(bac302) using aws to create a low cost, secure backup environment for your on-premises data | aws...
DESCRIPTION
In this session, you learn how you can leverage AWS services together with third-party storage appliances and gateways to automate your backup and recovery processes so that they are not only less complex and lightweight, but also easy to manage and maintain. We demonstrate how to manage data flow from on-premises systems to the cloud and how to leverage storage gateways. You also learn best practices for quick implementation, reducing TCO, and automating lifecycle management.TRANSCRIPT
November 12, 2014 | Las Vegas, NV
Curd Zechmeister, Amazon Web Services
Jason Blevins, Amtrak – Director Systems Engineering
Antoine Boury, JWT – Head of Information Technology
Metered usage:
Pay as you go
No capital investment
No commitment
No risky capacity planning
Avoid Opex and risks of
physical media
handling
Control your
geographic locality for
performance and
compliance
Built-in redundancy
Designed for
99.999999999%
durability
Store backups in Amazon S3
Internet-scale storage
Grow without limits
Benefit from AWS’s
massive security
investments
Low price
per GB per month
No commitment
No up-front cost
Long term backup retention in
Amazon Glacier
Stop managing
physical media
Amazon Glacier has
lower cost than
Amazon S3 with the
same durability
Amazon Glacier is
optimized for infrequent
retrieval
AWS Direct Connect
Dedicated connectivity
to AWS Edge Locations
AWS Import/Export
Data transfer using
portable disk drives
Transfer data in a
secure SSL tunnel over
the public Internet
• On-premises, virtual iSCSI
storage appliance
• $125 / month
• Server Side Encryption (SSE)
• 5 TB of throughput per day
• Recover to Amazon EBS
• 3 Configurations
• Gateway-Cached Volumes
• Gateway-Stored Volumes
• Gateway Virtual Tape Library
VPC – Datacenter #4
Single GUI for
management
Restore back to on-premises
Amazon
GlacierAmazon S3
3-5 hour
retrieval
(staging)
Immediate
restore
Ctera
• Local caching appliance
• Presents NAS protocols– CIFS / NFS
• Up to 30x deduplication
• Compression
• Encryption
• Key management
• WAN acceleration
• S3 and Glacier support
• AMI available
The catalyst for change
The catalyst for change
So how often is this stuff used?
Change has come…
Requirements…
• founded 1864
• WPP company (NYSE: WPP)
• world's best-known marketing
communications brand
JWT | Middle East & Africa
15 Offices
~1,000 Employees
Challenges
JWT | External Factors
• Political Instability
• Poor Infrastructure
• Distance
JWT | Internal Factors
• High Turnover• Industry: As Much As 30% Y/Y
• Know-How & Data Must Persist
• Regionalization• Resources,
• Collaboration
• Knowledge Sharing
• Data Growth: 35% Y/Y
Branch
Office IT:
Previous
Architecture
Before AWS
K:\
laptops
desktops
3rd Party
Bank
Locally-Shared Knowledge Protected
for compliance and risk management
3rd Party
Backup Tools
server
JWT Branch Office Options
Branch File Sharing
Disaster Recovery
Backups
Traditional Remote Office
• Difficult To Manage
• Expensive
• Unpredictable Costs
• Slow Performance
Cloud-Enabled Offices
• Self-Administered
• Centrally Governed
• Affordable
• Predictable RTO
• Centralized Data
• Globally Accessible
• Predictable RPO
• Low Cost Gateways
• Fast Performance
• Remotely Manageable
JWT’s Cloud
Transformation
• Data sync’d to global
namespace in AWS
• All remote office and user
data aggregated to one
platform for total data control.
• All services are remotely
managed for simple branch
IT
JWT’s Cloud Storage Services Platform
EU (Ireland)
Region 1 Cloud Gateway
NAS & Backup Appliance
Region 1 Cloud Gateway
NAS & Backup Appliance
Region 1 Cloud Gateway
NAS & Backup Appliance
JWT Secure Cloud Storage-As-A-Service
VPC
S3 Buckets
Region 1
S3 Buckets
Region 2
S3 Buckets
Region ...
CTERA Portal
Database
CTERA Cloud
Storage Services
MiddlewareOptimized Instance
w/ Cloudwatch
Management
EU: Ireland
Region
Branch
Offices
Installs | MEA
* Pending
JWT MEA
AWS Cloud
Beirut
Dubai
Qatar*
Kuwait
Cairo
Jordan*
Jeddah
Riyadh
Cape Town
Johannesburg
Ireland
Benefits | AWS + CTERA
JWT Knowledge Now
Survives Employee Turnover
Low Cost and Simplicity
Ensure Global Conformance
Cloud Economics and
CTERA Deduplication
Ensure Predictable Costs
Maximum Security with
Source-Based Storage
Service Encryption
Source-Based
Deduplication Makes
Cloud Services Fast...
JWT’s Cloud-Enabled Security
Virtual Private
Data Access Is 100%
in JWT’s AWS VPC
Fully-Encrypted
CTERA AES-256 Bit
In-Flight & At-Rest
Containerized Access
Each region has it’s
bucket, everything is
AD-authenticated
Private Keys
JWT owns all its
encryption keys
If access to backup set is possible
From current location
Requires on site IT
Not Available
Not Supported
Only if using same set
More complex and unpredictable
High
Slow
Standalone
Innovative
Availability
Accessibility
Management
Deduplication
Snapshots
Incremental
Cost
Maintenance
Data Restores
Centralized Management
Traditional
24/7
From any location
Can be managed remotely
Available
Supported
Always
Simpler and Predictable
Low
Extremely Fast
Fully Centralized
http://bit.ly/awsevals