Increased Security, Greater Agility, Lower Costs for AWS...
Transcript of Increased Security, Greater Agility, Lower Costs for AWS...
Increased Security, Greater Agility, Lower Costs for AWS
DELPHIX FOR AMAZON WEB SERVICES FOR THE FEDERAL GOVERNMENT
WHITE PAPER
2WHITE PAPER
TABLE OF CONTENTS
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Overview: Delphix Virtual Data Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Delphix for AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Decrease the Cost of Operating in AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Delphix Deployment Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3WHITE PAPER
INTRODUCTIONAGENCIES OF ALL SIZES ARE USING THE CLOUDCloud deployments are rapidly becoming not just feasible but essential
for federal agencies. The cloud promises transformative gains in
execution, increased service offerings and lowered costs. It enables
rapid infrastructure deployments across teams and locations, allowing
agencies to rapidly spin up the infrastructure they need on a per-project
basis—cutting project timelines and replacing large capital expenditures
with usage-based pricing. The “Cloud First” mandate has spurred
agencies to migrate many of their non-production applications to the
cloud. With Amazon Web Services support for hybrid solutions, such as
production on-premise and non-production in the cloud or cloud burst
capacity, a far wider range of applications are taking advantage of the
cloud environment.
IOPS COSTS, COMPLIANCE & SECURITY, AND APPLICATION QUALITYAgencies moving to the cloud face several challenges. Among the most
salient of these is cost. While the per-gigabyte cost of storage is low,
cloud providers charge separately for compute and IOPS. Low initial
charges can thus rise rapidly, especially when unexpected operations,
such as backup recovery, are required. These costs cut into cloud benefits—organizations cannot take advantage of
added agility if data movement pricing is prohibitive.
The cloud also raises serious challenges of compliance and security. Sensitive data must often be protected before
it is sent to the cloud, sometimes under threat of regulatory penalties. This adds an additional layer of complexity
and delay to cloud operations. If a cloud deployment replaces an older on-premise application, there may also be a
compliance need to keep the old application active—this makes cloud options less reasonable.
Finally, cloud agility only addresses some of the bottlenecks that constrain major IT projects. A cloud deployment can
spin up additional hardware rapidly, but may be no faster than a traditional datacenter at standing up an environment,
refreshing its data, or recovering a prior state.
DELPHIX & AWS COMMON USE CASES:
• Cloud Migrations
• Disaster Recovery
• Hybrid Application Development and Test
• Backup and Recovery
• Archiving
• Data Masking
• Copy Data Management
DELPHIX HELPS AGENCIES:
• Accelerate cloud migrations
• Decrease AWS operating costs
• Govern data and achieve compliance in AWS
• Eliminate data security risks
• Implement efficient hybrid cloud environments
• Double application development agility and output
4WHITE PAPER
OVERVIEW: DELPHIX VIRTUAL DATA PLATFORMDelphix provides virtualized environments of databases, applications, and files by abstracting data from hardware and
storage. Through intelligent data block mapping and sharing, Delphix eliminates widespread data redundancy and
provides unique “on demand” virtual data delivery capabilities.
Delphix can provision virtual data environments for any IT function including development, QA, reporting, analytics,
or data recovery. These virtual environments function just like full physical copies, but consume a fraction of the
space and can be created in a fraction of the time. Delphix virtual environments can be refreshed in minutes,
bookmarked and rolled back to previous points in time, and mapped to specific code builds—all with self-service and
90% less infrastructure. As a result, IT organizations operate faster and at a lower cost.
Delphix also maintains synchronization with production systems by collecting changes and tracking all versions for as
long as required. Delphix non-disruptive synchronization eliminates 95% of source and network load caused by full
data extraction and movement, and each virtual environment can be quickly and automatically refreshed to provide
full data from any point in time.
The capabilities of the Delphix Virtual Data Platform are supported across a large number of data sources and
delivered as a software virtual appliance referred to as the Delphix Engine. The virtual appliance form factor of the
Delphix Engine maximizes deployment flexibility, scale, availability and cloud readiness.
• Efficient, near real-time
• 10x less bandwidth required
• Any app, server, storage
• Secure copies on-demand
• Manage release versions
• Store 30 days in space of 1
• Run 10 copies in space of 1
• 10x time, storage savings
• On-premise, offsite, cloud
5WHITE PAPER
DELPHIX FOR AWSENABLE SUCCESSFUL AWS PROJECTSDelphix helps agencies accelerate their AWS projects and operate more efficiently in AWS environments with:
1 . Increased data security
2 . Superior data management & agility
3 . Lower AWS costs
INCREASED DATA SECURITY
GOVERN DATA, ACHIEVE COMPLIANCE & ELIMINATE RISKThe lack of visibility and control in a public cloud’s infrastructure layer is a major area of concern when assessing the
risk of moving sensitive data or workloads to AWS. In order to justify using AWS or any public cloud environment for
business critical workloads, smart CISOs and IT leaders will choose solutions that ensure their cloud projects meet
compliance requirements and reduce their level of risk. With Delphix, organizations can govern data changes, achieve
compliance, and eliminate the risk of sensitive data residing in AWS.
Many organizations want to take advantage of cost-effective elastic cloud environments but cannot justify the risk of
having sensitive data in a public cloud such as AWS. This is especially true in industries such as finance, retail,
government, and healthcare where regulations mandate protection of sensitive data. Delphix provides an innovative
solution for data security by delivering in-line data masking to ensure that sensitive data is never sent to AWS
without first being masked. This eliminates the risk of sensitive data being stored and potentially compromised in
AWS. It’s important to note that an intelligent data masking strategy can provide better risk mitigation than identity
management, encryption, or some network security solutions. Since only dummy data is sent to AWS, compromises in
security controls won’t result in a breach of sensitive data. For more detail on Delphix Data Masking, please download
the Delphix Agile Masking data sheet.
6WHITE PAPER
DATA MASKING & GOVERNANCE
Data and network security can also be a challenge for AWS projects. Even though secure VPN connections to the
cloud can be achieved via AWS services such as Virtual Private Cloud (VPC), organizations still want to minimize the
number of communication ports that are exposed to any outside environment. Delphix replication can be utilized both
for migration to AWS and for maintaining a seamless connection between on-premise datacenters and AWS Regions.
Delphix replication provides added layers of network security, allowing organizations to take advantage of Delphix
network layer encryption over the existing VPN, and by restricting access to only the Delphix replication
communication ports.
Tracking and auditing changes in a cloud environment can require multiple management and alerting tools, and
an additional set of tools to enforce change control or perform remediation. Delphix built-in logging provides
organizations with a source of record of the location of your data in the cloud, who is accessing it, and what changes
have occurred. Delphix also enables immediate remediation by providing the ability to quickly roll back data and
environments to a known safe point in time.
7WHITE PAPER
INCREASE BUSINESS AGILITY
PROVISION, REFRESH, REWIND & ARCHIVE ENVIRONMENTS IN MINUTESThe goal of operating in public IaaS clouds like AWS is to get infrastructure layer agility benefits such as elastic
compute and storage. Unfortunately, these infrastructure layer agility features rarely (if ever) extend to the entire
application stack. Customers must still address the same challenges as on-premise environments when it comes to
installing and managing their applications and data, as well as constantly provisioning and refreshing data.
With Delphix, organizations achieve agility throughout the entire application stack with the ability to provision full
environments in minutes, and to refresh, rewind, and archive entire environments.
AWS REGION-TO-REGION REPLICATION
Using Delphix to operate across AWS Availability Zones is a prime example of how Delphix can deliver full application
stack agility. It’s great to be able to use AWS orchestration to rapidly spin up compute and storage in a different AWS
zone—for disaster recovery or any number of elastic compute purposes—but refreshing a large dataset or database
across Availability Zones can result in paying a steep “border tax” for moving data within AWS. Utilizing Delphix,
customers can refresh a 2TB database, for example, that is currently in AWS East to an EC2 instance in AWS West by
moving only 20GB of data. Scenarios like this open up vast new use cases of agility and can enable an efficient global
AWS deployment—without borders and additional taxes.
8WHITE PAPER
DECREASE THE COST OF OPERATING IN AWSIn order to achieve the desired cost savings when moving to AWS (or any public cloud IAAS), organizations
must minimize:
1 . Cost, time and risk of migrating environments to the cloud
2 . Infrastructure and administration costs of operating in the cloud
MIGRATING TO AWS:
TESTING, MODERNIZATION, AND MIGRATIONThorough testing before migrating to AWS is a critical part of any successful AWS migration project. As part of an AWS
migration, organizations may also need to modernize their applications—for example, porting an application from a
legacy Unix platform to an AWS supported version of Linux. Delphix helps organizations accomplish all of these testing
and modernization tasks with exceptional efficiency.
Delphix delivers parallel virtual environments that improve the quality and speed of QA, user acceptance, and
development testing—all with no impact on current production environments. Delphix also delivers on-demand access
to full, current datasets throughout the testing environment—both on premise and in AWS. The result is that
organizations accelerate their migration projects by performing more thorough testing in a shorter period of time.
Delphix also provides the ability to effortlessly convert legacy Unix environments into Linux. Simply sync Delphix with
a Unix environment and Delphix performs the endian conversion necessary to provision that environment into Linux—
drastically accelerating the modernization phase of a cloud migration project.
Another common challenge to successful AWS migrations is the large amount of data that needs to first be migrated
into the cloud and then constantly refreshed with current data. Delphix WAN optimization utilizes compression and
block filtering to significantly cut down on the amount of data sent during the first upload into AWS. After the initial
upload, Delphix replicates only changed data blocks to AWS by collecting incremental changes—eliminating all future
full data uploads. The result: Delphix drastically reduces the time and cost of uploading data into AWS and across
AWS regions.
