headtop

Connect to HealthIT News

The Next Generation of Backup will include incremental backups and CDP for VMware - June 13, 2008

Orlando Florida -- Symantec Corp. boosted its support for VMware's products in two new incremental releases for NetBackup at Symantec Vision.

The updates to NetBackup come as part of two new "double-dot" releases, NetBackup 6.5.2, which is available immediately and NetBackup 6.5.3, which is expected later this summer. "We have a new release model for NetBackup," said Matt Kixmoeller, vice president of product management for Symantec. "We're looking to get innovations to market faster, rather than just having an enormous big-bang release every few years."

Support for incremental and parallel snapshots of VMware hosts through NetBackup's VMware Consolidated Backup (VCB) integration are the main new features of the NetBackup 6.5.2 release, which also includes CDP and complete integration with PureDisk's data deduplication.

"On the large scale, the XenServer platform has some fundamental advantages," said Rob Soderberry, senior vice president for Symantec's storage and availability management group. "Our strategy is to create the best possible exploitation of the XenServer and VMware stack, and let customers and clients decide what they want to pursue."

Symantec is adding granular recovery technology into NetBackup. The feature was first incorporated into its product line with Backup Exec 11d, which allows unique object recovery from a single backup instead of through a secondary redundant backup that forced customers to use twice the space and time for backups if they wanted granular restores. Version 6.5.2 will make the feature available for Windows hosts, VMware hosts, and SharePoint Portal. Exchange integration will follow in NetBackup 6.5.3.

"Most snapshots, including Microsoft's VSS, don't allow you to get a file directly out without restoring the full snapshot," said analyst Lauren Whitehouse, Enterprise Strategy Group. "That feature puts Symantec a step above even Microsoft and other VCB integrations at this point."

NetBackup customer Eddy Navarro, a storage computer systems manager for J. Craig Venter Institute, said he's been waiting for the ability to schedule multiple concurrent snapshots of VMware hosts. "[In previous versions], NetBackup purposely set a cap on concurrent snapshots, meaning you could only schedule one at a time," Navarro said. This was done to avoid overwhelming environments that couldn't handle the load of parallel snapshots. "But, we have the infrastructure that can handle it," Navarro added.

Navarro said he's also looking forward to support for NDMP backups to disk in the new version. He wants that for his NetApp filers. While there might be ways to make the NAS backup standard dump directly to disk, Navarro wasn't familiar with them and wants all backups done through one portal. "I don't want to have to go back when I want to do a restore and say, now which way did I back this up?" he said.

New CDP, data deduplication integration

NetBackup 6.5.2 will also include the first integration with Symantec's CDP software acquired from Revivio in late 2006 and renamed RealTime 6.5.

NetBackup will be able to request snapshots from RealTime, but it will otherwise use a separate repository and interface until NetBackup 7.0 is released next year. While a new "NetBackup-like" interface on RealTime lays the groundwork for an integrated GUI, the repository will probably remain separate because Symantec expects users to deploy the "copy every write" software sparingly, according to Kixmoeller.

"The first generation of CDP struggled because there wasn't enough deep integration with applications," he said. With this re-release of Revivio's IP, NetBackup agents running on application servers will create pointers to quiesced snapshot copies in the CDP stream. The catalog of files and recovery screens will also be done in NetBackup.

Symantec has yet to integrate CDP with replication, another item on its roadmap since last year. "Symantec supports several replication products," said senior analyst Eric Burgener, Taneja Group. "Depending on how replication is linked into the CDP process, it can make it difficult to unlink it and use it with something else."

NetBackup 6.5.2 also completes an integration process between NetBackup and Symantec's PureDisk data deduplication software that has been ongoing since NetBackup 6.1. PureDisk agents can now perform data deduplication at the client, backup media server or target. Symantec is also supporting a stack of PureDisk, Veritas Cluster Server and Storage Foundation to create a grid architecture for post-process data deduplication on the target side.

While this stack of licenses could get confusing, the number of options Symantec is offering is more important, Whitehouse said. "It allows you to coordinate your backup strategy to your workload." "And, setting up various agents is a process you only do once."

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

CEO fired after major data lost! - June 7, 2008

The practice of sending across the country unencrypted, CD-based files on millions of child benefit claimants could have continued indefinitely if the discs hadn't gone missing, we have learned.

Orlando Florida -- Seven months before the CDs went missing, HM Revenue and Customs had already established a practice of transferring onto CD, for despatch by post, insecure, though password-protected, files on millions of child benefit claimants.

The lost discs contained details of all child benefit recipients: records for 25 million individuals and more than seven million families.

The records included parental names, addresses, dates of birth, child benefit and national insurance numbers and where relevant bank or building society details. Paul Gray, the chairman of HM Revenue and Customs, has resigned because of the incident.   This is not uncommon to see CXOs being asked to resign because of a data lost on their watch, after all it's the CXO who is signing or cutting the IT budget, say Brian McCarthy President and well know Security Consultant for Sencilo Solutions based in Orlando Florida. 

The practice of transferring all of the child benefit data onto CDs began in March this year after HMRC's auditor, the National Audit Office (NAO), ceased to accept sample records for its audit of the department's accounts.

In the past officials at the Department for Work and Pensions had selected sample child benefit files and passed these to the NAO whose auditors checked for possible fraud and error.

But in March this year, for an audit of HM Revenue and Customs's 2006/7 Resource Accounts, the NAO, to do a more robustly independent check on the child benefit data, requested a full copy of the details of claimants, not merely a part of the data that had been selected by the department.

Though HMRC does have rules on handling sensitive data, it is unclear whether it had specific, established procedures for handling the request of the National Audit Office.

Aware that the files on child benefit claimants were sensitive, the NAO in March 2007 asked that HMRC filter the information before sending it to the audit office. The National Audit Office asked for the child benefit records to be stripped of details of the parents, addresses and bank information, which McCarthy states is a best practice here in the States. 

