Microsoft StorSimple

Cloud-integrated Storage

Hatim SAOUDI Senior IT Consultant

Agenda

• Overview

• Primary Storage & Platform

• Cloud-integrated Tiering

• Backup/Restore & Disaster Recovery

• Security

• Support

Heutige Herausforderungen

Primary

Storage

Backup2Disk

Storage Tape Infrastruktur

und Management

Archive

Storage DR Storage

Replikation

Offsite Standort

Geo-Redundanz

Daten

Management

Komplexität

Backup

Probleme

Ungeprüfte

DR

Szenarien

Daten

Wachstum

Grosse und

komplexe

Infrastruktur

StorSimple CiS

Apps & Servers

Inactive Data +

Backup Copies

on Azure storage

Connects Windows and VMware Servers

to Azure Storage in Minutes

with No Application Modification

Benefits

• Consolidates primary, archive, backup, DR thru seamless integration with Azure

• Cloud snapshots = revolutionary speed, simplicity and reliability for backup and recovery

Speed of SSD/SAN

+ Elasticity of Cloud

SAS

Local Tier

Most Active

Data on SSD

iSCSI

StorSimple CiS - Appliances S

cala

bili

ty / P

erf

orm

ance

Capacity

5520 10-50TB* usable local

300TB max capacity

7520 20-100TB* usable local

500TB max capacity

* Denotes usable local storage capacity with compression and de-duplication, varies by use case.

* Additional details about appliance specifications can be found at: http://storsimple.xyratex.com/storsimple/specifications

5020 2-10TB* usable local

100TB max capacity

7020 4-20TB* usable local

200TB max capacity

Agenda

• Overview

• Primary Storage & Platform

• Cloud-integrated Tiering

• Backup/Restore & Disaster Recovery

• Security

• Support

StorSimple Architecture

• iSCSI integration

• Thin provisioning

• De-duplication

• Integrated tiering: SSD, SAS & cloud

• Snapshots to Cloud

On an Enterprise-Class Platform • Certified: VMware-ready and Microsoft Windows Server-certified

• HA: full redundancy + hot swaps + non-disruptive upgrades

SAN Storage • iSCSI SAN with auto-tiering (SSD/SAS)

• Automated snapshots

• Primary dedupe/compress

Seamless Cloud Integration for:

• Tiered primary + archives • Cloud snapshots: mountable for DR

With Cloud Data Management

Hardware Platform

1. Full MPIOs

2. Dual controllers with auto-failover

3. Dual power

4. Dual cooling

5. RAID drives

6. Hot-spare drives

7. Non-disruptive software upgrades

8. Certified by Microsoft & VMware

Highly available - no single point of failure

* 5020, 7020, 5520 and 7520 appliances are built and distributed by Xyratex

Agenda

• Overview

• Primary Storage & Platform

• Cloud-integrated Tiering

• Backup/Restore & Disaster Recovery

• Security

• Support

Weighted Storage Layout (WSL*)

Optimized cloud storage access

• BlockRank™

All volume data is dynamically broken into “chunks”, analyzed and weighted based on frequency of use, age, and others

• Frequently-used data chunks stored in SSD for fast access

• Real-time data deduplication enables capacity scalability

• Less frequently-used data chunks can be:

Optimized and stored on integrated SAS

Optimized, encrypted and stored in the cloud

High performance local storage

(SSD, SAS)

