Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Protect all of your workloads & fight back against cyber threats
Objective: Illustrate the combined power of application tiering, dedicated
resources, and Zerto replication and journaling to protect all of your
workloads in the event of a DR event or a cyberthreat
Agenda:
1) Introducing OVHcloud
2) Application Tiering
3) Protecting against ransomware with Zerto
4) OVHcloud design considerations
2
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
OVHcloud high-speed, high-quality global networkWe operate our own network and are committed to the highest security standards
• 15 Tbps backbone network
• High-quality routing infrastructure
• 28 data centers, 1.4M customers
• 33 global POPs
• No ingress/egress charges
• Anti-DDoS protection against all types of
DDoS attacks in our dedicated hosting
environments -- included at no extra charge
• Committed to both network and physical
security of our infrastructure
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
OVHcloud products support hybrid and beyond
Hosted Private
Cloudbased on VMware
Software-Defined DC
Public Cloudbased on OpenStack
Compute, Storage, PaaS
Dedicated/
Bare Metal Servers
OVH’s 15+Tbps Fiber Optic Network + Anti-DDoS +
vRack Private LAN
24/7 Customer Support & Professional Services
4
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential | 5
Downtime can be devastating to your business
98%
of organizations lose
over $100,000 per
hour of downtime
81%
of organizations who
lose over $300,000
33%
of organizations who
lose $1-5 million
93%
of businesses who
experience a
significant loss of data
declare bankruptcy
within 1 year.
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential | 6
Start thinking about Disaster Recovery as IT Resilience
Disaster Recovery
• Focused on events and
downtime
• Reactive - response to
events
• Downtime measured in
hours and days
IT Resilience
• Focused on continuous
availability
• Proactive – Resilience by
design
• Downtime is measured in
minutes and hours
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
36%
Non-Critical
30%
Mission
Critical
34%
Business
Critical
7
Tiering Applications For Continuous Availability
Most Customers Are Not Tiering Effectively
According to Gartner, 61% of customers have
one protected tier in their DR site
Tiering for Flexibility
Breaking workloads into three tiers enables
the ability to utilize multiple replication tools
Tiering for Cost Savings
Tiered workloads can be assigned to different
targets to allow for more granular cost control
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Grouping Applications into Tiers
8
Zero Data
Loss
Minimal Data Loss
Tolerated with Low
RTO and RPO
Data Loss up to 24 hours
tolerated. Restoring from off-site
backup a suitable option
Mission Critical
Business Critical
Non-Critical
TCO
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Mission Critical
• Applications whose use and availability impacts
revenue, customer service, and organizational
reputation. No tolerance for downtime.
• Architect for high availability and continuous
backup via clustering or native replication
technologies
• Pilot light applications (AD, DNS, VPN) should be
included in Mission Critical.
• Most commonly identified Mission Critical
applications are high transaction database, email
servers, and ecommerce applications
9
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Using Dedicated Servers for Mission Critical Apps
• Legacy Mission Critical Apps are frequently not virtualized and
can be challenging to protect.
• Some popular Mission Critical applications and databases
have licensing requirements that do not align with cloud
• Historically, these type of workloads wind up in a colocation
cabinet connected to DR, increasing the complexity of the
solution.
• OVH can connect Mission Critical apps in Hosted Private
Cloud and on Dedicated Servers via vRack, a high
performance Layer 2 adjacency solution from OVHcloud
10
Hosted Private Cloud
Dedicated Servers
Bare Metal
VR
AC
K
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Business Critical
• Applications that are important to the business but
can experience some downtime without affecting
revenue
• Replication solutions in this tier should offer a high
level of automation and orchestration to enable
near-seamless failover
• 2 hour RTO and <5 minute RPO
• For optimum performance and protection,
subgroup your Business Critical workloads into
VPG’s for the fastest possible restoration
11
+
Hosted Private Cloud
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Non-Critical
Restore from a cloud
hosted backup of
production data to
Hosted Private Cloud or
Dedicated Servers
12
Applications that
can experience
downtime without
drastically affecting
the business.
RTO target of 4-24
hours & up to a
24 hour RPO
Consider Low Cost
or Zero Cost
replication tools
that may not
feature
orchestration and
automation
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential | 13
Guaranteed Resources Make a Difference
Shared Resources Increase Risk
According to Forrester Research, 20% of customers that outsource choose to
use a shared, fixed site infrastructure as their DR target
Choose a Single Tenant Solution When Possible
Dedicated resources ensure greater control and availability. Dedicated
resources typically have a SLA for RTO or RPO, as well as for the components
of the solution
Security is enhanced with guaranteed resources & Zerto
Fewer than 50% of organizations are performing malware checks on their backed-
up data. Zerto’s journaling function enables rollbacks to avoid compromised
replicates. Dedicated resources means you control all of your own security policies.