This capability also helps reduce the downtime associated with the switch to AWS. Because Delphix enables easy
replication between on-premise and cloud deployments, the cloud environment may be spun up, synced with
on-premise and validated while the on-premise deployment continues to serve users. The switchover then occurs
without downtime or inconsistency.
Finally, the Delphix Live Archive feature enables efficient archival of entire environments prior to migration to AWS.
The archived environments can then be restored in minutes to satisfy audit requirements, environment rollback,
disaster recovery or any other purpose.
9WHITE PAPER
ARCHIVING & DISASTER RECOVERY
OPERATING IN AWS—IAAS AND LICENSINGFor environments migrated into AWS as well as
environments that were “born in the cloud,”
Delphix provides additional cost savings by
significantly reducing the cost of AWS
compute, storage, IOPS and licensing. Utilizing
Delphix, customers have already seen a
reduction in their monthly AWS costs of 50%
or more.
10WHITE PAPER
Delphix data efficiency utilizes compression, block sharing, and block filtering to store 20-50 virtual environments in
the storage footprint of one physical environment. Delphix also provides Continuous Data Protection (CDP)—the
ability to rewind and restore an environment from any point in time. CDP eliminates the need for and associated costs
of creating and managing backup snapshots.
Managing provisioned IOPS for high
performance persistent workloads tends to
be one of the most difficult challenges
facing agencies using AWS. Here, Delphix
lowers costs by providing a shared IOPS
pool across environments, allowing users
to avoid paying high IOPS eliminates the
cost of expensive high performance EC2
instances by enabling intelligent bursting,
rapid provisioning, and higher utilization.
Furthermore, AWS infrastructure savings
with Delphix increases with the number of
environments, amount of storage, and amount of IOPS—leading to even higher ROI in large-scale deployments.
Finally, by intelligently provisioning environments on demand, Delphix enables further savings when using AWS
services where the BYOL licensing format is utilized. These savings are especially relevant for disaster recovery
scenarios since license fees can be avoided in the recovery environment until the time of failover.
11WHITE PAPER
DELPHIX DEPLOYMENT OPTIONSA SCALABLE, FLEXIBLE DEPLOYMENT ARCHITECTUREWith AWS, agencies are offered a scalable infrastructure, multiple architecture options, and open APIs for
orchestration and integration within the entire environment. Savvy IT organizations realize that integrating their
AWS environments with a solution like Delphix which provides the same level of architecture flexibility and
orchestration through open APIs, helps drive successful and effective AWS projects. Delphix supports a wide range
of deployment options to empower any combination of hybrid or born-in-the-cloud scenarios, and Delphix provides
a full set of APIs for integration with a variety of orchestration and DevOps tools. The Delphix Engine runs as an
Amazon Machine Image (AMI) and supports multiple EC2 instances and AWS regions.
ARCHITECTURE EXAMPLE
If organizations plan to utilize AWS as an extension of an on-premise environment,
Delphix can be used to bridge or burst into the cloud in an efficient and cost-effective
manner. Installing a Delphix Engine on-premise and replicating to another Delphix
Engine in AWS creates a seamless hybrid cloud environment with a variety of
efficiency benefits such as WAN optimization—sending only changed blocks and
discarding zero or unused blocks to minimize the data transferred. This hybrid option
also delivers the data encryption and compression benefits of Delphix replication and
enables data masking to be implemented so that sensitive data can be masked prior
to being sent into AWS.
Alternatively, many agencies have already “cut the tether line” and are now delivering
suites of services from AWS without any connections to on-premise datacenters. In
these scenarios, Delphix provides cloud-born environments with full application stack
agility benefits such as fast provisioning, instant data refreshes, and continuous data
protection. Delphix also delivers the additional benefit of AWS licensing and infrastructure cost savings.
DELPHIX AWS REGION SUPPORT
• US East (N . Virginia)
• US West (Oregon)
• US West (Nor Cal)
• EU (Ireland)
• Asia Pacific (Singapore)
• Asia Pacific (Tokyo)
• Asia Pacific (Sydney)
DELPHIX EC2 INSTANCE SUPPORT
• i2 .2xlarge
• i2 .4xlarge
• i2 .8xlarge
Delphix for Amazon Web Services for the Federal Government March 2015
You can find the most up- to- date technical documentation at:http://www .delphix .com/support
The Delphix Website also provides the latest product updates. If you have comments about this documentation, submit your feedback to: help@delphix .com
Delphix Corp.275 Middlefield Road, Suite 210Menlo Park, CA 94025www .delphix .com
© 2015 Delphix Corp. All rights reserved.
The Delphix logo and design are registered trademarks of Delphix Corp. in the United States and/or other jurisdictions.All other marks and names mentioned herein may be trademarks of their respective companies.