HM Revenue and Customs replied that it could not do this - its systems were not sufficiently flexible. It explained it could download only the whole of the information. So it sent to the NAO, by courier-post, all of the details of parents and children, including some bank account details.   Not true states McCarthy, their are disk based encryption appliances on the market today which can protect anything from a USB hard drive to tapes, HM has their heads in the sand.

That was when the insecure practice began of HMRC sending unencrypted files to the National Audit Office. No alarm bells were raised over the practice in March 2007.

It appears that it was thought easier to send the claimant files on CD than trying to send them electronically. This raises questions about whether government departments are routinely sending CDs with sensitive data around the country, thus avoiding technical challenges and security restrictions on exchanging files electronically.  Easier, how is anything that is a manual process and the cost of mailing a disc easier?

So in March 2007 HM Revenue and Customs transferred the child benefit data onto CDs and sent them by courier-post from Washington, Tyne and Wear, to the National Audit Office which is near Victoria Station in London. They arrived safely - and the practice became established.

The data was sent to the NAO only partially formatted. It had to be loaded on the National Audit Office's mainframe systems before it could be manipulated.

In October this year, when the NAO wanted to do an audit of HMRC's 2007/08 Resource Accounts, it again asked the department for its child benefit data.

The sequence of events:

2 October 2007: The NAO formally asks HM Revenue and Customs for files on child benefit claimants.

18 October: HMRC tells the NAO that the CDs have been sent

24 October: The NAO informs HMRC that the discs have not arrived. The NAO asks for a second set to be sent - it needs them urgently to ensure an audit of HMRC's accounts is not delayed.

25 October: The NAO confirms receipt of the second set of discs. It staff point out that the first set has still not arrived.

5 November: HM Revenue and Customs confirms that the first set of CDs is still missing.

8 November: The NAO begins a search for the missing CDs and the loss of the data is raised formally as a security incident. It is only at this point that HMRC's senior management is informed - but not the Chancellor of the Exchequer Alistair Darling who is responsible for HMRC.

10 November: HMRC with the cooperation of the NAO begins a search for the CDs at the offices of the audit office at Victoria. The NAO has no record of having received the first set of CDs. Only now is Alistair Darling, the chancellor, informed.

11 November: HM Revenue and Customs and the police search the NAO's offices. Nothing is found.

20 November: Alistair Darling makes a statement to the House of Commons on the missing discs and Paul Gray, the chairman of HMRC resigns.

21 November: HM Revenue and Customs issues an apology.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.

Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.

Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management

How much should you spend on disaster recovery (DR)? - May 31, 2008

Orlando Florida -- It's a trick question that few, if any, storage administrators know how to answer. You can easily spend a king's ransom to protect your data, but few companies have that kind of money. The key to cost-effective DR is first placing a value on the data--and understanding how the data's value changes over time--and then matching various data protection technologies to that value.  Here in Florida Hurrican season starts tomorrow, June 1 and last until November 30th.  So my guess to those of us in the Gulf States - Will you be ready? 

In an earlier blog (see The search for cost-effective disaster recovery), I described how to develop an application/data classification foundation (ADCF) that lays the groundwork for cost-effective DR. This foundation has six steps:
Classify each application and its data into four categories:


  • Mission critical

  • Essential

  • Important

  • Less critical



  • Determine the required recovery point objective (RPO) and recovery time objective (RTO) for each class of data.

  • Determine the available DR options per class of data.

  • Establish each option's TCO for the expected life of the implementation.

  • Evaluate the skills required at all DR locations.

  • Match the data, DR options and skills to the budget to determine the breadth of the DR GAP (the difference between the level of DR required and the level of affordable DR, or the difference between the actual level provided and the level required).

  • Remote mirroring

  • Remote mirroring provides data accessibility protection for an application using physically separate locations. While similar to mirroring within a RAID array, remote mirroring takes place over MAN or WAN distances. It's usually between storage arrays or storage appliances, and can be synchronous or asynchronous.


Synchronous remote mirroring is the highest possible level for DR RPO and RTO. The RPO is "zero" lost data, and the RTO is typically seconds to minutes. Synchronous remote mirroring does this by neither completing nor acknowledging the local write until the remote write is completed and acknowledged. Additional writes can't occur until each preceding write has been completed and acknowledged. This means local performance is directly related to the performance of the DR remote device; distance is the limiting factor. Remote synchronous mirroring is rarely deployed for circuit distances greater than 160km (100 miles).  http://www.sencilo.com/storage-software.php

With asynchronous remote mirroring, local writes are completed and acknowledged before the remote writes. Asynchronous remote mirroring is a "store-and-forward" technique that reduces I/Os and wait delays, allowing remote writes to fall behind the local writes. This means the RPO for lost data can range from seconds to minutes, and even hours in some cases. Asynchronous remote mirroring is most often utilized when the remote site is a long distance from the local site.

The primary advantage of both synchronous and asynchronous remote mirroring is the minimal (asynchronous) to zero (synchronous) risk exposure in losing data during a disaster. A secondary advantage is the potential for quick data recovery when a disaster occurs. Remote mirroring doesn't require server agents, and it provides heterogeneous server and application support. 

Remote mirroring applications are often pricey, the equipment is usually expensive, and it typically requires at least twice the primary disk space and sometimes much more. However, when the lowest possible RPO and RTO are the requirement, remote mirroring is the answer.

Another disadvantage is that remote mirroring doesn't prevent a rolling disaster, data damage, corruption or accidental deletion. If data is corrupted, damaged or deleted at the primary site, it will also be at the DR site. Some asynchronous remote mirroring products timestamp each transaction and allow recovery to a point in time before the corruption or deletion occurred, but they're exceptions to the rule. This means procedures other than remote mirroring must also be implemented to allow for recovery of corrupted, damaged or deleted data. Other disadvantages include lack of support for heterogeneous arrays, no support for internal storage, and nearly no application and file information.

Less-expensive alternatives to remote mirroring can also provide the lowest possible RPO and RTO. They're generally continuous data protection (CDP) products and include time-based continuous snapshots, automated backup, replication of changed data and automated, generational-change distributed backup. They offer a lower TCO than remote mirroring, support heterogeneous storage and provide better rollback capabilities. But they usually require installing and managing agents. 

