processing power. Other advantages include support for heterogeneous storage, and application and file-system awareness. General-purpose servers require DR application agents.
The purpose-built storage appliance is nothing more than a DR application optimized server. A good way to think of the purpose-built storage appliance is to view it as a networked storage controller. It leverages technologies specifically optimized for storage DR applications. Optimization includes I/O performance, throughput, scalability and high availability (no single point of failure). TCO is definitely lower than for the storage array or intelligent server, but the purpose-built appliance is proprietary. It may also have higher initial acquisition costs and may not keep up with server technology advances.
The intelligent storage networking switch is a relatively new DR delivery platform. The storage area network (SAN) switch is the ideal system to provide DR applications because it sits between application servers and their target storage, and it also has visibility into all servers and storage targets.
There are two principle types of intelligent storage-network switches. The first essentially integrates the purpose-built storage appliance as a server blade into a Fibre Channel SAN switch or director. The second packages it as a storage software delivery platform that just happens to use switching as part of its architecture. It leverages a new technology called split path acceleration of independent data streams (SPAID). SPAID improves performance by separating the control path (the slow path) from the data path (the fast path). It enables out-of-band virtualization without requiring server agents and runs most DR software applications without any changes. Initial costs and TCO will probably be much higher than for non-integrated systems. http://www.sencilo.com/back-up-restore.php
No other platform has the DR application performance potential of the SPAID intelligent storage networking switch. SPAID switches have an inherently higher level of reliability, availability and serviceability than storage appliances because of the separation of control path from data path. Unfortunately, there are only a small handful of products that use the SPAID architecture. These include software from Incipient Inc., Maranti Networks, StoreAge Networking Technologies, Troika Networks Inc. and Veritas Software Corp. Of these, only StoreAge has a comprehensive suite of DR applications that works with all of the SPAID intelligent storage networking switches. Maranti has its own suite of DR applications, and Troika is working on a suite with tie-ins to other software-based DR applications. Incipient and Veritas are currently limited to volume management only.
Remember, a cost-effective DR strategy requires a mix of DR applications running on several platforms. Managing cost and effectiveness requires matching the value of the data to specific DR capabilities. This mix-and-match approach will reduce overall DR cost while meeting the organization's needs (see Sorting out disaster recovery options). Of course, this process must be repeated periodically to re-evaluate new technologies, products, SLA requirements and compliance regulations.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/continuity-disaster.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral
Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ
Simply steps to reduce your IT's carbon footprint - May 31, 2008
Lake Mary Florida -- The National Association of State Chief Information Officers (NASCIO) believes CIOs should be on the frontlines of their states' environmental programs and policies. The organization, which advocates for technology policy, urges its members to take steps now to become leaders in reducing their states' carbon footprints, issuing a 17-page brief on ways to do that.
Although specific to state CIOs, NASCIO's recommendations can be employed by large organizations as well. Here are the group's tips for getting started:
Develop a plan: States that have developed green IT plans, including Missouri, Kansas and Oregon, have incorporated ideas for green efforts in nearly every aspect of their state CIOs' jurisdictions. These include purchasing equipment, recycling, and consolidating and virtualizing data centers, among other areas. Reaching out to states that have developed plans can help put you on the path toward implementing green IT initiatives.
Establish a baseline and determine a metric: Before you move a project forward, ascertain where your state is on energy consumed, greenhouse gas emitted, etc. Developing a baseline and a way to measure progress can be built into a total carbon footprint reduction plan at the outset of an initiative, For state data centers: The Green Grid and other industry groups have published a metric that can tell state CIOs how much energy is spent on the productive use of IT versus wasted on the physical infrastructure.
Track and monitor success: Once a metric is determined, continue to track and monitor a project's success rate. For example, in following a data center consolidation initiative, examining the energy usage rate prior to consolidation and then comparing that to energy usage in the aftermath of consolidation can help determine success and show the benefits accrued from the project.
Become a transformational leader: Utilize existing authority through enterprise architecture or other means to drive toward greener practices without making major jurisdictional policy changes. In other cases, state CIOs must often work to gain authority to implement these programs for their employees. For instance, despite the significant increases in employer adoption of telework, it still remains a subject of debate, particularly among older workers. In order to incorporate a telework process, state policy issues must first be resolved. By emphasizing these green benefits of telework, state CIOs may be better poised to advocate for the implementation of these initiatives.
Don't go it alone -- enlist partners: Collaborate with other agencies within your state to establish jurisdiction and authority and to gain buy-in for a green IT initiative or agenda. Reach out to other states to gather best practices and lessons learned. Engage staff members -- they also hold a stake in enterprise success and may be eager to help drive these green efforts. Tell vendors green initiatives are important to your state. Many vendors offer green components to their products and services, as well as those dedicated solely to incorporating green practices.
