sonicwall cdp overview november 2010 andy barrow sonicwall product manager +44 1753 797944
TRANSCRIPT
SonicWALL CDP Overview
November 2010
Andy Barrow
SonicWALL Product Manager
+44 1753 797944
Who are SonicWALL?
SonicWALL was founded in February 1991 to develop standards-based, network infrastructure products to meet the needs of the small to medium business and education markets.
Today, SonicWALL’s Internet security and transaction security solutions are leading the way for a more diverse and secure Internet experience for small, medium and large enterprises.
04/19/232 CONFIDENTIAL All Rights Reserved
3 CONFIDENTIAL All Rights Reserved
The Company Overview
SonicWALL designs, develops, and manufactures network security, secure remote access, Web and e-mail security, continuous data protection, and
policy and management solutions
Complete product portfolio (SoHo – Enterprise)
Global Organization25 offices in 19 countries
5 regional support offices worldwide
Committed to a two-tier distribution model – indirect sales 100%
04/19/23CONFIDENTIAL All Rights Reserved
United States
BelgiumUnited KingdomGermanyFranceSpainItalyRussiaDubaiSwitzerlandSweden
Canada
JapanKoreaChinaHong KongSingaporeAustraliaBrazil
Mexico
India
The SonicWALL Global Presence
25 offices around the world Conducting business in over 50 countries
04/19/234 CONFIDENTIAL All Rights Reserved
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential5
Policy and Management
Business ContinuityBusiness Continuity
NetworkSecurityNetworkSecurity
ContentSecurityContentSecurity
MarketConvergence
Vendor /Technology
Convergence
End User /Channel
Convergence
Content Security
NetworkSecurity
BusinessContinuity
Policy andManagement
Inbound & OutboundContent Filtering
Anti—VirusAnti-SpywareAnti-SPAM
UnifiedThreat
Management
(Gateway AV, Anti-Spy, IPS)
SSL-VPN
Secure Backup and Recovery
Compliance
Patch Management
Policy Creation
MonitoringReporting
Management
Comprehensive & Continuous Protection for our End-UsersPredictable & Profitable Growth for our Channel Partners
Comprehensive & Continuous Protection for our End-UsersPredictable & Profitable Growth for our Channel Partners
Keep Businesses Running Increase IT Productivity
Manage Risks
How it all fits together
6
Global ManagementSecure Wireless
SonicPoint NGlobal Management System
(GMS) & Viewpoint
Content SecuritySecure Networking
TZ & NSA Email Security
Business Continuity
Continuous Data Protection(CDP)
Remote Access
Aventail & Sonicwall SSL-VPN
Our Solutions
04/19/23CONFIDENTIAL All Rights Reserved
Continuous Data Protection
04/19/237 CONFIDENTIAL All Rights Reserved
8
The Importance of Disaster Recovery Planning Business Continuity and Disaster Recovery planning is important to any
organization Any unplanned event that is disruptive to the business can prevent
employees from getting to what they need A properly defined Business Continuity plan often can keep the business
operational It is not just about data center redundancy- it is also about ensuring that
employees can keep working from anywhere when the need arises
“Companies and employers that have not done so are being urged to establish a business continuity plan should the government direct state and local governments to immediately enforce their community containment plans” Kevin Nixon, How to Prepare for Swine Flu Pandemic (CSO Podcast)
“Companies and employers that have not done so are being urged to establish a business continuity plan should the government direct state and local governments to immediately enforce their community containment plans” Kevin Nixon, How to Prepare for Swine Flu Pandemic (CSO Podcast)
04/19/238 CONFIDENTIAL All Rights Reserved
Continuous Data Protection
It takes a long time to recover a lost file from a tape If you forgot to back it up If you have lost the tape If you accidentally erased it If it never backed up properly
but you didn’t know Or if the magnet in your door
speaker wiped it when you took it off site!
04/19/239 CONFIDENTIAL All Rights Reserved
Familiar Situations?
“I just so happened to check my backup tape and it hadn’t been working for five months. I’ve been hauling those tapes around for nothing…”
- Network Administrator, National Fidelity Mortgage
“total and complete RAID array failure in their server. Backup has not been run since 10/20/2000. Try to restore from that tape: blank. Next tape. Blank. Next tape. Blank.... and so on”.