Backup
Backup applications copy primary stored data directly from the application server and move it over TCP/IP networks to a local backup server or remote DR backup server. The server then writes the copied data to disk or tape. RPO is the window between backups or incremental backups. RTO is minimally hours, but usually days to weeks.

While backup is the primary DR application deployed in most IT organizations, it also has the highest failure rate. Failures can be attributed to user error, bandwidth issues, throughput issues, tape issues and even application server availability requirements. http://www.sencilo.com/prod-storagesoftware.php

The primary advantage of backup is its familiarity--it's a known quantity, both good and bad. Storage administrators know how to deploy and use backup, and the TCO is relatively low depending on the storage environment.

The two key disadvantages of backup are that its RPO and RTO are usually quite high, and backup is a local process. There are exceptions, however. Several backup programs distribute and centralize backup while providing continuous incremental backups, shrinking the RPO considerably. Unfortunately, recovery time is still a lengthy process. Data consistency and usability--the ability to use the backed up data without modification, reordering or re-creation--may also be a problem. Backup programs require server-based agents and backup costs escalate sharply as the environment scales and grows more complex.

Backup products are evolving and improving. Virtual tape, disk-to-disk-to-tape (D2D2T) and massive array of idle disks (MAID) technologies speed backups and recovery times. New types of backup software, such as content-addressable storage (CAS), reduce the amount of data required to back up by sending only changed data and meta tags about data. This significantly reduces recovery times and dramatically increases recovered data usability. Distributed backup eliminates the installation of server agents. These new types of backup have RPOs and RTOs that can be used for critical data. http://www.sencilo.com/storage-data-deduplication.php

Replication
Replication software replicates data from server to server synchronously and asynchronously. There are incremental and CDP modes. Replicated data travels over TCP/IP networks to a remote server's disk, and then a backup client is needed to move the data to a storage device. RPO for replication is similar to the RPO for storage array remote mirroring, depending on whether it's synchronous or asynchronous. RTO can be a little faster because the DR application servers are already collocated with the DR storage.

Replication software is easy to install and operate. It can run locally and distributed, and because it's server-, storage- and infrastructure-agnostic, there are no hardware lock-ins. Replication software costs are less than those for backup software and much less than storage array-based remote mirroring. Replication has evolved to include application-aware agents, continuous protection and rollback capabilities. One important benefit to replication is data migration. Replication software simplifies the process and replicates only the data that needs to be replicated in a non-disruptive manner.

Replication software can't prevent damaged data from being replicated, and server agents must be maintained and managed. RTO can be significantly increased if there's a single DR server caching the replication from different application operating systems. In the event of a disaster, all data must be recovered and rewritten before the applications can access the data. This is similar to backup. If there's a DR replication server per operating system, the RTO rivals storage array mirroring.

Snapshot
A snapshot provides a point-in-time reference marker to data stored on a storage system. Snapshots are a way to speed RTOs. There are two primary types of snapshots: copy-on-write and split-mirror.

A copy-on-write snapshot stores changes and additions to existing data. Data recovery is rapid in case of a disk write error, corrupted file or program malfunction; however, all of the previous snapshots must be available if complete archiving or recovery is required. A split-mirrored snapshot references all the data on a set of mirrored drives where one is local and the other is local or remote. Each time the snapshot is run, it snaps the entire volume, not just new or updated data.

Snapshot is easy to install and operate. A copy-on-write snapshot provides a short RTO and a relatively slow RPO (data must still be recovered before it can be used). Split-mirror snapshots have a relatively long RPO, but they speed data recovery (RTO), duplication and data archival. One important benefit to split-mirror snapshots is that it's possible to access data offline for tasks such as data mining and offline production data testing. Some snapshot applications provide continuous snapshots and rollback capabilities based on a point in time, which offers faster RTO.

A split-mirror snapshot uses a lot of system resources and will degrade the performance of the platform it's running on while it creates the snapshot. And snapshots can't prevent a rolling disaster of snapping corrupt data.

DR hardware platforms
There are four principle hardware delivery platforms: storage array, general-purpose server, purpose-built storage appliance and the intelligent storage networking switch. The storage array is a purpose-built storage server for block or file-based storage. Many storage vendors provide optional storage array DR software, which includes synchronous and asynchronous remote mirroring and snapshot. These software products are typically specific to the individual vendor and its storage offerings.  http://www.sencilo.com/storage-area-network.php

Storage array-based software usually doesn't require application server agents. The arrays are server operating system-agnostic and the DR applications run fast. They are also installed in thousands of locations, and are proven and mature.

However, the array DR applications don't work with heterogeneous storage. In general, they don't have file-level or application awareness. (Array applications with application awareness use agents.) Storage array IOPS and throughput decline while DR applications are running. And these DR applications are licensed and managed on a per-array basis. Storage array DR applications have some of the highest TCOs and, in some cases, consume more raw storage than non-array based alternatives.

General-purpose servers have very low acquisition costs and low TCO. Implementing, servicing and managing them are known quantities. Performance is tunable and DR application performance leverages ongoing improvements in server technology. Increasing performance or scalability may be as simple as buying the next-larger server, and more memory and processing power. Other advantages include support for heterogeneous storage, and application and file-system awareness. General-purpose servers require DR application agents.

The purpose-built storage appliance is nothing more than a DR application optimized server. A good way to think of the purpose-built storage appliance is to view it as a networked storage controller. It leverages technologies specifically optimized for storage DR applications. Optimization includes I/O performance, throughput, scalability and high availability (no single point of failure). TCO is definitely lower than for the storage array or intelligent server, but the purpose-built appliance is proprietary. It may also have higher initial acquisition costs and may not keep up with server technology advances.

The intelligent storage networking switch is a relatively new DR delivery platform. The storage area network (SAN) switch is the ideal system to provide DR applications because it sits between application servers and their target storage, and it also has visibility into all servers and storage targets.