Reach-out to a trusted advisor like Sencilo Solutions of Lake Mary Florida that has consolidated 100's of data center thoughtout Florida. Brian McCarthy CEO and Consolidation Consultant advises companies to start small, move your under utilized file servers over to a modern NAS storage device. Most files servers use 80 to 160 giga-byte drives, today's drives are 1,000 giga-bytes with 1,500 gigs units arriving later this summer. Next look at VMware to again consolidate those old Compaq, Gateway, etc. servers in few VM servers. Sencilo has just completed a Florida based Bank and retired several hundred servers in favor of ten dual CPU, quad core units. http://www.sencilo.com/network-attached-storage.php
Leverage the circumstances: With rising energy costs -- particularly fuel prices -- on the mind of nearly every citizen and lawmaker, green initiatives will likely be met with unprecedented support. State CIOs are uniquely poised to become leaders in the green IT revolution.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-consolidation.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland, Cape Canaveral
Other Projects: DR BC Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar CX4 FAQ Storwiz Primary Storage Compression Ocarina Networks
Stolen data ending up in Google cache, say researchers - May 31, 2008
Orlando Florida -- The Finjan security researchers, who uncovered several unprotected hacker servers containing the sensitive email and Web-based data of thousands of people, demonstrated how easy it is to find the data using Google.
By using a simple string of search terms the researchers were able to find stolen passwords and usernames, Social Security numbers, and even the usernames and passwords of internal databases of companies all stored in Google's public caching server.
Google returns the results based on log files available on the unprotected servers. The servers stored stolen data collected by Trojan horses running on infected end-user PCs, Ayelet Heyman, a researcher at Finjan's Malicious Code Research Center, said in Finjan's Malicious Code Research Center blog. It not that hard to protect these assessts, says Security Consultant Brian McCarthy of Sencilo Solutions. Sencilo can provide both security services that can true up open areas but also we offer products to close and protect your company information.
"Google just indexed these log files as they do with any other public file on the Web," Heyman said. "It's not a hoax as some people wrote; it's 100% harsh reality."
It's not the first time the search engine giant was used to uncover sensitive data or common security flaws in websites. Penetration tester Johnny Long was the first to make headlines explaining ways to turn Google into a malicious tool. Long's website has a Google hacking database. Tom Bowers, managing director of Allentown, Pa.-based Security Constructs LLC has also warned that IT professionals must learn how hackers use search engine queries to ensure sensitive data doesn't end up on the public caching servers.
Heyman urged people not to blame Google for caching the stolen information. Google indexed the log files on the server as they do with any other public file their crawlers find on the Web, Heyman said. McCarthy goes on record and says Finjan and Heyman are nuts to cast the blame of Google, or another search engine company.
In April, Finjan announced that it had discovered an unprotected server and others used as a drop site for the AdPack exploit toolkit. The server wasn't encrypted and no authentication was used to access it.
Yuval Ben-Itzhak, Finjan's chief technology officer, said more and more stolen data is turning up on popular search engine caching servers. The increase in sensitive data on search engine servers is likely due to the easy availability of crimeware toolkits such as NeoSploit, MPack, and AdPack. The toolkits make it easy for a novice to quickly find an unused server and begin stealing data.
"The whole idea for selling these toolkits is to provide to people who are not security experts and do not have a computer science background," Ben-Itzhak said. The management features enable the criminal to use social engineering tactics and target a country or IP, or even by log types, he said. http://www.sencilo.com/security-web-application-controllers.php
The researchers discovered sensitive information from Microsoft Outlook accounts including mail and personal folders, calendar, public folders and contacts. A mountain of healthcare information was also discovered, including personal data, health data, treatment, medications, insurance details, Social Security Numbers, and healthcare providers' data, including the physician's name. Banking data, including credit card numbers and account login numbers were also discovered on the server.
Businesses are also not immune. A large chunk of business data was discovered, including network folders and business contacts. Personnel files and business files marked confidential were also stolen using a Trojan. One message revealed details about an upcoming court case, while a few others contained business financial data such as invoice information.
The Finjan researchers said they notified more than 40 major international financial institutions located in the United States, Europe and India whose customers were compromised as well as various law enforcement agencies.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.
Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.
Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management
State Street's lack of security policies to blame for the lost of 45,000 Social Security Numbers - May 31, 2008
Jacksonville FLorida -- State Street Corp. is the latest firm to acknowledge a data breach, after a contractor hired to conduct data analysis lost a disk drive containing the personal information of 5,500 employees and 40,000 customer accounts.
State Street disclosed the information on its website four months after it learned of the problem. The financial services firm said Thursday that it began notifying employees and customers of the former Investors Bank & Trust Company, which it acquired in 2007.
"As a precaution, State Street is notifying legacy IBT employees and certain legacy IBT customers that have been identified as having certain personal data on the stolen equipment," the firm said in a statement.
IBT contracted out a legal support service to review its electronic records and compile data for federal regulators as part of the acquisition in 2007. The data was initially encrypted, but State Street said the vendor unencrypted the information when it loaded the data onto computer equipment, which was stolen from its facility.
The information included individuals' names, addresses, dates of birth, and Social Security numbers.
