Not Content: 2018 VMworld › event_data › 10 › ... · • 28 data centers, 1.4M customers • 33 global POPs • No ingress/egress charges • Anti-DDoS protection against all

VMworld 2018 Content: Not for publication or distribution

OVH US LLC Proprietary and Confidential |

Protect all of your workloads & fight back against cyber threats

Objective: Illustrate the combined power of application tiering, dedicated

resources, and Zerto replication and journaling to protect all of your

workloads in the event of a DR event or a cyberthreat

Agenda:

1) Introducing OVHcloud

2) Application Tiering

3) Protecting against ransomware with Zerto

4) OVHcloud design considerations

2



OVHcloud high-speed, high-quality global networkWe operate our own network and are committed to the highest security standards

• 15 Tbps backbone network

• High-quality routing infrastructure

• 28 data centers, 1.4M customers

• 33 global POPs

• No ingress/egress charges

• Anti-DDoS protection against all types of

DDoS attacks in our dedicated hosting

environments -- included at no extra charge

• Committed to both network and physical

security of our infrastructure



OVHcloud products support hybrid and beyond

Hosted Private

Cloudbased on VMware

Software-Defined DC

Public Cloudbased on OpenStack

Compute, Storage, PaaS

Dedicated/

Bare Metal Servers

OVH’s 15+Tbps Fiber Optic Network + Anti-DDoS +

vRack Private LAN

24/7 Customer Support & Professional Services

4


OVH US LLC Proprietary and Confidential | 5

Downtime can be devastating to your business

98%

of organizations lose

over $100,000 per

hour of downtime

81%

of organizations who

lose over $300,000

33%

of organizations who

lose $1-5 million

93%

of businesses who

experience a

significant loss of data

declare bankruptcy

within 1 year.



Start thinking about Disaster Recovery as IT Resilience

Disaster Recovery

• Focused on events and

downtime

• Reactive - response to

events

• Downtime measured in

hours and days

IT Resilience

• Focused on continuous

availability

• Proactive – Resilience by

design

• Downtime is measured in

minutes and hours



36%

Non-Critical

30%

Mission

Critical

34%

Business

Critical

7

Tiering Applications For Continuous Availability

Most Customers Are Not Tiering Effectively

According to Gartner, 61% of customers have

one protected tier in their DR site

Tiering for Flexibility

Breaking workloads into three tiers enables

the ability to utilize multiple replication tools

Tiering for Cost Savings

Tiered workloads can be assigned to different

targets to allow for more granular cost control



Grouping Applications into Tiers

8

Zero Data

Loss

Minimal Data Loss

Tolerated with Low

RTO and RPO

Data Loss up to 24 hours

tolerated. Restoring from off-site

backup a suitable option

Mission Critical

Business Critical

Non-Critical

TCO



Mission Critical

• Applications whose use and availability impacts

revenue, customer service, and organizational

reputation. No tolerance for downtime.

• Architect for high availability and continuous

backup via clustering or native replication

technologies

• Pilot light applications (AD, DNS, VPN) should be

included in Mission Critical.

• Most commonly identified Mission Critical

applications are high transaction database, email

servers, and ecommerce applications

9



Using Dedicated Servers for Mission Critical Apps

• Legacy Mission Critical Apps are frequently not virtualized and

can be challenging to protect.

• Some popular Mission Critical applications and databases

have licensing requirements that do not align with cloud

• Historically, these type of workloads wind up in a colocation

cabinet connected to DR, increasing the complexity of the

solution.

• OVH can connect Mission Critical apps in Hosted Private

Cloud and on Dedicated Servers via vRack, a high

performance Layer 2 adjacency solution from OVHcloud

10

Hosted Private Cloud

Dedicated Servers

Bare Metal

VR

AC

K



Business Critical

• Applications that are important to the business but

can experience some downtime without affecting

revenue

• Replication solutions in this tier should offer a high

level of automation and orchestration to enable

near-seamless failover

• 2 hour RTO and <5 minute RPO

• For optimum performance and protection,

subgroup your Business Critical workloads into

VPG’s for the fastest possible restoration

11

+




Non-Critical

Restore from a cloud

hosted backup of

production data to

Hosted Private Cloud or

Dedicated Servers

12

Applications that

can experience

downtime without

drastically affecting

the business.

RTO target of 4-24

hours & up to a

24 hour RPO

Consider Low Cost

or Zero Cost

replication tools

that may not

feature

orchestration and

automation



Guaranteed Resources Make a Difference

Shared Resources Increase Risk

According to Forrester Research, 20% of customers that outsource choose to

use a shared, fixed site infrastructure as their DR target

Choose a Single Tenant Solution When Possible

Dedicated resources ensure greater control and availability. Dedicated

resources typically have a SLA for RTO or RPO, as well as for the components

of the solution

Security is enhanced with guaranteed resources & Zerto

Fewer than 50% of organizations are performing malware checks on their backed-

up data. Zerto’s journaling function enables rollbacks to avoid compromised

replicates. Dedicated resources means you control all of your own security policies.



A Few Suggestions When Tiering Applications

Tier Carefully

Too few tiers can leave gaps or excluded

workloads and can drive up cost. Too many

tiers increases complexity

Collect All Details

Gather a detailed inventory of all workloads –

OS, compute, Storage, Change Rate,

Bandwidth Constraints

Engage All Stakeholders, Not Just IT

Make sure everyone is aligned on RTO & RPO

for different tiers based on their definition of

criticality and downtime costs

Use Mission Critical Sparingly

Most organizations should not classify more than

25% of their applications as Mission Critical1. It

drives up cost and network consumption.

1. Source – Gartner, “The Lessons Learned From 123 Disaster Recovery As A Service Customers”, 22 June 2017VMworld 2018 Content: Not for publication or distribution

Using Zerto Journaling to Protect Against Cyber Ransomware



Ransomware Is the New Disaster Threat

$325 Million

1month

68,000 infections

In 2015 Q1 – 165%

Increase

CTB-Locker

CryptoLocker

Torrent/Cryptowall

First detected May

2013

That’s 5,700 per

dayVMworld 2018 Content: Not for publication or distribution


City of Atlanta - A Painful & Expensive Lesson

What happened?

On Thursday, March 22, the City of Atlanta experienced a SamSam ransomware cyberattack that

affected multiple applications and client devices. As a result, some City data is encrypted and

customers are not able to access City applications. The hackers demanded $51,000 in Bitcoin.

The Result

The City of Atlanta spent over $2.7 million dollars on eight emergency contracts to recover from the

attack.

• $650k to SecureWorks to assess damage and develop action plans

• Two more contracts, worth more than $1 million, with private technology firms to work on

the city’s information management and municipal court systems.

• $600k consulting contract to Ernst & Young

• $50k to Edelman PR firm for crisis communicationsVMworld 2018 Content: Not for publication or distribution


Typical Data Protection Solutions

06:00 09:00 15:00

Backup

12:00

Snapshot Snapshot

12:00 18:00

Snapshot

Power Interruption or

Hardware Failure

Cryptolocker Virus

Infection

File deletion, Application

or Human error

= Data Loss & Downtime

24h+

4h+



Zerto Virtual Replication

Minimize impact, re-wind and recover from any point in

time

06:00 09:00 18:0000:00 12:00 15:00

30 day

Journal

*

*

Sites Apps FilesVMs



Journaling For Point in Time Recovery

BC/DR Site

Protected VM Changed-

Block

Journal vDisk

ReplicavDisk

Configure Journal SLAs, max size, datastore, average 10% space

History min 1 hour max 30 days

Compressed write to journal,

write-order maintained

Kept for journal history then

write flushed to replica vDisk



Simple Recovery From Infection

Click Failover

Select Apps

Select Checkpoint

Start Failover



Recovering Individual Files & Folders in Minutes

• Select VM

Restore Request

• File server data

• Application files

• SQL databases

• Oracle databases

• Exchange databases

Select Files & Folders

• Browser download

• Instant-access on ZVM

• Mount network share

• Data restored from

seconds before

Restore Anywhere

• Disks mounted

• No impact or agent

• Select point in time


OVHcloud Hosted Private Cloud & Dedicated Servers



vCenter NSX

vROPS

SDDC Stack 2 Datastores 2x ESXi Hosts

12 to 252 Usable

Public IP Blocks

Available Add-ons*On initial order. More may be ordered after.

Hosted Private Cloud Package Contents

Hybrid Cloud Extension

24



DESCRIPTION USAGE

INFRASTRUCTURE• Include single, dual, and soon quad-processor

configurations

• From enterprise apps to intranet

workloads and ecommerce

• Entry-level and middle-tier

configurations for hosting

HIGH-

AVAILABILITY

• Premium configurations

• Fully customizable

• High Cores/Threads CPUs

• Redundant network and power

• Machine learning

• Big Data

• Scientific computing

STORAGE • High-Storage Capacity• Backup

• On-Demand Storage

GPU• Premium GPU configurations

• Built for intensive computations

• Machine learning

• Scientific computing

• 3D Rendering

GAME • Very high-frequency desktop servers • Game hosting platform

25

DEDICATED SERVER LINES



Internet

L2 or L3 Termination

OVH POP

CGW

WAN

CGW

WAN

vRack Connect


vR

AC

K

Dedicated Server

DMZ

Live vMotion Migrations

Dedicated Circuit

Clustered Workloads

Customer On PremisesOVH Data Center

Mission Critical Workloads

Replication over VPN

Replications


Learn more at OVHcloud.com

Mike Fincham, Sr. Systems Engineer

[email protected]

Check out our website at

www.ovhcloud.com

Follow us on Twitter at @OVHcloud


mailto:[email protected]

http://www.ovhcloud.com/


Infrastructure is our business.

Stop by to tell us about yours.

Visit at Booth #1200

Follow us on social

@ovhcloud

TM

www.ovhcloud.comVMworld 2018 Content: Not for publication or distribution



Documents

Not Content: 2018 VMworld › event_data › 10 › ... · • 28 data centers, 1.4M customers • 33 global POPs • No ingress/egress charges • Anti-DDoS protection against all