There are two principle types of intelligent storage-network switches. The first essentially integrates the purpose-built storage appliance as a server blade into a Fibre Channel SAN switch or director. The second packages it as a storage software delivery platform that just happens to use switching as part of its architecture. It leverages a new technology called split path acceleration of independent data streams (SPAID). SPAID improves performance by separating the control path (the slow path) from the data path (the fast path). It enables out-of-band virtualization without requiring server agents and runs most DR software applications without any changes. Initial costs and TCO will probably be much higher than for non-integrated systems.  http://www.sencilo.com/back-up-restore.php

No other platform has the DR application performance potential of the SPAID intelligent storage networking switch. SPAID switches have an inherently higher level of reliability, availability and serviceability than storage appliances because of the separation of control path from data path. Unfortunately, there are only a small handful of products that use the SPAID architecture. These include software from Incipient Inc., Maranti Networks, StoreAge Networking Technologies, Troika Networks Inc. and Veritas Software Corp. Of these, only StoreAge has a comprehensive suite of DR applications that works with all of the SPAID intelligent storage networking switches. Maranti has its own suite of DR applications, and Troika is working on a suite with tie-ins to other software-based DR applications. Incipient and Veritas are currently limited to volume management only.

Remember, a cost-effective DR strategy requires a mix of DR applications running on several platforms. Managing cost and effectiveness requires matching the value of the data to specific DR capabilities. This mix-and-match approach will reduce overall DR cost while meeting the organization's needs (see Sorting out disaster recovery options). Of course, this process must be repeated periodically to re-evaluate new technologies, products, SLA requirements and compliance regulations.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/continuity-disaster.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

Simply steps to reduce your IT's carbon footprint - May 31, 2008

Lake Mary Florida -- The National Association of State Chief Information Officers (NASCIO) believes CIOs should be on the frontlines of their states' environmental programs and policies. The organization, which advocates for technology policy, urges its members to take steps now to become leaders in reducing their states' carbon footprints, issuing a 17-page brief on ways to do that.

Although specific to state CIOs, NASCIO's recommendations can be employed by large organizations as well. Here are the group's tips for getting started:

Develop a plan: States that have developed green IT plans, including Missouri, Kansas and Oregon, have incorporated ideas for green efforts in nearly every aspect of their state CIOs' jurisdictions. These include purchasing equipment, recycling, and consolidating and virtualizing data centers, among other areas. Reaching out to states that have developed plans can help put you on the path toward implementing green IT initiatives.

Establish a baseline and determine a metric: Before you move a project forward, ascertain where your state is on energy consumed, greenhouse gas emitted, etc. Developing a baseline and a way to measure progress can be built into a total carbon footprint reduction plan at the outset of an initiative, For state data centers: The Green Grid and other industry groups have published a metric that can tell state CIOs how much energy is spent on the productive use of IT versus wasted on the physical infrastructure.

Track and monitor success: Once a metric is determined, continue to track and monitor a project's success rate. For example, in following a data center consolidation initiative, examining the energy usage rate prior to consolidation and then comparing that to energy usage in the aftermath of consolidation can help determine success and show the benefits accrued from the project.

Become a transformational leader: Utilize existing authority through enterprise architecture or other means to drive toward greener practices without making major jurisdictional policy changes. In other cases, state CIOs must often work to gain authority to implement these programs for their employees. For instance, despite the significant increases in employer adoption of telework, it still remains a subject of debate, particularly among older workers. In order to incorporate a telework process, state policy issues must first be resolved. By emphasizing these green benefits of telework, state CIOs may be better poised to advocate for the implementation of these initiatives.

Don't go it alone -- enlist partners: Collaborate with other agencies within your state to establish jurisdiction and authority and to gain buy-in for a green IT initiative or agenda. Reach out to other states to gather best practices and lessons learned. Engage staff members -- they also hold a stake in enterprise success and may be eager to help drive these green efforts. Tell vendors green initiatives are important to your state. Many vendors offer green components to their products and services, as well as those dedicated solely to incorporating green practices. 

Reach-out to a trusted advisor like Sencilo Solutions of Lake Mary Florida that has consolidated 100's of data center thoughtout Florida.  Brian McCarthy CEO and Consolidation Consultant advises companies to start small, move your under utilized file servers over to a modern NAS storage device.  Most files servers use 80 to 160 giga-byte drives, today's drives are 1,000 giga-bytes with 1,500 gigs units arriving later this summer.  Next look at VMware to again consolidate those old Compaq, Gateway, etc. servers in few VM servers.  Sencilo has just completed a Florida based Bank and retired several hundred servers in favor of ten dual CPU, quad core units. http://www.sencilo.com/network-attached-storage.php

Leverage the circumstances: With rising energy costs -- particularly fuel prices -- on the mind of nearly every citizen and lawmaker, green initiatives will likely be met with unprecedented support. State CIOs are uniquely poised to become leaders in the green IT revolution.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-consolidation.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland, Cape Canaveral

Other Projects: DR BC Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar CX4 FAQ Storwiz Primary Storage Compression Ocarina Networks

Stolen data ending up in Google cache, say researchers - May 31, 2008

Orlando Florida -- The Finjan security researchers, who uncovered several unprotected hacker servers containing the sensitive email and Web-based data of thousands of people, demonstrated how easy it is to find the data using Google.

By using a simple string of search terms the researchers were able to find stolen passwords and usernames, Social Security numbers, and even the usernames and passwords of internal databases of companies all stored in Google's public caching server.

Google returns the results based on log files available on the unprotected servers. The servers stored stolen data collected by Trojan horses running on infected end-user PCs, Ayelet Heyman, a researcher at Finjan's Malicious Code Research Center, said in Finjan's Malicious Code Research Center blog.  It not that hard to protect these assessts, says Security Consultant Brian McCarthy of Sencilo Solutions.  Sencilo can provide both security services that can true up open areas but also we offer products to close and protect your company information. 

"Google just indexed these log files as they do with any other public file on the Web," Heyman said. "It's not a hoax as some people wrote; it's 100% harsh reality."