State Street said it notified state and federal law enforcement, which is conducting an investigation. The firm said it took several months to reconstruct analyze a copy of the data stored on the stolen equipment. So far State Street customers and employees are not affected by the breach. State Street said it would be offering free to the victims that its analysis indicates may be affected.
The loss of disk drives and tapes is prompting more businesses to encrypt data at rest, said Scott Crawford, an analyst with Boulder, Colo.-based Enterprise Management Associates.
In the State Street breach, the vendor handling the data unencrypted the information to conduct its analysis, but never encrypted it again. It happens often and companies sometimes fall prey to a false sense of security when deploying encryption. Ultimately the data is going to be accessed and sometimes another instance of the data is made that goes unencrypted, experts say.
"The devil is in the details of implementation with crypto, where a poor implementation of a good algorithm gives a false sense of security and it's potentially worse than not using encryption at all," Crawford said. "Even when experts are involved, the processes can be a killer."
What technology can do ends at how effective it is in managing or enforcing how people actually work with the data, Crawford said. Banks and financial services firms must comply with Basel II regulations with address operational risk management.
"Financial services have more motivation to be more thorough in managing operational risk, including risks posed by business partners," Crawford said.
Firms should have a centralized vendor management process in place that takes into account risk factors and be continually assessed to determine if the vendor is meeting the security requirements, said Ramon Krikken, a research analyst at Midvale, Utah-based Burton Group.
"Financial institutions are relatively quickly catching up with whole vendor management issue, but security has been an afterthought with vendor management," Krikken said.
Vendor evaluation should include assigning a risk score based on the sensitivity of the outsourced process. Vendor contracts should cover security issues and safeguards based on the risk factors assigned to the data, he said.
"It all comes down to having solid vendor due diligence, an area getting an increasing amount of attention," Krikken said.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.
Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.
Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management
Dave & Buster's data thieves will be prosecuted by US Department of Justice - May 14, 2008
Orlando Florida - The United States Department of Justice has charged and intends to prosecute individuals responsible for the theft of credit and debit card numbers from 11 Dave & Busters Inc. locations, including the one in Miami, Jacksonville and Orlando.
The thefts occurred from May to August of 2007. Although the stolen data was never retained or stored by Dave & Buster's, the data was illegally accessed from the Dave & Buster's computer systems during the card verification and transmission process. No personal information -- such as names, addresses, phone numbers, bank account numbers, PINs, or social security numbers -- were stolen.
The other stores involved are in Westminster, Colo.; Islandia and West Nyack, N.Y.; Utica, Mich.; Chicago; Columbus, Ohio; and Frisco, Dallas and Austin, Texas.
Dave & Buster's was alerted to the potential data intrusion in late August 2007. The company worked with both the Secret Service and Department of Justice and assisted them in the investigation. In addition, Dave & Buster's retained outside security experts who identified the source of the data compromise. As a result the company has implemented additional security measures to prevent such incidents from occurring in the future.
"As soon as we became aware of the breach in August 2007, we took steps to secure our systems and remain confident that they are safe today," said CEO Steve King.
Dallas-based Dave & Busters operates 50 restaurant/entertainment complexes in 19 states and in Canada and Mexico.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.
Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.
Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage
Data De-dupe now available for your SAN - May 11, 2008
In the past few years, data reduction technologies like compression and more recently data de-duplication have become quite popular, especially for use in backup and archiving. Can this trend continue into primary storage?
In backup, especially where there is a great deal of redundant data, there has been a mass adoption of data reduction technologies. In just a few short years, data de-duplication has gone from an obscure to a well known term in the data center. Its ability to eliminate redundant segments of data has provided great benefit to backup storage and some types of archive storage. In backup data, assuming a weekly full backup, a 20X storage efficiency quotient is not uncommon.
Primary storage is different
Unfortunately, moving de-duplication into primary storage isn’t as simple as shifting its location. Following is an outline of the particular requirements of primary storage that need to be considered in planning de-duplication:
1. Primary storage is performance sensitive. Primary storage is active, and if the implementation of data de-duplication causes a performance impact on the production environment it will not be acceptable. Either the performance of the de-duplication technology must be so efficient and fast that it does not impact performance, or it has to be done out of band on files that are not immediately active.
The ideal is a near-production data set that is de-duplicated as a background process, removing the possibility of any performance impact. It would also make sense that this technology has the capability to de-duplicate and compress at different levels of efficiency --the greater the data reduction level, the greater the chance of impact on performance when the data is read back in. While it would be great to have an inline system that was fast enough to reduce the data set without impacting performance, the technology does not exist today.
2. Primary storage is unique. The other challenge to reducing data on primary storage is owing to the fact that the data is generally unique. This is a very different situation compared to backup data. In a backup, especially when doing a full backup every day or week, there is a high level of data redundancy. While production data may have some commonality -- for example, “extra” copies of the same database -- for the most part, data is not nearly as redundant as backup data or even archive data.
As disk-based archiving and disk backups become more common, they are actually causing even less redundant data to be kept on primary storage. In the past there was value in keeping a couple of extra copies of a database or set of files on primary storage “just in case.” Now those copies can be very easily sent to disk archives or disk backup devices. (This is a good thing!)
