White paper

How can you make better use of your backup data? An introduction to copy-data virtualization with Verizon Cloud Backup and Actifio

1. Introduction

1

2. Traditional data management approaches haven’t worked.

2

3. Introduction to copy-data virtualization

2

4. Data virtualization is the new foundation.

3

5. Sophisticated technology doing three simple things: capture, manage and use

4

6. Copy-data virtualization and the Actifio Virtual Data Pipeline

5

7. Integrating Verizon Cloud Backup and applications

5

8. Service level rules drive a new method of data management

6

9. Data access

6

10. Enhanced data safety and control

7

11. Conclusion

8

1. Introduction Your IT organization is under a lot of pressure to manage data more efficiently and provide access to it more quickly. Your current tools just can’t handle the job. When the CEO’s email box is unavailable because a server failed, how quickly can IT get it going again? When a distributed team of developers needs access to copies of production databases, how long do they have to wait before they can start working and how often can they refresh the data? This is why data management is seen as a synonym for disorganization. You have a sprawling file infrastructure, legacy backups and dozens upon dozens of physical copies



of data. If your organization is like the majority of companies struggling to control alwaysgrowing data, your IT infrastructure uses different tools for each part of data management—and it’s probably unwieldy and inefficient. Many companies haven’t ever done a fail-over test as part of their disaster recovery plan, so IT staff have no idea whether they could completely recover corporate data. Plus, delays in provisioning data for development hurts innovation and can hinder bringing applications to market. The never-ending struggle to manage six, 10 or even 12 different applications that all control separate data management functions—from

data protection to replication and migration—can frazzle even the most experienced IT manager. This white paper explores a new way to manage data, one that’s capable of transforming virtually any use case—from disaster recovery to application development and testing to data analysis—while providing business resiliency, agility and efficient use of cloud infrastructure. The first step to improved data management is to get rid of many different applications and copies of data to create a more efficient, effective and economical platform that captures, manages and uses data easily, saving valuable time and bringing sanity back to IT management.

How can you make better use of your backup data? — White paper

1

2. Traditional data management approaches haven’t worked. Organizations are becoming more aware of the increasing cost of managing copy data. Its volume is often a lot higher than production storage because there are many copies for different use cases and fewer managed retention periods. Those copies could be snapshots, clones or replicas in primary storage arrays, or backup and remote replicas in many different secondary storage types (disk or tape). Backup, disaster recovery, test and development, and data analytics each contribute to the growth of copy data. The vast majority of IT shops use separate and redundant tools to do four basic things: copy, store, move and optimize data. Many organizations underestimate the number of duplicate copies of data they have and the amount they spend for additional infrastructure to manage this copy data. Figure 1 shows that even with data optimization services saving some storage space, organizations still manage a large number of data copies.

– Analytics – Test and dev – BC/DR

– Backup

Figure 1: The copy-data growth challenge

Traditional data management approaches have compartmentalized business requirements and caused separate stacks of uncoordinated infrastructure and duplicate data. First, there was backup. Then separate and dedicated application infrastructures each created multiple data services with exclusive backup, mirroring, replication, thin provisioning and snapshot functions. As data grew, IT added efficiency services for deduplication and compression. Application development, test, analytics and compliance each created their own column of infrastructure and services. The challenge to manage

Database (DB) virtualization tool

Development and test

3. Introduction to copy-data virtualization Copy-data virtualization changes traditional data management. It drives dramatic changes in the way that data is captured, managed and used. As infrastructure has become more commoditized, applications have become more strategic. Data

Application servers

VM

VM

it all grew as these services produced even more redundant data copies. These copies took up valuable storage and became a tremendous strain on resources. Now, only a radically different approach can fix the copy-data explosion. Traditional approaches can’t handle the growing burden.

VMware SRM

Application servers

VM

– Production

Production data

Oracle DataGuard

VM

– Snapshot

Copy data

Physical servers

VM

VM

VMware

VM

VM

VM

VM

Development and test

Physical servers

Reduced SRDF replication

Daily backups

VM

VM

VMware

DB virtualization tool

Daily backups

SRDF storage replication Production storage

Production storage

Backup server farm

Backup server farm

Database dev/test/dump storage

Database dev/test/dump storage

Data domain replication Data domain

Primary site

Tape backup

Data domain

Off-site tape storage

Disaster recovery site

Figure 2: A traditional data architecture full of physical devices from many different suppliers, all linking specialized data protection applications and redundant systems. It’s complicated, messy, slow and expensive. Protection and fail-over are difficult to test, which makes reliability uncertain.



How can you make better use of your backup data? — White paper

2

virtualization technology allows applications to be portable because they aren’t tied to infrastructure. This improves business resiliency, agility and cloud mobility. Verizon Cloud Backup uses copy-data virtualization technology from Actifio to create a single platform that delivers backup, maintains business continuity and provides immediate data access.

storage services and performs the basic functions of copy, store, move and optimize for all applications. Using a common data management platform means less software to support, fewer licenses to buy, fewer integration headaches and the end of costly operational complexity. Verizon Cloud Backup provides a centralized platform to manage your data. It’s a solution that separates data from infrastructure and allows you to individually tailor service level rules (SLRs) for each application. It’s economically practical to have data snapshots for each application. Users can mount, clone, live clone or restore data from any point in time. IT makes data available, anytime.

Resiliency

Transformation

Agillity

professionals control the data explosion and IT costs at the same time. For businesses that run on Oracle, Microsoft®, VMware® and many other platforms, Verizon Cloud Backup makes it easier to protect, access and move data. Using Virtual Data Pipeline™ (VDP) technology from Actifio, Verizon Cloud Backup provides a revolutionary data management solution that makes it possible to protect and access data quickly and efficiently—with resiliency, business agility and cloud mobility. By leveraging Actifio VDP, Verizon Cloud Backup gives you the ultimate data management control to satisfy current and future business needs. 4. Data virtualization is the new foundation. Server, network, storage and services virtualization has become core to IT’s continuing transition and advancement. Verizon Cloud Backup now adds data virtualization with VDP technology.

The copy-data virtualization solution is simple to deploy and manage. It is infrastructure agnostic and easy to integrate with existing systems, so you can control operational costs and improve your recovery point objectives (RPOs) and recovery time objectives (RTOs). It also makes it simpler to manage the challenges that come with redundant data copies.

Cloud

Figure 3: Data management transformation

This platform supports many uses, such as test data management for application development and testing, analytics, business intelligence, etc. It gets rid of redundant data copies, consolidates overlapping

Businesses are already seeing the dramatic value that virtualization brings to data centers. Server virtualization allows them to reduce overall physical infrastructure, develop a more standard server

Copy-data virtualization is an innovative approach that lets IT

Application servers VM

VM

VM

VM

Development and test

Physical servers

Application servers VM

VMware

VM

VM

VM

Development and test

VM

VM

Physical servers

VM

VM

VMware

Dedup-async replication Production storage

Actifio CDS

Primary site

Actifio CDS

Storage

Cloud site

Figure 4: In the diagram above, Verizon Cloud Backup has transformed the same architecture from Figure 2 into the essential components of server, storage, primary and remote site with Actifio’s Copy Data Storage (CDS) appliance added at each end. That’s it. Many tools are consolidated into a single, simplified solution.



How can you make better use of your backup data? — White paper

3

configuration and save energy. Workloads can move smoothly, increasing operational efficiency. Storage virtualization improves utilization while reducing storage sprawl. Common storage services aren’t chained to particular storage vendors. Server, storage and network virtualization is helping IT organizations control IT costs while significantly improving IT efficiency and flexibility.