It's not the first time the search engine giant was used to uncover sensitive data or common security flaws in websites. Penetration tester Johnny Long was the first to make headlines explaining ways to turn Google into a malicious tool. Long's website has a Google hacking database. Tom Bowers, managing director of Allentown, Pa.-based Security Constructs LLC has also warned that IT professionals must learn how hackers use search engine queries to ensure sensitive data doesn't end up on the public caching servers.

Heyman urged people not to blame Google for caching the stolen information. Google indexed the log files on the server as they do with any other public file their crawlers find on the Web, Heyman said.  McCarthy goes on record and says Finjan and Heyman are nuts to cast the blame of Google, or another search engine company. 

In April, Finjan announced that it had discovered an unprotected server and others used as a drop site for the AdPack exploit toolkit. The server wasn't encrypted and no authentication was used to access it.

Yuval Ben-Itzhak, Finjan's chief technology officer, said more and more stolen data is turning up on popular search engine caching servers. The increase in sensitive data on search engine servers is likely due to the easy availability of crimeware toolkits such as NeoSploit, MPack, and AdPack. The toolkits make it easy for a novice to quickly find an unused server and begin stealing data. 

"The whole idea for selling these toolkits is to provide to people who are not security experts and do not have a computer science background," Ben-Itzhak said. The management features enable the criminal to use social engineering tactics and target a country or IP, or even by log types, he said.   http://www.sencilo.com/security-web-application-controllers.php

The researchers discovered sensitive information from Microsoft Outlook accounts including mail and personal folders, calendar, public folders and contacts. A mountain of healthcare information was also discovered, including personal data, health data, treatment, medications, insurance details, Social Security Numbers, and healthcare providers' data, including the physician's name. Banking data, including credit card numbers and account login numbers were also discovered on the server.

Businesses are also not immune. A large chunk of business data was discovered, including network folders and business contacts. Personnel files and business files marked confidential were also stolen using a Trojan. One message revealed details about an upcoming court case, while a few others contained business financial data such as invoice information.

The Finjan researchers said they notified more than 40 major international financial institutions located in the United States, Europe and India whose customers were compromised as well as various law enforcement agencies.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.

Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.

Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management

State Street's lack of security policies to blame for the lost of 45,000 Social Security Numbers - May 31, 2008

Jacksonville FLorida -- State Street Corp. is the latest firm to acknowledge a data breach, after a contractor hired to conduct data analysis lost a disk drive containing the personal information of 5,500 employees and 40,000 customer accounts.

State Street disclosed the information on its website four months after it learned of the problem. The financial services firm said Thursday that it began notifying employees and customers of the former Investors Bank & Trust Company, which it acquired in 2007. 

"As a precaution, State Street is notifying legacy IBT employees and certain legacy IBT customers that have been identified as having certain personal data on the stolen equipment," the firm said in a statement.

IBT contracted out a legal support service to review its electronic records and compile data for federal regulators as part of the acquisition in 2007. The data was initially encrypted, but State Street said the vendor unencrypted the information when it loaded the data onto computer equipment, which was stolen from its facility.

The information included individuals' names, addresses, dates of birth, and Social Security numbers.

State Street said it notified state and federal law enforcement, which is conducting an investigation. The firm said it took several months to reconstruct analyze a copy of the data stored on the stolen equipment. So far State Street customers and employees are not affected by the breach. State Street said it would be offering free to the victims that its analysis indicates may be affected.

The loss of disk drives and tapes is prompting more businesses to encrypt data at rest, said Scott Crawford, an analyst with Boulder, Colo.-based Enterprise Management Associates. 

In the State Street breach, the vendor handling the data unencrypted the information to conduct its analysis, but never encrypted it again. It happens often and companies sometimes fall prey to a false sense of security when deploying encryption. Ultimately the data is going to be accessed and sometimes another instance of the data is made that goes unencrypted, experts say. 

"The devil is in the details of implementation with crypto, where a poor implementation of a good algorithm gives a false sense of security and it's potentially worse than not using encryption at all," Crawford said. "Even when experts are involved, the processes can be a killer." 

What technology can do ends at how effective it is in managing or enforcing how people actually work with the data, Crawford said. Banks and financial services firms must comply with Basel II regulations with address operational risk management.

"Financial services have more motivation to be more thorough in managing operational risk, including risks posed by business partners," Crawford said.

Firms should have a centralized vendor management process in place that takes into account risk factors and be continually assessed to determine if the vendor is meeting the security requirements, said Ramon Krikken, a research analyst at Midvale, Utah-based Burton Group.

"Financial institutions are relatively quickly catching up with whole vendor management issue, but security has been an afterthought with vendor management," Krikken said.

Vendor evaluation should include assigning a risk score based on the sensitivity of the outsourced process. Vendor contracts should cover security issues and safeguards based on the risk factors assigned to the data, he said.

"It all comes down to having solid vendor due diligence, an area getting an increasing amount of attention," Krikken said. 

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.

Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.

Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage enVision Data Loss Prevention Encryption and Key Management

Dave & Buster's data thieves will be prosecuted by US Department of Justice - May 14, 2008

Orlando Florida - The United States Department of Justice has charged and intends to prosecute individuals responsible for the theft of credit and debit card numbers from 11 Dave & Busters Inc. locations, including the one in Miami, Jacksonville and Orlando.

The thefts occurred from May to August of 2007. Although the stolen data was never retained or stored by Dave & Buster's, the data was illegally accessed from the Dave & Buster's computer systems during the card verification and transmission process. No personal information -- such as names, addresses, phone numbers, bank account numbers, PINs, or social security numbers -- were stolen.

The other stores involved are in Westminster, Colo.; Islandia and West Nyack, N.Y.; Utica, Mich.; Chicago; Columbus, Ohio; and Frisco, Dallas and Austin, Texas.

Dave & Buster's was alerted to the potential data intrusion in late August 2007. The company worked with both the Secret Service and Department of Justice and assisted them in the investigation. In addition, Dave & Buster's retained outside security experts who identified the source of the data compromise. As a result the company has implemented additional security measures to prevent such incidents from occurring in the future.

"As soon as we became aware of the breach in August 2007, we took steps to secure our systems and remain confident that they are safe today," said CEO Steve King.

Dallas-based Dave & Busters operates 50 restaurant/entertainment complexes in 19 states and in Canada and Mexico.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-compliance-management.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP.

Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses.

Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.

Key words: Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare data leakage
 

Data De-dupe now available for your SAN - May 11, 2008

In the past few years, data reduction technologies like compression and more recently data de-duplication have become quite popular, especially for use in backup and archiving. Can this trend continue into primary storage?

In backup, especially where there is a great deal of redundant data, there has been a mass adoption of data reduction technologies. In just a few short years, data de-duplication has gone from an obscure to a well known term in the data center. Its ability to eliminate redundant segments of data has provided great benefit to backup storage and some types of archive storage. In backup data, assuming a weekly full backup, a 20X storage efficiency quotient is not uncommon.

Primary storage is different
Unfortunately, moving de-duplication into primary storage isn’t as simple as shifting its location. Following is an outline of the particular requirements of primary storage that need to be considered in planning de-duplication:

1. Primary storage is performance sensitive. Primary storage is active, and if the implementation of data de-duplication causes a performance impact on the production environment it will not be acceptable. Either the performance of the de-duplication technology must be so efficient and fast that it does not impact performance, or it has to be done out of band on files that are not immediately active.

The ideal is a near-production data set that is de-duplicated as a background process, removing the possibility of any performance impact. It would also make sense that this technology has the capability to de-duplicate and compress at different levels of efficiency --the greater the data reduction level, the greater the chance of impact on performance when the data is read back in. While it would be great to have an inline system that was fast enough to reduce the data set without impacting performance, the technology does not exist today.

2. Primary storage is unique. The other challenge to reducing data on primary storage is owing to the fact that the data is generally unique. This is a very different situation compared to backup data. In a backup, especially when doing a full backup every day or week, there is a high level of data redundancy. While production data may have some commonality -- for example, “extra” copies of the same database -- for the most part, data is not nearly as redundant as backup data or even archive data.

As disk-based archiving and disk backups become more common, they are actually causing even less redundant data to be kept on primary storage. In the past there was value in keeping a couple of extra copies of a database or set of files on primary storage “just in case.” Now those copies can be very easily sent to disk archives or disk backup devices. (This is a good thing!)

Note: The current user expectation to see storage efficiencies of 20X or more should not even be considered on primary storage. A more realistic goal might be 3X to at most 5X.

3. Primary storage is compressed. In addition to being unique, much of primary storage data is already in some pre-compressed format. Files such as images, media files, and industry-specific data sets like SEG-Y are already pre-compressed. Even the data files from the latest version of popular office productivity applications are pre-compressed. These pre-compressed files often represent the largest data set in the enterprise and the one with the fastest data growth.

To deal with this uniqueness and the pre-compressed nature of production data, a successful primary data storage reducer will have to “dig a little deeper.” While inline data reduction has the clear advantage in the backup and archive categories, production storage is an area where out-of-band management of the process might be more valuable.

Without the pressures to do data reduction so fast, time can be taken to examine a complex compound document and look for similarities within a file across the millions of files in the storage environment. This behind-the-scenes treatment of data also allows for time to be invested in understanding how specific formats -- .jpg, for example -- are stored; how that data becomes embedded into another document (for instance, a PowerPoint presentation); and how both the original data and its embedded occurrences might be best optimized for data reduction.

4. Primary storage is getting cheaper. The final challenge to data de-duplication on primary storage is the continual erosion of disk drive prices. The very condition that essentially killed HSM and later ILM may also be a detriment to the implementation of data reduction on primary storage. With 1 Tbyte SATA drives becoming available from the top-tier storage manufacturers, it may be deemed easier to simply buy larger capacity shelves of storage.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ

Best Practices for iSCSI Storage and Virtualization - May 10, 2008

IP SAN adoption is growing among users who want storage that's easy to install, configure and manage, and also comes at a price considerably less than that of Fibre Channel (FC) SANs.

Consider Dave DePillis, manager of IT operations at Allied Cash Advance in Miami, who installed an iSCSI SAN (IP SAN) two years ago to make use of the cabling, switches and network adapters installed in his Gigabit Ethernet network. "Installing iSCSI was absolutely a no-brainer, especially since I had such a small initial investment," says DePillis. He's using iSCSI to back up file shares on four to six virtual machines with Symantec Corp.'s Backup Exec 12D to a Network Appliance (Net-App) Inc. FAS2020 file server. "I have more flexibility with iSCSI since I can use my LAN switches," says DePillis.

James Santillo is another happy iSCSI user. "iSCSI is easy to use and configure," says Santillo, systems administrator at Weiss Group Inc. in Jupiter, FL. He implemented iSCSI capability by installing StorMagic's SM Series iSCSI software on some industry-standard servers equipped with Serial ATA (SATA) drives.
Just what is iSCSI?
iSCSI was adopted by businesses shortly after its ratification by the Internet Engineering Task Force (IETF) in February 2003. The protocol, which was developed within the IETF to transport SCSI commands and block-level data over an IP network between a client and a target device, runs on top of standard Ethernet adapters and over Ethernet LAN or WAN switches.

The technology is implemented by loading a software-based driver--called an initiator--on an Ethernet adapter or by adding a dedicated iSCSI host bus adapter (HBA) to the host computer. Another initiator is added to the target storage array, which allows it to serve up data that will be transported across the network via the iSCSI transport.

iSCSI initiators are available from a number of sources and are categorized by operating system type. Two of the most popular are a Windows initiator from Microsoft Corp. and a Linux initiator from SourceForge

iSCSI can also be implemented with gateway technology in which an iSCSI controller attaches to a block-level storage array, thus enabling iSCSI transport. Examples of gateway-enabled iSCSI products are available from MDI Inc. and Exagrid.

In addition, a number of vendors have joined the iSCSI and FC worlds with what's called unified or multiprotocol storage. Vendors such as Microsoft, NetApp and Pillar Data Systems market arrays or software that can attach to the Ethernet network as a NAS or iSCSI device, and to the FC SAN.

Various-sized businesses have adopted iSCSI because it's easy to install, inexpensive, behaves just like Ethernet and doesn't require special skills like FC does.

"We don't have Fibre Channel experience," says Scott Christiansen, IT director at Leo A. Daly, an architectural and engineering firm in Miami Florida. "To get the iSCSI SAN up and running was so quick and easy; it was just unbelievable." Christiansen adds that the SAN "uses the same media as the Ethernet network; it's nice in the sense that everything we buy is Category 6 cable--it works for Ethernet, it works for the IP SAN."

Applications running on iSCSI
A few years ago, many analysts predicted FC SANs would be reserved for business-critical applications such as transactional databases, while iSCSI would be deployed for less business-critical, front-office applications, file shares and Web services. But when talking to users from various-sized organizations, it's clear iSCSI deployments span mission-critical applications and less-demanding office applications.

"Our primary business app runs off a Microsoft SQL Server," says Mike Leather, network services manager at Safeway Insurance Group in Westmont, IL. "Our developers and database administrators were telling me that our disk I/O performance wasn't acceptable; that was because we were growing too big for the original solution [and] we needed to look at something else."

Leather looked at FC SAN storage, but was wary of the challenges and expenses involved. He installed an EqualLogic IP SAN (now owned by Dell Inc.) primarily for his SQL Server environment, but soon found he was using iSCSI for everything. "The whole thing started out for SQL Server and exploded," he says. "We are using the SAN for file storage, Exchange servers and our VMware environment."

Weiss Group's Santillo found that iSCSI will support all of his applications, whether they're business critical or not. "Our custom in-house customer relationship management [CRM] app, which was running on Fibre Channel, is being moved to iSCSI," he says. "We had six SQL Server apps on Fibre Channel, but [they] are now on iSCSI. And we're moving our two Exchange databases to iSCSI. The CRM app is going on the Xiotech box [which is iSCSI enabled]. We're also moving our file systems and unstructured data over to Xiotech," he says. "I needed enterprise-level reliability without the price." Santillo says his six-year-old IBM FC SAN will become "end-of-life'd. We're migrating everything off to iSCSI."
iSCSI initiators
In the early days of iSCSI deployments, almost no one expected iSCSI software initiators to prevail over dedicated iSCSI HBAs.

Adaptec Inc., Alacritech Inc. and QLogic Corp. originally marketed iSCSI adapters complete with features such as TCP Offload, which negates some of the overhead of TCP/IP. These adapters were expensive and often sold for as much as $750, which is four to five times the cost of standard Ethernet adapters.

"We use the VMware and Microsoft iSCSI [Software] Initiator, and we also use iSCSI and Fibre Channel HBAs from QLogic," says Chris Rima, IT systems supervisor at UniSource Energy Corp. in Tucson, AZ. "We've been decreasing the use of the Microsoft iSCSI Initiator because it's not as efficient as the VMware iSCSI initiator or the QLogic iSCSI HBAs. There's a higher cost associated with the QLogic HBA, but it's minimal compared to the performance gains we get."

But other users have overwhelmingly adopted the use of software initiators from Cisco Systems Inc., Microsoft and the open-source community because they're inexpensive or freely downloadable from a vendor's site.

"We use the Microsoft software initiator and it works fine," says Mark Kash, IT specialist for the U.S. Army Corps of Engineers in Huntington, WV. "It's reliable and I haven't had any instances where it's corrupted anything," he says. "Originally, we considered using TOE cards from QLogic because we were thinking a firmware-based platform may be more reliable, but we saved money using the software-based alternative."

Microsoft's iSCSI Software Initiator Version 2.06 is the most popular iSCSI initiator. It supports multipathing for load balancing and failover, 64-bit platforms and IPv6. Multipathing lets the initiator establish multiple sessions with one target, enabling load balancing and failover among multiple network adapters or HBAs.
Is performance good enough?
According to analysts, iSCSI performance would fall short of that of FC. However, end-user experiences don't bear that out.  I guess when you compare the low performance manufactures like Lefthand Networks and Equal Logics but not a EMC NS or NetApp FAS

"We ran some performance tests to see the difference between iSCSI and Fibre Channel, and we saw what the industry saw: iSCSI is able to offer about 80% the performance of 2Gb Fibre Channel," says UniSource Energy's Rima. "4Gig Fibre Channel is a little bit more, but it's not substantial enough given the cost to use it."

Rima chose iSCSI because it fulfilled his "performance needs." He runs Microsoft Exchange on iSCSI, and has been able to scale his storage up but "maintain a network topology that's low cost and low impact in terms of support."

Jim Bollinger, systems and network engineer at Washington and Lee University in Lexington, VA, has seen the same performance results as Rima. Bollinger installed Overland Storage REO disk-based appliances to back up his storage environment.

"iSCSI has been capable of doing everything we need it to do," says Bollinger. "You could take iometer.exe and take the array right up to 100Mb/sec. It's every bit as good as local SCSI and sometimes better. We've had no trouble on big files filling the pipe on our LTO-3 backup--up around 70MB/sec to 80MB/sec--and we've been backing up 7TB to 8TB a day."

10Gb/sec Ethernet
The advent of 10Gb/sec Ethernet bodes well for iSCSI. With Dynamic TCP Offload added to 10Gb/sec adapters running iSCSI, users will see the benefits--higher performance and access--of removing TCP processing from the host computer and placing it on a dedicated HBA from vendors such as Alacritech, Neterion Inc. and NetXen Inc. Dynamic TCP Offload takes advantage of Microsoft's TCP Chimney Offload technology, which offloads the TCP stack to the network card.

Bollinger, who uses QLogic HBAs that perform both TCP and iSCSI offload, says he'll migrate to 10Gb/sec Ethernet for the trunks between university buildings.

"10Gb/sec to 100Gb/sec is in our planning process and further validates our decision to deploy iSCSI," says Kash at the U.S. Army Corps of Engineers. "I'm comfortable that iSCSI is going to take over from Fibre Channel, and [that] it will no longer be considered a low-cost, lower performing alternative."

Rima says "we can do TCP Offload with the TCP Offload on our NetApp boxes," adding that "10Gig should allow us to scale up quite a bit."

Besides the use of existing Ethernet switches, adapters and common Category 6 cabling, users have seen other advantages. "The ROI of iSCSI is hard to measure, but our complaints from users on performance issues are practically non-existent now," says Safeway Insurance Group's Leather. "That's a huge ROI. In our business, if someone has trouble with our Web site while they're writing insurance, they won't wait for us, they'll just go to the next insurance carrier. You can't measure the lost business."

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-area-network.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland, Cape Canaveral

Other Projects: DR BC Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication thin provisioning DXi Global Compression DDX virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar CX4

Best Practices in Disk-Based Backup - VTL or NAS - May 10, 2008

Miami Florida - Data growth is a fact of life for IT departments according to Sencilo Solutions President Brian McCarthy. As your business grows, so does the amount of data it generates, and the amount of storage capacity needed to properly retain the data cascades out of control.

Planning Your Disk-Based Backup means to understand your Organizations requirements of all sizes face the dilemma of how to backup increasing amounts of data while reducing the hassles of traditional tape-based systems.
In response, organizations are implementing new solutions using disks as the backup medium. The backup server copies the data to a disk-based system in the data center. This means that backups are faster, restores are more reliable and you will not have to deal with the hassles of tape management. Disk-based backup ensure better backup and restore performance and long-term data integrity, availability and security of your data. This makes disk-based backup one of the hottest topics in the data storage industry today.

When considering a disk-based backup system, there are many branches in the decision tree to consider when selecting the right solution for a given environment. Companies with 1TB to 100TB of data tend to set up disk-based backup as a NAS (network-attached storage) target. NAS is hard disk storage that is set up with its own network address rather than being attached to the department computer that is serving applications to a network's workstation users. The NAS device is attached to a local area network (typically, an Ethernet network) and assigned an IP address.

Those companies with more than 50TB of data, in a Fibre Channel environment, tend to set up disk-based backup with a VTL (virtual tape library) interface fronting the disk. Fibre Channel is especially suited for connecting computer servers to shared storage devices and for interconnecting storage controllers and drives.

To understand the differences between the NAS and VTL options, it's important to keep the following factors in mind:

Onsite Disk-based Backup—Short Term Retention

The first decision is how much retention you will put on disk at the primary backup location. If you plan to keep a week or two of retention onsite, on disk, then any standard disk will work. If you are keeping short retention onsite, then any standard backup storage solution will meet the requirement. The three most common options are:

SCSI or SAS (Serial Attached SCSI)-connected disk set up as a disk volume
Ethernet-connected NAS server with disk
Fibre Channel connection with VTL (virtual tape library) software fronting the storage
A VTL provides the benefits of disk storage in a system that emulates a tape library to existing backup software.

Onsite Disk-based Backup—Longer Term Retention

If you plan to keep four or more weeks of onsite retention, or years of offsite retention, then the quantity of standard disk becomes too hard to manage and too costly to afford. Therefore, data reduction techniques that only store unique data (i.e. do not store the redundant data) can retain larger amounts of backup history using a small fraction of the disk required when using standard disk.

In this case, you should consider a disk-based backup system with built-in data deduplication technologies. Data deduplication systems employ a data reduction technique that identifies common "chunks" of bytes among multiple data files, and only stores these chunks once. Using this method, you can store data in less disk space.

There are two interfaces to data deduplication systems and two types of data deduplication in the next level down the decision tree. The interfaces are NAS and VTL. The two data deduplication methods are byte-level data deduplication and block-level de-duplication.

Byte-level data deduplication compares one backup to another, and only stores the bytes that change from backup to backup. Block-level data deduplication breaks the backup job into 8KB blocks. The blocks are compared via their hashes to find duplicate blocks, and then only unique blocks are stored. Both methods achieve approximately the same data reduction.

To summarize, the options available for data deduplication in disk-based backup systems are:

NAS with byte-level data deduplication
VTL with byte level data deduplication
NAS with block-level data deduplication
VTL with block-level data deduplication

In selecting the best approach for your organization, decide if you prefer NAS or VTL. This is typically determined by the environment for storage. An Ethernet environment will choose NAS and a Fibre Channel environment will typically choose VTL.

The final branch is to decide which kind of NAS or VTL disk-based backup system with data deduplication is preferred. The key considerations in making this decision are the following:

How the system is supported, managed and deployed
The desired backup and restore performance of the system
How the system grows and scales
How the system can size to the environment
The cost of the system

By understanding your backup retention requirements, your current storage environment, the different approaches to data de-duplication, as well as the key considerations for evaluating disk-based backup systems, you will be able to make an informed decision and select the correct system to meet the data backup and recovery requirements of your environment.

For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/storage-data-deduplication.php

About Us

Sencilo Solutions is a Florida-based integrator specializing in storage and security solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.

Sencilo has offices throughout Florida including: Jacksonville, Daytona Beach, Miami, Tampa, St. Petersburg, Orlando, Hialeah, St. Augustine, Gainesville, Ocala, Palm Coast, Clearwater, Kissimmee, Lakeland, Maitland and Cape Canaveral

Offerings Projects: Replication De-Dup De-Dupe iSCSI SAN NAS VMware Security EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant Quadrent LTO Backup Exc Pure Disk NetBackup Networker TSM Commvault BakBone D2D D2D2T compare cloud data deduplication  thin provisioning DXi Global Compression DDX  virtual tape library Data Reduction SEPATON FALCON compare Celerra CLARiiON Equallogic Dell NS20 NS40 CX4 CX3-20 CX3-40 CX3-80 FAS2050 FAS3050 Xiotech Nexsan Avamar DLD3 1500 D3 Storwiz storage compression data Ocarina Networks A-SIS compare Sepaton infopro BlueArc OnStor Microsoft Unified Storage data protection StorageX Brocade FAQ



headerbottomrounded