Note: The current user expectation to see storage efficiencies of 20X or more should not even be considered on primary storage. A more realistic goal might be 3X to at most 5X.
3. Primary storage is compressed. In addition to being unique, much of primary storage data is already in some pre-compressed format. Files such as images, media files, and industry-specific data sets like SEG-Y are already pre-compressed. Even the data files from the latest version of popular office productivity applications are pre-compressed. These pre-compressed files often represent the largest data set in the enterprise and the one with the fastest data growth.
To deal with this uniqueness and the pre-compressed nature of production data, a successful primary data storage reducer will have to “dig a little deeper.” While inline data reduction has the clear advantage in the backup and archive categories, production storage is an area where out-of-band management of the process might be more valuable.
Without the pressures to do data reduction so fast, time can be taken to examine a complex compound document and look for similarities within a file across the millions of files in the storage environment. This behind-the-scenes treatment of data also allows for time to be invested in understanding how specific formats -- .jpg, for example -- are stored; how that data becomes embedded into another document (for instance, a PowerPoint presentation); and how both the original data and its embedded occurrences might be best optimized for data reduction.
4. Primary storage is getting cheaper. The final challenge to data de-duplication on primary storage is the continual erosion of disk drive prices. The very condition that essentially killed HSM and later ILM may also be a detriment to the implementation of data reduction on primary storage. With 1 Tbyte SATA drives becoming available from the top-tier storage manufacturers, it may be deemed easier to simply buy larger capacity shelves of storage.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral
Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ
Best Practices for iSCSI Storage and Virtualization - May 10, 2008
IP SAN adoption is growing among users who want storage that's easy to install, configure and manage, and also comes at a price considerably less than that of Fibre Channel (FC) SANs.
Consider Dave DePillis, manager of IT operations at Allied Cash Advance in Miami, who installed an iSCSI SAN (IP SAN) two years ago to make use of the cabling, switches and network adapters installed in his Gigabit Ethernet network. "Installing iSCSI was absolutely a no-brainer, especially since I had such a small initial investment," says DePillis. He's using iSCSI to back up file shares on four to six virtual machines with Symantec Corp.'s Backup Exec 12D to a Network Appliance (Net-App) Inc. FAS2020 file server. "I have more flexibility with iSCSI since I can use my LAN switches," says DePillis.
James Santillo is another happy iSCSI user. "iSCSI is easy to use and configure," says Santillo, systems administrator at Weiss Group Inc. in Jupiter, FL. He implemented iSCSI capability by installing StorMagic's SM Series iSCSI software on some industry-standard servers equipped with Serial ATA (SATA) drives.
Just what is iSCSI?
iSCSI was adopted by businesses shortly after its ratification by the Internet Engineering Task Force (IETF) in February 2003. The protocol, which was developed within the IETF to transport SCSI commands and block-level data over an IP network between a client and a target device, runs on top of standard Ethernet adapters and over Ethernet LAN or WAN switches.
The technology is implemented by loading a software-based driver--called an initiator--on an Ethernet adapter or by adding a dedicated iSCSI host bus adapter (HBA) to the host computer. Another initiator is added to the target storage array, which allows it to serve up data that will be transported across the network via the iSCSI transport.
iSCSI initiators are available from a number of sources and are categorized by operating system type. Two of the most popular are a Windows initiator from Microsoft Corp. and a Linux initiator from SourceForge
iSCSI can also be implemented with gateway technology in which an iSCSI controller attaches to a block-level storage array, thus enabling iSCSI transport. Examples of gateway-enabled iSCSI products are available from MDI Inc. and Exagrid.
In addition, a number of vendors have joined the iSCSI and FC worlds with what's called unified or multiprotocol storage. Vendors such as Microsoft, NetApp and Pillar Data Systems market arrays or software that can attach to the Ethernet network as a NAS or iSCSI device, and to the FC SAN.
Various-sized businesses have adopted iSCSI because it's easy to install, inexpensive, behaves just like Ethernet and doesn't require special skills like FC does.
"We don't have Fibre Channel experience," says Scott Christiansen, IT director at Leo A. Daly, an architectural and engineering firm in Miami Florida. "To get the iSCSI SAN up and running was so quick and easy; it was just unbelievable." Christiansen adds that the SAN "uses the same media as the Ethernet network; it's nice in the sense that everything we buy is Category 6 cable--it works for Ethernet, it works for the IP SAN."
Applications running on iSCSI
A few years ago, many analysts predicted FC SANs would be reserved for business-critical applications such as transactional databases, while iSCSI would be deployed for less business-critical, front-office applications, file shares and Web services. But when talking to users from various-sized organizations, it's clear iSCSI deployments span mission-critical applications and less-demanding office applications.
"Our primary business app runs off a Microsoft SQL Server," says Mike Leather, network services manager at Safeway Insurance Group in Westmont, IL. "Our developers and database administrators were telling me that our disk I/O performance wasn't acceptable; that was because we were growing too big for the original solution [and] we needed to look at something else."