- Scott Sanford, ST Computer Consulting
Key DriversBusiness Drivers
Mass Digitization: Value, complexity, and volume of native documents growing exponentially
Business Continuity: Reliable, and instant, disaster recovery now a requirement
Mobile Offices: Remote workers and distributed networks increasing the complexity of managing and administering data protection
Regulatory Compliance: HIPAA, Sarbanes-Oxley, and other acts increasing the amount and length of time that data must be stored and actively searchable
Technology Drivers
Tape Performance: Increasingly viewed as unreliable, hard to manage, and vulnerable to physical loss
Multiple Vendors: Tech support, versions
Disk Cost: Decreasing cost and availability
Network Adoption: Driving investment in anti-virus, firewalls, anti-spam, and protection
SMBs need a more reliable, easier to manage, and real-time solution for data protection
Losing Critical Business Data (or access to it) is bad because …
It costs time Administrator’s time to recover the data (if even possible) Employee time to recreate the data (if even possible)
It costs money, and inefficiency Lost revenue and customers Staff cannot be doing the work they should be doing
It can result in Regulatory or Compliance penalties HIPAA, PCI, SOX, …
It can ruin small companies One study reports that 50 percent of companies suffering
serious data loss will be out of business within 5 years [1]
[1] Jon Toiga, Disaster Recovery Planning: Managing Risk and Catastrophe in Information Systems, (Yourdon Press, 1989).
04/19/2312 CONFIDENTIAL All Rights Reserved
But how does critical business data get lost or become inaccessible
Natural disaster Fire, flood, earthquake, hurricane, etc.
Local disaster Facility damaged or unusable for any reason
Hardware failure Drive failure Lost or damaged laptop Hardware simply dies of old age (SMB computers are on average 4-5 years
old) Human Error causes between 33-40% of all data loss.
Source MS
Accidental deletion Open a spreadsheet, clear all cells, save the spreadsheet
But all of the above have one simple root cause …
04/19/2313 CONFIDENTIAL All Rights Reserved
CONFIDENTIAL All Rights Reserved14
Root Cause for lost data
There was no complete end-to-end solution in place to ensure data could be restored under all circumstances
“The truth is you can backup all you want but if you can’t recover it, it’s doesn’t do any good. In the end, backup
doesn’t matter, recovery does” Source Gartner
04/19/23
CONFIDENTIAL All Rights Reserved15
For Small and Medium Businesses it is especially problematic
Many SMBs are not experienced with computers
Conventional tape backup systems are expensive and complicated
Many SMBs have to rely on 3rd party providers for maintenance so speed of assistance is an issue
SMBs do not typically have Disaster plans “It will never happen to us” “We’re too small for Disaster Recovery Planning”
04/19/23
CONFIDENTIAL All Rights Reserved16
Do you know how many …?
SMB Users do NOT have adequate data protection?
* ITAA (Information Technology Association of America)
** Gartner
^ Yankee Group
^^ Infostor
SMBs only backup data onsite?
SMBs (that have protection) use tape back-up?
80%*
64%**
90%^
Nightly tape-based backup jobs fail? 5-20%^^
IT Managers couldn’t recover data from their tape backup system? 40%^
04/19/23
Tape Back-up is Complicated
Customers are asking for …
Complete end-to-end solution
Simple installation with minimal administration
Central policy and update management
User transparent backups with better granularity than tape backups
User-directed restore – no administrator needed
Ability to restore from a granular choice of versions
Flexible Disaster Recovery capabilities including ability to restore onto different hardware
04/19/2318 CONFIDENTIAL All Rights Reserved
Onsite and Offsite Back-up are Required
The CDP Solution
CDP 5.0 Product Overview
Focus is on data restore under all circumstances including:
Accidental deletion of files and application data User-directed restore – no admin needed
Inoperability of workstation or server Bare Metal Restore to recover computing environment, then CDP to
restore data Replacement hardware different to original
Bare Metal Restore (Universal) to recover computing environment to dissimilar hardware, then CDP to restore data
Local or Natural Disaster•Offsite Portal•Site-to-Site•Local Archiving•BMR(U)
04/19/2321 CONFIDENTIAL All Rights Reserved
CDP is easy to install and configure
Local Archive
USB
InternetOffsite Portal
SQL Exchange
AD
1. Install CDP Appliance
2. Install and configure an agent on each workstation or server to be protected
3. Optionally select a disaster recovery option
Site-to-site
TCP/IP
04/19/2322 CONFIDENTIAL All Rights Reserved
SonicWALL CDP is a complete end-to-end restore solution
CDP Appliance
Local Archive
USB
InternetOffsite Portal
CDP Appliance
Site-to-site
TCP/IP
SSL VPN
InternetSSL VPN
Mobile devices backed up over VPN
All-in-one h/w and s/w
Central policy & upgrade
management
SQL, AD, Exchange
Servers,
Desktops,
Laptops,
backed up
transparently
BMR(U) for Servers, desktops, laptops
4 Disaster Recovery options
04/19/2323 CONFIDENTIAL All Rights Reserved
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential24
Internet
SonicWALL CDP Platform: Simple, End-to-End Data Protection
The SonicWALL Advantage
• Integrated = Cost savings
• CDP = Real-time Protection
• Local and offsite = Secure
• End-to-End = Reliability
A Complete Solution…
Local
Offsite
SonicWALL CDP is a breakthrough, simple, end-to-end data protection platform targeting the SMB market
SonicWALL CDP is a breakthrough, simple, end-to-end data protection platform targeting the SMB market
What is Continuous Data Protection?
The ability to continuously backup ever-changing data
Workstations and Servers (Agents)
Folders and Applications
with Data
Appliance
Continuous Backup
Offsite Service
Offsite Backup
Policy
Definitions
Downstream CDP Appliance–
CDP in LAN on the customer’s site doing offsite backup
aka Local CDP, Client CDP, Downstream Node
Upstream CDP Appliance –
CDP that is receiving data from another CDP
aka Offsite CDP, Portal CDP, Remote CDP
Box-to-Box Backup
One-to-one backup
Many-to-one backup
Allows partners to ‘host’ offsite backup
Use in distributed network for companies with branch offices
End-to-end protection
Key Features
Simple, easy to use
AES 256-bit Encryption Data is sent and stored encrypted to other CDP box
Stores most current version of data Disaster at 5pm, get up and running with data from 4:59pm
Flexibility Send all or some of data to another CDP box
Only sends blocks that have changed
Minimal configuration and training
Mix-match CDP models
One to One Backup – VPN/WAN
• 1 Node SKU
• Valid support contract
Many to One Backup
• 2 Nodes
• Valid support contract
Benefits of Box-to-Box Backup
Secure, confidential data backup and recovery
Additional protection against data loss
Easy deployment
Quick recovery of data, settings and configurations or settings
Alternative to the SonicWALL Offsite Portal
Data Recovery
Scenarios A file needs to be recovered An agent needs to be recovered Disaster Recovery
Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
football.doc
File Backup and Restore Operation
ApplianceAgent
football.doc
V1
Offsite Service
Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
football.doc
File Backup and Restore Operation
Appliance
Offsite ServiceAgent
football.doc
V1 V1football.doc
Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
football.doc
File Backup and Restore Operation
Appliance
Offsite ServiceAgent
football.doc
V1 V1football.doc
V2
V2
Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
football.doc
File Backup and Restore Operation
Appliance
Offsite ServiceAgent
football.doc
V1 V1
football.doc
V2
V2
Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
football.doc
File Backup and Restore Operation
Appliance
Offsite ServiceAgent
football.doc
V1
football.doc
V2V3 V3
V3
Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
football.doc
File Backup and Restore Operation
Appliance
Offsite ServiceAgent
football.doc
V1
football.doc
V2V3
V3
Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
File Backup and Restore Operation
Appliance
Offsite ServiceAgent
football.doc
V1
football.doc
V2V3Restore
football.doc
V2
Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V3
File Backup and Restore Operation
Appliance
Offsite ServiceAgent
football.doc
V1
football.doc
V2V3
football.doc
V4
Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V3
File Backup and Restore Operation
Appliance
Offsite ServiceAgent
football.doc
V1
football.doc
V2V3
football.doc
V4 V4
Agent Recovery
Agent is destroyed or lost Data can be easily recovered off of the appliance
Appliance
Continuous Backup
Offsite ServiceOffsite Backup
Agent 1
Agent 2
Agent 3 Agent 3b
Restore
Offsite Backup
Disaster Recovery
Appliance and agents destroyed Appliance can be replaced and latest data recovered from the offsite
Appliance
Continuous Backup
Offsite ServiceOffsite Backup
Agent 1
Agent 2
Agent 3Appliance 2
Restore
Agent 1a
Agent 1b
Agent 1c
Main Hardware Components
SonicWALL’s CDP Hardware Components
Appliance
Offsite Service
Compressed Data
AES Encrypted
Data
Client
Server Client
Server
Includes: Workstations, laptops and servers
Agent
Backup Targets
File Based CDP Agent interfaces with file system
Application Based CDP (AB-CDP) Agent interfaces with application
CDP Implements two Backup Mechanisms
Multiple Folders with Multiple Files
Outlook
Microsoft Exchange
Active Directory
SQL Server
CDP 5.0 Hardware Appliances Product Portfolio
CDP 110
CDP 210
CDP 5040
CDP 6080
04/19/2346 CONFIDENTIAL All Rights Reserved
Appliance CharacteristicsWorkstation Models Server Models
Appliance CharacteristicsCDP 110
CDP 210
CDP 5040
CDP 6080
Form Factor Desktop Desktop 1U 2U
RAID Support - - RAID 5 RAID 5
RAM 512MB 512MB 2GB 4GB
Internal Drives 1 fixed 1 fixed 4 repl 4 repl
Total raw capacity 400GB 1TB 2.25 TB2.25TB
4.5 TB**
Total usable capacity ~@2:1 ~0.8TB ~2TB ~4.5 TB~4.5 TB
~9 TB**
Network Interface 100BaseT 100BaseT GbE GbE
Redundant Power protection - - - Yes
Field replaceable hard drives - - Yes Yes
** With optional Disk pack upgrade SKU
04/19/2347 CONFIDENTIAL All Rights Reserved
CDP Features
Workstation and Server Platform support* Vista, Win XP Windows Server 2000, 2003, 2008 Linux Debian 3.1, Suse 10.1, Fedora Core 5, Redhat
Enterprise Linux 3
Client Application support* Microsoft Outlook, Outlook Express
Server Application support* Exchange 2000, 2003, 2007, User mailbox SQL Server 2000, 2005, 2008 Active Directory 2000, 2003, 2008
*See websites for up to date list (updated regularly as matrix expands)
04/19/2348 CONFIDENTIAL All Rights Reserved
CDP Features
Local Archiving using USB 2.0 drive
Monitoring & Alerting For Site-to-Site and Offsite Portal (Email alerts to
administrator )
Reporting (Emailed to administrator ) Agents’ activity collected on Downstream CDP Downstream CDPs’ activity collected on Upstream
CDP (for Site-to-Site)
04/19/2349 CONFIDENTIAL All Rights Reserved
File Based CDP Targets
A folder is the basic target unit The entire underlying folder tree is monitored and backed up by the agent service
Target Folder
Folder Tree
Root and Common Folders
Agent Service monitors a collection of targets
Two category of folders are specified Root Folders
Absolute Addresses Like C:\Ajax\Players
Common Folders Specific User Folders Desktop Favorites My Documents
Ajax
Common Folders
Enterprise Manager Sets backup for all users
on an agent
Agent Tool Can set targets on a per
user basis Can only restore data for
authorized users
Block Level Processing
File data is always processed in blocks Limits usage of CPU, memory and network resources.
ApplianceAgent Offsite Service
Agent
Block Processing
File Data
Appliance
Block Processing
Offsite Service
Block Processing
Agent Service and the File System
Agent Service and Windows
Operating System File System
Agent Service
Disk
Captures:
• Windows Save Notification
• File Address Region and Offsets where data is written
Applications
Bypass Backup for Certain Files for Backup
Scheduling Backups
File backup is delayed To achieve file stability To reduce network utilization
Wait time depends on File Size Last Backup Incremental vs. Full Backup
WAITPERIOD
Windows Save Notification
FileBackup Process
High Probability of File “Stability”
Block Level Processing on Agent
Agent Performs 3 Processing Steps
Dismantles into Blocks
Compresses as needed
File Data
Agent
To
Appliance
Sends
Block Level Processing on Appliance
Appliance Receives and Stores blocks Sends latest file and database revisions to the Offsite Service
Incrementally Backs-Up Blocks
StoresFrom Agent
AES EncryptsTo
Offsite Service
Appliance
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential58
Bare Metal Recovery
Create image of entire disks or individual partitions
Image includes everything - applications, data, updates, user preferences, patches, etc.
Unique Snapshot technology creates image without shutting down system, closing applications or interrupting operations
Restore entire image to recover a failed system quickly
Create bootable media that includes all necessary drivers
Browse image archives / Restore individual files and folders
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential59
WHAT TO FIND – WHERE?
3 main resources:
www.sonicwall.com
https://partnerlink.sonicwall.com/emea/
www.mysonicwall.com
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential60
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential61
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential62
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential63