AWS re:Invent 2016: Three Customer Viewpoints: Private Equity, Managed Services, and Government – How These Customers Transformed Business Operations through Storage (STG212)
Customers seeking to make transformations to their environment typically gain efficiencies in both operational and capital costs. This session presents three different case studies, each from a different category of operations – Private Equity, Managed Services, and Government. In Government, General Dynamics will discuss how implementing AWS storage as part of their DevOps environment, saving $700k per year. Carlyle Group will show how replacing their on-premises storage with cloud based solutions brought new capabilities to their organization. Finally, Cobalt Iron will discuss how moving their customers to cloud backup targets allowed them to deliver 2M cloud backups per month.
Semelhante a AWS re:Invent 2016: Three Customer Viewpoints: Private Equity, Managed Services, and Government – How These Customers Transformed Business Operations through Storage (STG212)
IBM Aspera for high-speed data migration to your AWS Cloud - DEM02-S - New Yo...Amazon Web Services
Semelhante a AWS re:Invent 2016: Three Customer Viewpoints: Private Equity, Managed Services, and Government – How These Customers Transformed Business Operations through Storage (STG212) (20)
AWS re:Invent 2016: Three Customer Viewpoints: Private Equity, Managed Services, and Government – How These Customers Transformed Business Operations through Storage (STG212)
2. What to Expect from the Session
• Overview of AWS storage options
• Key use cases and reference architectures
• Customer Confessions – Killer Benefits!!!
• Jeff Pisano from Carlyle Group – Modernizing & Securing Carlyle
Group’s Data Infrastructure
• Ben Buckley from General Dynamics (GDIT) - Federal Agency
• Richard Spurlock from Cobalt Iron - Data Protection as a Service
• AWS Building Blocks and Call to Action
3. Amazon EFS
File
Amazon EBS
Amazon EC2
Instance Store
Block
Amazon
S3/SIA
Amazon Glacier
Object
Data Transfer
AWS Direct
Connect
AWS
Snowball
ISV Connectors
Amazon
Kinesis
Firehose
S3 Transfer
Acceleration
Storage
Gateway
Storage is a platform: AWS Storage Maturity
4. Primary Storage
• Primary Storage can be file, block and object storage targets
• Primary storage can provide
• Storage for a variety of customer workloads, file distribution services
• Translation for IP storage protocols, replication of storage
5. Backup and Recovery
Backups can be run on-premise to the cloud, either directly to a cloud target or via a gateway
appliance, or within the cloud.
Backup is not archive
• Backup represents a point in time copy of the data.
• Archived data is the only authoritative copy of the data.
7. What to Expect from the Session
Carlyle Group Overview
Carlyle Global Business Continuity
Modern File Services on AWS
Security Considerations for Cloud Files
8. About the Carlyle Group
The Carlyle Group is one of the world’s largest and most
diversified alternative asset management firms.
Corporate Private Equity
Real Assets
Global Market Solutions
Investment Solutions
128 Distinct Funds
170 Fund of Fund Vehicles
11 Core Industries
6 Continents
35 Global Offices
1,650 Employees
9. Previous State File Storage
With staff located across the globe and a heavy dependency on Excel files for key
business processes, fast and efficient access to local file servers is paramount.
10. Our Essential Business Application
Recent Business Continuity Plan interviews revealed that local
file servers are among Carlyle’s most essential business tools.
11. Our Essential Business Application
To provide localized storage across Carlyle’s distributed
enterprise, each office has its own physical file server.
12. Remote File Server Challenges
No redundancy for local file servers, which presents a significant DR risk in the event of an
office outage. Additionally, global file sharing is slow and mobility is limited.
Current model lacks redundancy
in the case of outage/disaster
No Redundancy
Slow access to files outside
of home office
Slow Global File Sharing
In the event of an outage,
restoration can take up to a week
Long Restoration Time
Local file servers are available only
through the Carlyle network
Limited Mobility
13. File Sharing, Alone, Is Not The Solution
No Edge Data Persistence
No Legacy NAS Protocol Support
Shared SaaS Services Introduce Security Risk
14. VPN
VPN
*aaS Security Considerations
Data Centers
Networking
Storage
Servers
Virtualization
Operating Systems
Security
Data, Encryption, Authentication
Applications
Data Centers
Networking
Storage
Servers
Virtualization
Operating Systems
Security
Data, Encryption, Authentication
Applications
Data Centers
Networking
Storage
Servers
Virtualization
Operating Systems
Security
Data, Encryption, Authentication
Applications
IaaS
Infrastructure As A Service
SaaS
Software As A Service
On Prem
Private Data Center
= customer owned = vendor owned
15. Current State: AWS + CTERA
To address these challenges, Carlyle leverages CTERA cloud storage gateways to provide
full data replication and 1-to-1 local drive mapping to Amazon S3.
CTERA Portal Global Cloud File System & Service Orchestration Carlyle AD
Endpoint File Sharing
& Data Protection
Office File Sharing &
Data Protection
Amazon S3 Cloud Storage Cost Effective, Limitless Object Storage
+
100% Private File Sharing & Data Protection
16. Secure Hybrid Cloud File Storage
3 Regions • Direct Connect To Carlyle Offices • Always-On DR
+ + +
Americas EMEA APJ
17. Significant Business Continuity Improvement
With the CTERA cloud storage solution, local drives can be mapped to the cloud in the
event of a network outage—reducing restoration time from days to minutes.
Network outage
at Carlyle’s
Charlotte office
Local shared
drives
inaccessible
Shared drives sync’d to cloud
remotely via CTERA Portal
Carlyle private cloud powered by CTERA & AWS
Users in Charlotte office can quickly
retrieve and upload local files
Cloud Storage
NAS Gateway
+
18. High-Speed Global File Sharing
Additionally, with CTERA cloud storage, Carlyle staff can now quickly access local files
from any global office with the same speed as their home office.
NY office requesting
Excel file from Hong Kong
London office requesting
PPT file from DC
Sydney office requesting
Word file from Paris
+
19. Phase II – Anywhere, Any Device
While Phase I of Carlyle’s CTERA implementation will focus on DR and global file sharing,
Carlyle plans to leverage CTERA to provide mobile access to local files without having to
log in to the Carlyle network.
+
20. Enterprise Grade Security
CTERA provides end-to-end security in its cloud storage products. This includes built-in
data-at-rest encryption, data-in-transit encryption, strong authentication, and identity
management.
CTERA source-based encryption
effectively creates a VPN for cloud
storage, Carlyle has all data encrypted
with via AES-256 encryption before it
is sent over the WAN.
Source-Based
Encryption
CTERA integrates with Carlyle’s Active
Directory to provide user authentication
and single sign-on, including password
expiration policies and AD forests
support.
Authentication & Identity
Management
In addition the encrypting the data
itself, all cloud traffic is transmitted
over a TLS connection.
Secure Connection,
In-Transit Encryption
CTERA uses SHA-1 (Secure Hash
Algorithm) to "fingerprint" the data sent
to the cloud—ensuring data integrity.
Data Integrity
Assurance
21. Reducing Overhead, Enhancing Productivity
By reducing appliance volume and maintenance tasks, Carlyle’s IT Operations team can
focus more on delivering products and services that align with business strategy and
enhance the user experience.
AWS & CTERA Help Carlyle Reduce: Allowing Carlyle to Focus More on…
Expensive Traditional Filers
Likelihood of Hard Drive Failure
Engineering Maintenance Burden
Need for Additional Backups
Aligning budget and manpower with
strategic projects and initiatives
that support key business goals
Building an enhanced user
experience for Carlyle’s global staff
and investor community
23. What we do
• Enterprise IT
• Application
Development
• Cloud Solutions
• Data Analytics
• Infrastructure
• Mission Support
• Cyber
• Health Solutions
Aerospace
Combat Systems
IS&T
Marine Systems
24. Current Environment
Global user population
Centralized Footprint
90% storage and compute in two Data
Centers
Custom Application Development
• Capability
• Content management
VDI User Access
Central VDI hosting
Storage Centric
Content management
Unstructured data
Cloud
Government direction to move
by 2017
Need to distribute content globally
25. Drivers to moving to AWS
Focus of agency on Mission
(not infrastructure)
Data management needs are
a natural fit for Amazon S3 and
AWS orchestration capabilities
Rapid DevOps capability –
Government procurement
timeframes are often in conflict with
mission needs
Cost – Expense of establishing
remote datacenter for COOP are
onerous
26. Accelerate Data Movement to the Cloud
• Enables use of object
storage while
enabling traditional
Enterprise
performance and
features
• Accelerates cloud
adoption without
requiring applications
to change
• Portfolio approach
required to meet
diverse mission
needs
• Rapid backup and recovery performance with
inexpensive S3 storage
• De-duplication minimizes transport bandwidth
and cost while enabling much longer retention
• Secure offsite backup with FIPS 140-2 level 1
validated encryption
• Integrated easily with existing backup platform
NetApp AltaVault – Backup (NFS)
Avere FXT - NFS
• High performing NFS storage for legacy
applications while consuming inexpensive S3
object storage
• Automated data migration, mirroring
• High-availability support for mission applications
• Satisfy High performance CIFS needs of
mission applications while moving cold data
to S3
EMC Isilon Cloud Pools - CIFS
27. Success = Decommission • Backup migration allowed us
to rapidly decommission 6PB
of costly datacenter storage
($700K per year)
• High 10x deduplication across
12 AltaVault instances allowed
significantly longer backup
retention capability with less
storage consumption – 6 PB
backups stored on 650 TB
• 17-19x on virtual backup via
AltaVault
• Allowed us to decommission
expensive software (Veeam)
with over $500K annual
maintenance costs
28. Early
Adopter tax
• Early code from from Avere
and Dell EMC lacked maturity
• Avere builds have become
more mature for High-
performance NFS, with CIFS
on the horizon
• Dell EMC storage CIFS
performance has been
excellent, but cloud pool
challenges have delayed
additional migrations of
mission data
• Currently migrated over 2 PB
and decommissioned one
subsystems
29. Benefits Realized
Storage
Cost
• Decommissioned infrastructure responsible for 1.2 Million dollars in annual
tails while significantly decreasing administrative burden
Cloud Mandate
• Provided capability to government to migrate petabytes of object
storage to the cloud with no change required to applications
• Decommissioned over 6 PB of storage for backup and another 2.75 PB for
other gateways
• In process of migrating more systems with plans on decommission majority of
subsystems
• Secure offsite backups with rapid recovery and longer retention times
30. Next steps - DevOps
• Democratize data to all
applications while providing
discovery and security based on
metadata attributes
• Rapidly develop capability with
PaaS and immediate data
access
• Rapidly search, visualize and
analyze data from multiple
sources
• Reduce focus on infrastructure
and enhance mission
35. Amazon S3 relieves backup pressures
Backup from on-premises to cloud
Disaster Recovery in the cloud
Protect ‘born in the cloud’ data
Long term archiving for backup data
41. What’s next?
• Building blocks for enterprises
• Leveraging your investments
• Call to action!
42. ENTERPRISE
APPS
DEVELOPMENT & OPERATIONSMOBILE SERVICESAPP SERVICESANALYTICS
Data
Warehousing
Hadoop/
Spark
Streaming Data
Collection
Machine
Learning
Elastic
Search
Virtual
Desktops
Sharing &
Collaboration
Corporate
Email
Backup
Queuing &
Notifications
Workflow
Search
Email
Transcoding
One-click App
Deployment
Identity
Sync
Single Integrated
Console
Push
Notifications
DevOps Resource
Management
Application Lifecycle
Management
Containers
Triggers
Resource
Templates
TECHNICAL &
BUSINESS
SUPPORT
Account
Management
Support
Professional
Services
Training &
Certification
Security
& Pricing
Reports
Partner
Ecosystem
Solutions
Architects
MARKETPLACE
Business
Apps
Business
Intelligence
Databases
DevOps
Tools
NetworkingSecurity Storage
Regions
Availability
Zones
Points of
Presence
INFRASTRUCTURE
CORE SERVICES
Compute
VMs, Auto-scaling,
& Load Balancing
Storage
Object, Blocks,
Archival, Import/Export
Databases
Relational, NoSQL,
Caching, Migration
Networking
VPC, DX, DNS
CDN
Access
Control
Identity
Management
Key
Management
& Storage
Monitoring
& Logs
Assessment
and reporting
Resource &
Usage Auditing
SECURITY & COMPLIANCE
Configuration
Compliance
Web application
firewall
HYBRID
ARCHITECTURE
Data
Backups
Integrated
App
Deployments
Direct
Connect
Identity
Federation
Integrated
Resource
Management
Integrated
Networking
API
Gateway
IoT
Rules
Engine
Device
Shadows
Device
SDKs
Registry
Device
Gateway
Streaming Data
Analysis
Business
Intelligence
Mobile
Analytics
43. Storage Partner Solutions
Technology Solutions vetted by the AWS Storage Competency Program
aws.amazon.com/backup-recovery/partner-solutions/
Note: Represents a sample of storage partners
Backup and RecoveryPrimary Storage Archive BCDR
Solutions that leverage file, block, object,
and streamed data formats as an
extension to on-premises storage
Solutions that leverage Amazon S3 for
durable data backup
Solutions that leverage Amazon
Glacier for durable and cost-effective
long-term data backup
Solutions that utilize AWS to enable
recovery strategies focused on RTO
and RPO requirements
44. http://aws.amazon.com/mp/storage
Primary Storage Backup and Recovery File Transfer and Data Replication
Provide cost efficient storage resources to
your Amazon EC2 based storage targets
Use AWS based storage resources as a fast,
cost conscious method of data protection
Accelerate your hybrid workloads by efficiently
moving data between AWS resources
Storage Solutions in AWS Marketplace
AWS offers cloud storage for virtually any architecture as well as cloud data migration
tools to move data into and out of the AWS Cloud. AWS Marketplace helps you integrate
your preferred storage industry vendors with your new AWS environment.
Ready-to-run on AWS — both pre-configured
& customizable for your unique needs
Deploy when you need it, 1-Click launch
in multiple regions around the world
Metered pricing by the hour. Pay only for
what you use. Volume licensing available