Leather looked at FC SAN storage, but was wary of the challenges and expenses involved. He installed an EqualLogic IP SAN (now owned by Dell Inc.) primarily for his SQL Server environment, but soon found he was using iSCSI for everything. "The whole thing started out for SQL Server and exploded," he says. "We are using the SAN for file storage, Exchange servers and our VMware environment."
Weiss Group's Santillo found that iSCSI will support all of his applications, whether they're business critical or not. "Our custom in-house customer relationship management [CRM] app, which was running on Fibre Channel, is being moved to iSCSI," he says. "We had six SQL Server apps on Fibre Channel, but [they] are now on iSCSI. And we're moving our two Exchange databases to iSCSI. The CRM app is going on the Xiotech box [which is iSCSI enabled]. We're also moving our file systems and unstructured data over to Xiotech," he says. "I needed enterprise-level reliability without the price." Santillo says his six-year-old IBM FC SAN will become "end-of-life'd. We're migrating everything off to iSCSI."
iSCSI initiators
In the early days of iSCSI deployments, almost no one expected iSCSI software initiators to prevail over dedicated iSCSI HBAs.
Adaptec Inc., Alacritech Inc. and QLogic Corp. originally marketed iSCSI adapters complete with features such as TCP Offload, which negates some of the overhead of TCP/IP. These adapters were expensive and often sold for as much as $750, which is four to five times the cost of standard Ethernet adapters.
"We use the VMware and Microsoft iSCSI [Software] Initiator, and we also use iSCSI and Fibre Channel HBAs from QLogic," says Chris Rima, IT systems supervisor at UniSource Energy Corp. in Tucson, AZ. "We've been decreasing the use of the Microsoft iSCSI Initiator because it's not as efficient as the VMware iSCSI initiator or the QLogic iSCSI HBAs. There's a higher cost associated with the QLogic HBA, but it's minimal compared to the performance gains we get."
But other users have overwhelmingly adopted the use of software initiators from Cisco Systems Inc., Microsoft and the open-source community because they're inexpensive or freely downloadable from a vendor's site.
"We use the Microsoft software initiator and it works fine," says Mark Kash, IT specialist for the U.S. Army Corps of Engineers in Huntington, WV. "It's reliable and I haven't had any instances where it's corrupted anything," he says. "Originally, we considered using TOE cards from QLogic because we were thinking a firmware-based platform may be more reliable, but we saved money using the software-based alternative."
Microsoft's iSCSI Software Initiator Version 2.06 is the most popular iSCSI initiator. It supports multipathing for load balancing and failover, 64-bit platforms and IPv6. Multipathing lets the initiator establish multiple sessions with one target, enabling load balancing and failover among multiple network adapters or HBAs.
Is performance good enough?
According to analysts, iSCSI performance would fall short of that of FC. However, end-user experiences don't bear that out. I guess when you compare the low performance manufactures like Lefthand Networks and Equal Logics but not a EMC NS or NetApp FAS
"We ran some performance tests to see the difference between iSCSI and Fibre Channel, and we saw what the industry saw: iSCSI is able to offer about 80% the performance of 2Gb Fibre Channel," says UniSource Energy's Rima. "4Gig Fibre Channel is a little bit more, but it's not substantial enough given the cost to use it."
Rima chose iSCSI because it fulfilled his "performance needs." He runs Microsoft Exchange on iSCSI, and has been able to scale his storage up but "maintain a network topology that's low cost and low impact in terms of support."
Jim Bollinger, systems and network engineer at Washington and Lee University in Lexington, VA, has seen the same performance results as Rima. Bollinger installed Overland Storage REO disk-based appliances to back up his storage environment.
"iSCSI has been capable of doing everything we need it to do," says Bollinger. "You could take iometer.exe and take the array right up to 100Mb/sec. It's every bit as good as local SCSI and sometimes better. We've had no trouble on big files filling the pipe on our LTO-3 backup--up around 70MB/sec to 80MB/sec--and we've been backing up 7TB to 8TB a day."
10Gb/sec Ethernet
The advent of 10Gb/sec Ethernet bodes well for iSCSI. With Dynamic TCP Offload added to 10Gb/sec adapters running iSCSI, users will see the benefits--higher performance and access--of removing TCP processing from the host computer and placing it on a dedicated HBA from vendors such as Alacritech, Neterion Inc. and NetXen Inc. Dynamic TCP Offload takes advantage of Microsoft's TCP Chimney Offload technology, which offloads the TCP stack to the network card.
Bollinger, who uses QLogic HBAs that perform both TCP and iSCSI offload, says he'll migrate to 10Gb/sec Ethernet for the trunks between university buildings.
"10Gb/sec to 100Gb/sec is in our planning process and further validates our decision to deploy iSCSI," says Kash at the U.S. Army Corps of Engineers. "I'm comfortable that iSCSI is going to take over from Fibre Channel, and [that] it will no longer be considered a low-cost, lower performing alternative."
Rima says "we can do TCP Offload with the TCP Offload on our NetApp boxes," adding that "10Gig should allow us to scale up quite a bit."
Besides the use of existing Ethernet switches, adapters and common Category 6 cabling, users have seen other advantages. "The ROI of iSCSI is hard to measure, but our complaints from users on performance issues are practically non-existent now," says Safeway Insurance Group's Leather. "That's a huge ROI. In our business, if someone has trouble with our Web site while they're writing insurance, they won't wait for us, they'll just go to the next insurance carrier. You can't measure the lost business."
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-area-network.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland, Cape Canaveral
Other Projects: DR BC Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar CX4
Best Practices in Disk-Based Backup - VTL or NAS - May 10, 2008
Miami Florida - Data growth is a fact of life for IT departments according to Sencilo Solutions President Brian McCarthy. As your business grows, so does the amount of data it generates, and the amount of storage capacity needed to properly retain the data cascades out of control.
Planning Your Disk-Based Backup means to understand your Organizations requirements of all sizes face the dilemma of how to backup increasing amounts of data while reducing the hassles of traditional tape-based systems.
In response, organizations are implementing new solutions using disks as the backup medium. The backup server copies the data to a disk-based system in the data center. This means that backups are faster, restores are more reliable and you will not have to deal with the hassles of tape management. Disk-based backup ensure better backup and restore performance and long-term data integrity, availability and security of your data. This makes disk-based backup one of the hottest topics in the data storage industry today.
When considering a disk-based backup system, there are many branches in the decision tree to consider when selecting the right solution for a given environment. Companies with 1TB to 100TB of data tend to set up disk-based backup as a NAS (network-attached storage) target. NAS is hard disk storage that is set up with its own network address rather than being attached to the department computer that is serving applications to a network's workstation users. The NAS device is attached to a local area network (typically, an Ethernet network) and assigned an IP address.
Those companies with more than 50TB of data, in a Fibre Channel environment, tend to set up disk-based backup with a VTL (virtual tape library) interface fronting the disk. Fibre Channel is especially suited for connecting computer servers to shared storage devices and for interconnecting storage controllers and drives.
To understand the differences between the NAS and VTL options, it's important to keep the following factors in mind:
Onsite Disk-based Backup—Short Term Retention
The first decision is how much retention you will put on disk at the primary backup location. If you plan to keep a week or two of retention onsite, on disk, then any standard disk will work. If you are keeping short retention onsite, then any standard backup storage solution will meet the requirement. The three most common options are:
SCSI or SAS (Serial Attached SCSI)-connected disk set up as a disk volume
Ethernet-connected NAS server with disk
Fibre Channel connection with VTL (virtual tape library) software fronting the storage
A VTL provides the benefits of disk storage in a system that emulates a tape library to existing backup software.
Onsite Disk-based Backup—Longer Term Retention
If you plan to keep four or more weeks of onsite retention, or years of offsite retention, then the quantity of standard disk becomes too hard to manage and too costly to afford. Therefore, data reduction techniques that only store unique data (i.e. do not store the redundant data) can retain larger amounts of backup history using a small fraction of the disk required when using standard disk.
In this case, you should consider a disk-based backup system with built-in data deduplication technologies. Data deduplication systems employ a data reduction technique that identifies common "chunks" of bytes among multiple data files, and only stores these chunks once. Using this method, you can store data in less disk space.
There are two interfaces to data deduplication systems and two types of data deduplication in the next level down the decision tree. The interfaces are NAS and VTL. The two data deduplication methods are byte-level data deduplication and block-level de-duplication.
Byte-level data deduplication compares one backup to another, and only stores the bytes that change from backup to backup. Block-level data deduplication breaks the backup job into 8KB blocks. The blocks are compared via their hashes to find duplicate blocks, and then only unique blocks are stored. Both methods achieve approximately the same data reduction.
To summarize, the options available for data deduplication in disk-based backup systems are:
NAS with byte-level data deduplication
VTL with byte level data deduplication
NAS with block-level data deduplication
VTL with block-level data deduplication
In selecting the best approach for your organization, decide if you prefer NAS or VTL. This is typically determined by the environment for storage. An Ethernet environment will choose NAS and a Fibre Channel environment will typically choose VTL.
The final branch is to decide which kind of NAS or VTL disk-based backup system with data deduplication is preferred. The key considerations in making this decision are the following:
How the system is supported, managed and deployed
The desired backup and restore performance of the system
How the system grows and scales
How the system can size to the environment
The cost of the system
By understanding your backup retention requirements, your current storage environment, the different approaches to data de-duplication, as well as the key considerations for evaluating disk-based backup systems, you will be able to make an informed decision and select the correct system to meet the data backup and recovery requirements of your environment.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral
Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ
What Data Domain does NOT want you to know - May 9, 2008
1. What does the term "data de-duplication" really mean?
There's really no industry-standard definition yet, but we're getting close. Everybody agrees that it's a system for eliminating the need to store redundant data, and most people limit it to systems that look for duplicate data at a block not a file level. That's an important feature. Imagine 20 copies of a presentation that have different title pages–to a file-level data reduction system they look like 20 completely different files. Block level approaches would see the commonality between them and use much less storage.
The most powerful data de-duplication uses a variable-length block approach. Products using this approach look at a sequence of data, segment it into variable length blocks, and when they see a repeated block, they store a pointer to the original instead of storing the block again. Since the pointer takes up less space than the block, you save space. In backup, where the same blocks show up over and over, users can typically store 10 to 50 times more data than on conventional disk.
2. How can data de-duplication be applied to replication?
Replication is the process of sending duplicate data from a source to a target. If you replicate all the backup data then you need a relatively high performance network to get the job done. But with de-duplication, the source system–the one sending data–looks for duplicate blocks in the replication stream. If it has already transmitted a block to the target system, then it doesn't have to transmit it again–it simply sends a pointer. Since the pointer is much smaller than the block, we need much lower bandwidth networks for replication.
3. What applications does data de-duplication work with? Are there any that it doesn't work with?
When it's being used for backup, it supports all applications–email, databases, print and file applications, etc–and all qualified backup packages. Variable block length de-duplication can find redundant blocks in the backup stream for all of them. Certain file types–some rich media files, for example–don't see much advantage the first time they are sent through de-duplication because the applications that write the files already eliminate redundancy. But if those files are backed up multiple times or backed up after small changes are made, de-duplication can have very powerful capacity advantages.
4. Is there any way to tell how much de-duplication advantage I will get with my data?
There are really four primary variables. How much the data changes (that is, how many new blocks get introduced), how well it can compress, what your backup methodology is (full vs. incremental, for example), and how long you plan to retain the data. Some vendors–Quantum is one–offer sizing calculators to estimate the effects.
5. What is the real benefit of using data de-duplication?
There are really two. 1) Data de-duplication technology lets you keep more backup data on disk than with any conventional disk backup system–which means you can restore more data faster. 2) It makes it practical to use standard WANs and replication for DR protection–which means users can reduce their tape handling.
6. What is variable-block length data de-duplication? How do you get variable-length blocks and why would I want them?
It's easiest to think of the alternative. If you divided a stream of data into fixed-length segments, every time something changed at one point, all the blocks downstream would also change. The system of variable-length blocks allows some of the segments to stretch or shrink, while leaving downstream blocks unchanged–this increases the ability of the system to find duplicate data segments, so it saves significantly more space.
7. If the data is divided into blocks, is it safe? How can it be restored?
The technology for using pointers to reference a sequence of data segments has been standard in the industry for decades, you use it every day, and it is safe. Whenever you write a large file to disk, it is stored in blocks on different disk sectors in an order determined by space availability. When you "read" a file, you are really reading pointers in file's metadata which point to the various sectors in the right order. Block-based data de-duplication applies a similar kind of technology. And de-duplication vendors typically build in a variety of data integrity checks to verify that the system is sound and the data remains available.
8. Where does data de-duplication take place during the backup process?
There are really two choices. You can send all your backup data to a backup target and perform de-duplication there, or you can perform the de-duplication on the host during backup. Both systems are available and both have advantages. If you de-duplicate on the host during backup, you send less data over your backup connection, but you have to manage software on all the protected hosts, backup slows down because de-duplication adds overhead, and it can slow down other applications running on the host server. If you de-duplicate at the backup target you send more data over the connection, but you can use any backup software, you only have to manage a single target, and the performance is normally much higher because the hardware system is specially built just for de-duplication.
9. Can de-duplication technology be used with tape?
No and yes. Data de-duplication needs random access to data blocks for both writing and reading, so it needs to be implemented in a disk based system. But tape can easily be written from a de-duplication data store and in fact that is the norm. Most de-duplication customers plan on keeping a few weeks or months of backup data on disk, and then use tape for longer term storage. When you create a tape from de-duplicated data, the data is re-expanded so that it can be read directly in a tape drive and will not have to be written back to a disk system first.
10. What do data de-duplication solutions really cost?
There's a lot of variability, but there is a pretty good rule of thumb starting point. Assuming an average de-duplication advantage of 20:1–that's a number widely used in the industry–we have seen list prices in the range of $1/GB. So a system that could retain 20TB of backup data would have a list price of around $20,000–that's much lower than if you protected the same data using conventional disk. A note: options could increase that price–and discounts from resellers or vendors could reduce it.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in Cost Cutting storage, security and managed services solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, Data Domain, EMC, Hitachi, Symantec, HDS, IBM, Commvault, Xiotech and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, storage virtualization installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral Green Simpana Offerings Projects: BC DR planning Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ SSD Solid state disk SANmelody FalconStor tier zero Xiotech ISE nx4 ax4 greenBytes ZFS Sun Top 10 ROBOBak managed services hosting cloud grid Datacore Compellent compellant equallogic lefthand networks don't buy storage stop buying storage itguardian cherub networks Arkeia Network Backup appliance Data Recovery Backup Health IT Healthcare IT Digital Hospital Allscripts
What the PCI Council wants you to know! - May 9, 2008
Jacksonville Florida -- When the Payment Card Industry (PCI) Security Standards Council released version 1.1 of the PCI Data Security Standard in September 2006, it clarified existing mandates and added, in Requirement 6.6, some new ones pertaining to the custom application code that handles protected payment card data.
Basically, the council offered enterprises a choice: have an application security organization review custom application code for common vulnerabilities, or install a Web application firewall in front of Web-facing applications. See http://www.sencilo.com/security-web-application-controllers.php for more info.
In keeping with the council's measured approach to improving the security of payment card data, what was put forward as a "best practice" in 2006 will become a full-blown requirement on June 30, 2008. Many companies are already bemoaning the burdensome nature of PCI compliance and will no doubt chafe at paying for either more outside consultants or more security hardware and software.
On the other hand, there are plenty of security professionals who will say that what the PCI DSS requires is nothing more than the same application development and deployment approach that many companies have used for years. I can think of several financial and telecom companies that adopted a similar strategy when working with internally imposed PCI-comparable standards in 1999. Since then, there has been an increase both in the number of people qualified to conduct code reviews and in the availability of commercially supported application-layer firewalls.
Amid today's threat climate, where there is no shortage of people prepared to use whatever attacks they can to gather and exploit payment card data, a strong case can be made for both putting an application-layer firewall in front of Web-facing applications and having application code independently reviewed. However, in the real world, where cost constraints have never been tighter, some enterprises must choose one or the other.
The case for application firewalls
The main reason for an application firewalls like Barracuda Networks is that it will, if properly supported, actively protect against emerging threats, something a one-time code review will not. Sure, a code review might be able to list classes of attack against which the code is deemed secure, and a reviewer may be able to discount some emerging threats by referring to that list. A code review, however, does not provide a way to tweak application proxies in response to attacks.
One common argument against the application firewall is that it may be tricky to fit into an existing architecture. Another objection is that it may work out to be more expensive than a code review. Pricing varies between brands but you could easily be looking at a purchase cost of around $5,000 for something that will handle around 900 MB of throughput, rising to around $8,000 for 2 gigabites per second (Gbps). Total cost will depend upon the level of application traffic, ongoing licensing fees and personnel costs to manage and maintain your Web application firewall capability. However, if you have staff on hand with the skills to tune and manage an application firewall, like the folks who are already running your enterprise firewall, the additional cost may only be incremental or a security based consultant like Sencilo Solutions of Lake Mary Florida.
The case for code review
A code review is not cheap and in most cases much more expensive the a firewall. For whomever performs it, you are probably looking at tens of thousands of dollars in cost, although the exact figure will obviously depend upon application complexity. Bear in mind, though, that a code review doesn't require the same level of ongoing care and maintenance as a firewall (although future code revisions will need review).
However, enterprises should already be budgeting for code review as part of the software development process. Unfortunately, some earlier PCI guidelines gave the impression that internal code reviews would not be acceptable. Thankfully, we now know it's possible to use an internal staff for the review if it is a) trained and specialized in application-code assessments and b) not the same people who developed the application, this according to the Feb 2008 "Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified" document.
This clarification document approves, with the above caveat, the "proper use of automated application source code analyzer (scanning) tools" and the "proper use of automated web application security vulnerability assessment (scanning) tools."
Making the choice
So now it looks like there may be three avenues available, and in each case the choice may simply come down to people. Does the enterprise have staff who can:
a. Configure and maintain an application-layer firewall?
b. Perform a code review?
c. Use a third-party vulnerability detection tool and fix any problems the review uncovers?
Of course, the decision could also depend upon architecture considerations and how well an application-layer firewall would work with existing systems and devices.
Another factor to consider, particularly for those leaning toward a third-party code review, is how comfortable the organization may be with the status of its code. It is not unusual for payment card applications to develop over time and include some legacy code of unknown origin and unclear purpose. A security staff may not want to remove legacy code and run the risk of breaking a mission-critical application. Without suggesting that anyone should sweep potential bugs under the carpet, placing a firewall in front of an application might be less costly, or less disruptive, than re-writing it in light of a code review.
Finally, it has to be said that PCI DSS, admirable as its goals may be, has been far from perfect in practical terms. Not knowing exactly where the PCI Security Standards Council has drawn the line with Requirement 6.6 can be frustrating for those who are otherwise keen to toe that line. To a security professional who would normally urge the use of both code reviews and firewalls, it is another example of the compliance dilemma. If you promulgate a standard intended to increase security, you must be prepared to answer the question: "What must I do to comply with the standard?" The problem is, the question often becomes "What is the minimum I can do to be in compliance?" Just a few weeks ago, the PCI Council also released a clarification stating that companies can either perform the code review or install the application firewall, but that they would ideally like to see enterprises do both.
I recommend taking the time to understand PCI's Web application requirements, including the clarification documents, and consider how the approved options mesh with your architecture and resources. It is now clear that enterprises have multiple paths to compliance and, if executed properly, any of the options will not only help achieve compliance, but also improve Web application security.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-web-application-controllers.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Key words:Â Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare