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential | 14
A Few Suggestions When Tiering Applications
Tier Carefully
Too few tiers can leave gaps or excluded
workloads and can drive up cost. Too many
tiers increases complexity
Collect All Details
Gather a detailed inventory of all workloads –
OS, compute, Storage, Change Rate,
Bandwidth Constraints
Engage All Stakeholders, Not Just IT
Make sure everyone is aligned on RTO & RPO
for different tiers based on their definition of
criticality and downtime costs
Use Mission Critical Sparingly
Most organizations should not classify more than
25% of their applications as Mission Critical1. It
drives up cost and network consumption.
1. Source – Gartner, “The Lessons Learned From 123 Disaster Recovery As A Service Customers”, 22 June 2017VMworld 2018 Content: Not for publication or distribution
Using Zerto Journaling to Protect Against Cyber Ransomware
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Ransomware Is the New Disaster Threat
$325 Million
1month
68,000 infections
In 2015 Q1 – 165%
Increase
CTB-Locker
CryptoLocker
Torrent/Cryptowall
First detected May
2013
That’s 5,700 per
dayVMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
City of Atlanta - A Painful & Expensive Lesson
What happened?
On Thursday, March 22, the City of Atlanta experienced a SamSam ransomware cyberattack that
affected multiple applications and client devices. As a result, some City data is encrypted and
customers are not able to access City applications. The hackers demanded $51,000 in Bitcoin.
The Result
The City of Atlanta spent over $2.7 million dollars on eight emergency contracts to recover from the
attack.
• $650k to SecureWorks to assess damage and develop action plans
• Two more contracts, worth more than $1 million, with private technology firms to work on
the city’s information management and municipal court systems.
• $600k consulting contract to Ernst & Young
• $50k to Edelman PR firm for crisis communicationsVMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Typical Data Protection Solutions
06:00 09:00 15:00
Backup
12:00
Snapshot Snapshot
12:00 18:00
Snapshot
Power Interruption or
Hardware Failure
Cryptolocker Virus
Infection
File deletion, Application
or Human error
= Data Loss & Downtime
24h+
4h+
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Zerto Virtual Replication
Minimize impact, re-wind and recover from any point in
time
06:00 09:00 18:0000:00 12:00 15:00
30 day
Journal
*
*
Sites Apps FilesVMs
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Journaling For Point in Time Recovery
BC/DR Site
Protected VM Changed-
Block
Journal vDisk
ReplicavDisk
Configure Journal SLAs, max size, datastore, average 10% space
History min 1 hour max 30 days
Compressed write to journal,
write-order maintained
Kept for journal history then
write flushed to replica vDisk
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Simple Recovery From Infection
Click Failover
Select Apps
Select Checkpoint
Start Failover
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Recovering Individual Files & Folders in Minutes
• Select VM
Restore Request
• File server data
• Application files
• SQL databases
• Oracle databases
• Exchange databases
Select Files & Folders
• Browser download
• Instant-access on ZVM
• Mount network share
• Data restored from
seconds before
Restore Anywhere
• Disks mounted
• No impact or agent
• Select point in time
VMworld 2018 Content: Not for publication or distribution
OVHcloud Hosted Private Cloud & Dedicated Servers
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
vCenter NSX
vROPS
SDDC Stack 2 Datastores 2x ESXi Hosts
12 to 252 Usable
Public IP Blocks
Available Add-ons*On initial order. More may be ordered after.
Hosted Private Cloud Package Contents
Hybrid Cloud Extension
24
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
DESCRIPTION USAGE
INFRASTRUCTURE• Include single, dual, and soon quad-processor
configurations
• From enterprise apps to intranet
workloads and ecommerce
• Entry-level and middle-tier
configurations for hosting
HIGH-
AVAILABILITY
• Premium configurations
• Fully customizable
• High Cores/Threads CPUs
• Redundant network and power
• Machine learning
• Big Data
• Scientific computing
STORAGE • High-Storage Capacity• Backup
• On-Demand Storage
GPU• Premium GPU configurations
• Built for intensive computations
• Machine learning
• Scientific computing
• 3D Rendering
GAME • Very high-frequency desktop servers • Game hosting platform
25
DEDICATED SERVER LINES
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential | 26
Internet
L2 or L3 Termination
OVH POP
CGW
WAN
CGW
WAN
vRack Connect
Hosted Private Cloud
vR
AC
K
Dedicated Server
DMZ
Live vMotion Migrations
Dedicated Circuit
Clustered Workloads
Customer On PremisesOVH Data Center
Mission Critical Workloads
Replication over VPN
Replications
VMworld 2018 Content: Not for publication or distribution
Learn more at OVHcloud.com
Mike Fincham, Sr. Systems Engineer
Check out our website at
www.ovhcloud.com
Follow us on Twitter at @OVHcloud
VMworld 2018 Content: Not for publication or distribution
OVH US LLC Proprietary and Confidential |
Infrastructure is our business.
Stop by to tell us about yours.
Visit at Booth #1200
Follow us on social
@ovhcloud
TM
www.ovhcloud.comVMworld 2018 Content: Not for publication or distribution
VMworld 2018 Content: Not for publication or distribution
VMworld 2018 Content: Not for publication or distribution