Frequently-used working set data

SCSI data from application servers StorSimple Cloud-integrated Storage

Infrequently used non-working set data

StorSimple Tiered Architecture

SSD Deduplicated

SAS Deduplicated Compressed

Cloud Deduplicated Compressed

Encrypted

SSD Linear Tier

A B C A B D E

C D E

D E

E

Agenda

• Overview

• Primary Storage & Platform

• Cloud-integrated Tiering

• Backup/Restore & Disaster Recovery

• Security

• Support

Cloud Snapshots

Primary

Volume

Snapshots

Backup, Restore & DR with StorSimple: Automated, Optimized, Reliable

Cloud Snapshots

1. Backup copy of data volume created in cloud

2. Changes to local volume automatically transferred

3. Cloud snapshots mountable for restore

Benefits

• Backup now as easy as snapshots

• Very fast restores from off-site backups

• Integrated, easy to test disaster recovery

• Truly eliminates tape

Primary

Volume

Virtual Tape/

Replication

Physical

Tape Snapshot

Offsite Tape

Storage

Backup, Restore & DR Today: Inefficient, Complex, Laborious, and Risky

Cloud Recovery - 2RZs

Cloud

Snapshots

Data Center 1 Data Center 2

Connect Many Servers to Cloud

Storage and Scale Data Sets

with StorSimple Solution

Rapidly Recover to Any Data

Center, Location-Independent,

via Mounting the Cloud

Data Data

Disaster Recovery - 1RZ

1. Configuration import process populates DR appliance with all information from original appliance

2. Registry restore downloads available backup information from the cloud

3. Clone operation fetches volume metadata from the cloud and creates the volume on the DR appliance

4. As and when data is requested, blocks are downloaded from the cloud

Benefits

• Quick restore

• Download only the required data

1

2 3 4

4

META DATA

DATA

Agenda

• Overview

• Primary Storage & Platform

• Cloud-integrated Tiering

• Backup/Restore & Disaster Recovery

• Security

• Support

Security for Cloud Storage • Multiple layers of obfuscation through the system

Original data is broken to storage blocks

Blocks are fingerprinted + deduplicated with data from other volumes

• Encrypt everything before sending to Azure

AES-256 CBC encryption is applied before transmission using customer key

Additional SSL encryption of all data + meta-data operations with Azure

• Encryption keys stay only with customer

Microsoft doesn’t have access to customer encryption keys

Keys can be imported from customer’s secure key mgmt system or generated from pass phrases

• Encrypted / compressed blocks stored in Azure

Data is secure even if account gets compromised

• Deduplicated • Compressed

Data in cloud • Deduplicated • Compressed • Encrypted with customer key

Application Servers

• Blocks encrypted with customer key • SSL communication:

• Authentication • Metadata • Data transfer

Local Data Broken into storage blocks, then:

Cloud Storage Access Security

Risk mitigation and best practices

• Compartmentalize information

Azure subscription can have multiple storage accounts

Recommended to use different storage accounts to compartmentalize info – e.g. per dept, project, role, etc.

• Periodical key rotation

Each account has two 256-bit access keys allows easy key rotation without service disruption

Only requests with valid access keys are allowed to access stored blocks

Frequent key rotation (e.g. every 90 days) is recommended

Ad-hoc/emergency key rotation if a key is compromised

• StorSimple allows use of up to 64 storage accounts per system

Scenario 1: Access key got compromised

Scenario 2: Storage admin employee leaves company

Agenda

• Overview

• Primary Storage & Platform

• Cloud-integrated Tiering

• Backup/Restore & Disaster Recovery

• Security

• Support

Support Varianten Support for the StorSimple solution is provided by the ODM (Xyratex)

Complete detail about the StorSimple warranty and support services can be found at:

https://storsimple.xyratex.com/warranty

Support Varianten

• Platinum Support

‒ The ODM (Xyratex) will provide customers with Platinum support and onsite spares kit (includes all field serviceable components)

‒ Field engineers are in place to go onsite and help with replacements (4 hour SLA)

‒ For international countries, ODM (Xyratex) has a contract to help with replacement (4 hour SLA)

• Gold Support

‒ Gold support customers get replacement parts shipped from UK

‒ Parts replacement will be done NBD (Next Business Day)

‒ Customs or other port-of-entry processing may delay shipments

Fragen ?

De-dupe and compression

• Maximizes storage of ‘hot or warm data’ on-premise for higher IOPS and/or lower response times for application access.

• Minimizes size of data transfer and storage in Azure

• Works at the block-level and replaces duplicate data blocks with a meta data map (pointers to the original block)

• Data is de-duped in the SSD tier and compressed in the SAS tier before being tiered to Azure

• On-premise data capacity can be increased by 2x – 5x based on the type of data stored

• Backup de-dupe: Cloud snapshots are differential and thereby eliminate copies of redundant blocks across backups

Total data capacity required = 10TB

D C

A A

E

C B

B B

F

D C

A D

E

D C

A C

F

Data

blocks

5x

de-dupe ratio

• De-duped

• Compressed

Metadata map Data blocks

+ Capacity used = 2TB A

B C

D

E F