Data virtualization continues that progression. It creates potentially unlimited virtual copies for multiple purposes from a single golden copy. It eliminates the need for multiple physical data copies. It allows streamlined business operations to manage backup and recovery, test and development, business continuity, disaster recovery and analytics. The Verizon Cloud Backup platform provides users with

Sandbox

Dev

AQA

Virtual copy

Virtual copy

Virtual copy

QA

UAT/staging

Virtual copy

Development

Virtual copy

Operations

• Virtual copies • Automated online virtual DB • Point in time • Protect • APIs

• Role-based access control • Data masking • Multi-hypervisor, cloud

Figure 5: Verizon Cloud Backup

Capture Data at block level, in native format, according to your SLR

Manage

Use Unlimited virtual copies for instant access and protection

Data insights

Business continuity

Data mobility

5. Sophisticated technology doing three simple things: capture, manage and use Verizon Cloud Backup captures data (Figure 6) from production applications—Oracle, Exchange, etc.—at the block level and in native application format so it can be recovered quickly. It’s all governed by administratordefined SLRs refined or modified in just a few clicks. Once captured, data moves through the VDP to create a golden master copy that will manage data use and access. The golden master is a single physical copy compatible with any storage infrastructure. Data moves once to the golden master. Based on its defined SLR, the master is then updated on an incremental-forever basis from source production applications, making it very efficient in using bandwidth and storage capacity. Once in place, the golden master can supply a virtual copy of any application data from any point in time and for any authorized use. This eliminates the entire disparate and proprietary vendor infrastructure previously devoted to tasks like backup, disaster recovery, replication or deduplication.

A physical copy anywhere, moved and stored once

Data protection

virtualized data that can dramatically reduce the growth of data and the amount of storage you need. It also consolidates different point technologies, reduces operational complexity and lets IT improve all data service levels. Most of all, the platform does all of this without significantly impacting the performance of production systems.

Dev and test

That’s it—copy-data virtualization. Verizon Cloud Backup captures application data directly from the application and manages it efficiently on any infrastructure you choose. Data, governed by user-defined SLRs, is immediately available to support the enterprise with true applicationcentric data services.

Figure 6: Next-generation data management



How can you make better use of your backup data? — White paper

4

6. Copy-data virtualization and the Actifio Virtual Data Pipeline At the heart of the Verizon Cloud Backup copy-data virtualization platform is Actifio’s VDP. It virtualizes data with data protection and immediate access for backup and restore, test and development, analytics, disaster recovery and business continuity—all through a single storage platform. From the golden copy of production data, Verizon Cloud Backup provides an any-point-in-time copy of primary data. It’s a simple mount, clone, live clone or restore operation. VDP runs as an integrated physical or virtual appliance. It is one of the fastest, most efficient and most scalable ways to capture data. It

virtualizes data and consolidates copy services to make a single golden data copy available for many different business solutions. Copies are application-consistent in native format; they use Changed Block Tracking™ (CBT) technology and are based on customerdefined SLRs. Applications directly access virtualized data through the Actifio appliance without any data movement. The result is faster access, cost control and greater business efficiency. 7. Integrating Verizon Cloud Backup and applications Verizon Cloud Backup uses VMware snapshots and a feature of VMware’s vStorage application programming interfaces (APIs)

Capture

Manage

Verizon Cloud Backup fully integrates with VMware vSphere® and the vSphere web client. A plug-in is available to manage virtualized data from VMware’s management platform, communicating directly with the

Use

Snapshot pool

Remote pools

Dedup pool

Remote pools

Multiple OS and applications support

for Data Protection (VADP) called Changed Block Tracking (CBT). VMware-specific environments are discovered by querying VMware vCenter® for a list of ESX servers and the virtual machines (VMs) running on those servers. Using CBT, VDP transports only blocks that have changed since the last snapshot. Changes are captured from the production environment non-disruptively, with speed and efficiency.

3

1

SLR architect

Workflows

4 Orchestration

2

Snap shot

Instant mount

Clone Physical copies

Virtual copies

Live clone

Figure 7: Actifio Virtual Data Pipeline

VDP core components (Figure 7): 1. Discovery and capture: identification of hosts, applications, volumes and file systems 2. Virtualized storage repository: data virtualized to any storage device 3. S ervice level rules: predefined SLRs per application apply to primary data services 4. V irtualized data availability services: mount, clone, live clone, restore operations



VMware vCenter management server. Backups start with a VMware snapshot of the virtual machine. These snapshots provide Verizon Cloud Backup with an applicationconsistent view of the blocks on the virtual disk(s) inside a VM. Verizon Cloud Backup makes VDP available through a virtual appliance or as a VMware virtual machine. It can also integrate directly with

How can you make better use of your backup data? — White paper

5

vSAN, eliminating the need for external copy-data storage. Coupled with Actifio’s Resiliency Director, it enables you to run disaster recovery tests as often as necessary without impacting production. Verizon Cloud Backup gives you the flexibility to choose the storage for your virtualized data, so you can repurpose storage—and control costs. 8. SLRs drive a new method of data management. Once an enterprise deploys Verizon Cloud Backup, it immediately begins moving toward greater operational efficiency. Verizon Cloud Backup discovers applications and file systems running in the environment. It then applies custom-tailored SLRs to each application and data set. Verizon Cloud Backup binds data management services, such as snapshots, replication, workflows, life-cycle management and deduplication, directly to the application. This hard linkage enforces service levels for groups or individual VMs and governs the

Creating these SLRs is simple and intuitive. They define how frequently data is captured, lifecycle policies, retention periods, data mobility type, access policies and more. Workflows use the point-in-time data sets created by SLRs to add additional levels of automation. Any authorized system connected to the platform can access virtual data copies. Common use cases include: • Mount a volume for testing or application development. • Recover data or a complete VM following a system failure. • Retrieve an accidentally deleted file. • Analyze data from a virtual production data copy.

OPS: Specify data masking scripts to invoke.

1 5

desired data life-cycle policies for each application. Assigned policies—including data access restrictions—will stay with each application, even if the underlying infrastructure changes or the application moves to a cloud service.

3

Actifio has a masked copy that is ready to be consumed by Dev users.

Data refresh happens automatically.

9. Data access There are four different ways to access data on the Verizon Cloud Backup platform: mount, clone, live clone and restore. Mount is the most frequently used data access method. It allows you to access virtual data copies. After storing the first full production copy, VDP tracks and stores changes over time. With all data in place, VDP services input/output directly. There’s no need to copy the data for use, and no waiting needed. Mount virtual copies immediately on any authorized physical or virtual system using efficient block-level iSCSI and Fibre Channel protocol.

Sandbox

Dev

4 Dev can select ONLY masked copies for tests.

AQA

MS SQL DB Masked copy

Golden copy

QA

Oracle DB

2

The SLRs add considerable datapolicy enforcement and safety, and are at the core of simple but sophisticated next-generation data management. They allow you to add protection to any application or data set based on the value or necessity of the data. They help your organization benefit from improved data sharing and use across the enterprise.

Actifio mounts the data to data masking server. Data is masked here.

UAT/staging Data masking server Support

Figure 8: Data masking



How can you make better use of your backup data? — White paper

6

By eliminating data movement from the process, you can access even very large data sets right away. Clone creates an independent copy of a data set. The most common uses are application development and testing, data audit for compliance, data warehousing, e-discovery and user acceptance testing. You can copy application-consistent data sets to virtual or physical servers from any point in time and save them to a separate storage location anywhere in your environment. Live clone functions like clone, but adds updates. It creates an independent copy that you can mount and which gets updated whenever the primary data is refreshed. Teams such as test and development then have automated access to the freshest data set without excessive data management. Restore effectively reverts production data to look exactly as it did at the time of a selected data collection point. It is the only operation that moves 100 percent of the data before you can use it. A typical use case would be the recovery of an entire server or application after a massive data corruption or storage array failure. It is important to remember that this takes the most time from a recovery perspective. 10. Enhanced data safety and control You need to have confidence in your enterprise data safety and control. That starts with commonsense management of potential vulnerabilities. Verizon Cloud Backup customers can place more trust in their solution because it eliminates rogue copies and reduces data targets. Copy-data virtualization collapses the potential “attack surface” for any malicious purpose into a single golden copy of protected production data. In enterprise cloud deployments, Verizon Cloud Backup manages data



movement across physical, virtual and hybrid environments, protecting data regardless of platform shifts. It helps support governance and regulatory compliance for sensitive data, and safeguards against potential data leaks and risks to your reputation. Automated workflows transform and mask sensitive production data before it reaches development environments, creating a virtual firewall between the two. Data virtualization provides centralized control for the entire copy-data environment and life cycle. Using a single tool to create and manage all copies creates a platform for applying access control, data monitoring and authentication. It discourages unsecured shadow IT operations, and it helps you controls costs. All Verizon Cloud Backup data-control capabilities are available for remote or cloud sites, including replication optimization, continuous updates and automated data masking. Data control functions Data virtualization: Copy-data virtualization produces a critical data-control and management structure. It can help you identify potential weaknesses and recover from breaches quickly, because excess physical copies no longer exist. The smaller attack surface provides fewer opportunities to compromise privileged information. Masking for development and test: Data control requirements continue during application development and testing. Sensitive data that has no bearing on the development process can be automatically masked before development and quality assurance teams get access (Figure 8). That means data is available to authorized users for sanctioned purposes and fully restricted from any unauthorized use or purpose. Immutable references: In the event of a suspected breach, copies of a baseline or known-good and unalterable state are made available for comparison and investigatory purposes. You can detect, verify

and map unauthorized data tampering using a combination of Verizon Cloud Backup and integrity monitoring tools. Penetration and vulnerability testing: The Verizon Cloud Backup golden copy of production data can serve data control objectives as a virtual clone of an entire production environment. You can create and expose it to routine and aggressive penetration and vulnerability testing without the risk of disruption to production environments. Data loss prevention (DLP): You can use Verizon Cloud Backup to conduct data loss and compliance scanning of virtual database clones, as well as physical and virtual machines. Compliance is more easily evaluated without any load on production servers. Two-factor control: You can restrict authorized data access, requiring both appropriate rights to the copy-data appliance and access to a designated host. Permission can be set to an individual, divided by a two-person rule or set to require passwords from multiple individuals. Audit logs and access controls: Verizon Cloud Backup enables IT administrators or application owners to set role-based access controls (RBACs). It integrates with external event receivers and provides a fine-tuned capability to manage who gets access to which data sets on which test servers. It includes an audit trail, updated automatically. Complexity reduction: Verizon Cloud Backup simplifies procedural testing and non-disruptive demonstrations of data control. Data virtualization eliminates redundant infrastructure, process and expense. Meaningful key performance indicators (KPIs) are more accessible, enabling faster insight and appropriate intrusion response.

How can you make better use of your backup data? — White paper

7

11. Conclusion Verizon Cloud Backup copy-data virtualization is a transformational approach to business resiliency through a data management and protection platform that controls copy-data sprawl. It leverages technology from Actifio so applications aren’t tied to specific infrastructure and you can improve business resiliency, agility and cloud mobility. Verizon Cloud Backup copy-data virtualization provides flexible “when and where” data access by

consolidating multiple services onto a single, simple management platform. And it delivers it through a central point of access and control for backup, disaster recovery, business continuity, test/development, replication and archive. Data efficiency services, such as compression and deduplication across all applications and storage systems, are also included. And through a common set of heterogeneous data services, the VDP platform eliminates expensive software licenses supporting many different

functions across disparate storage arrays. All of this dramatically reduces the need for storage capacity, energy and floor space. Choosing Verizon Cloud Backup means your business can run efficiently, with cost controls and infrastructure reductions that radically simplify operations.

About Verizon Verizon provides advanced infrastructure and managed services that deliver the scale, security and reliability necessary to meet the demanding requirements of enterprises and governments around the world. With a global network of data centers and a portfolio of secure solutions, Verizon helps organizations realize the power and promise of the cloud. About Actifio Actifio delivers copy-data virtualization to hundreds of global enterprise customers and service provider partners in more than 30 countries around the world. Its Virtual Data Pipeline technology decouples data from infrastructure, enabling dramatic improvements in business resiliency, agility and access to the cloud. Actifio replaces siloed data management applications with a radically simple, application-centric, service-level-rule-driven approach that lets customers capture data from production applications, manage it more economically and use it when and where they need to.

VerizonEnterprise.com © 2016 Verizon. All rights reserved. The Verizon name and logo and all other names, logos and slogans identifying Verizon’s products and services are trademarks and service marks or registered trademarks and service marks of VerizonTrademark Services LLC or its affiliates in the United States and/or other countries. All other trademarks and service marks are the property of their respective owners. WP16808 7/16