Increased Security, Greater Agility, Lower Costs for AWS DELPHIX FOR AMAZON WEB SERVICES
TABLE OF CONTENTS Introduction... 3 Overview: Delphix Virtual Data Platform... 4 Delphix for AWS... 5 Decrease the Cost of Operating in AWS... 8 Delphix Deployment Options... 11 2
INTRODUCTION COMPANIES OF ALL SIZES ARE USING THE CLOUD Cloud deployments are rapidly becoming not just feasible but essential for both small-to-medium-size businesses and large, established organizations. The cloud promises transformative gains in elasticity and agility while reducing costs. It enables rapid infrastructure deployments across teams and locations. Furthermore, it allows organizations to rapidly spin up the infrastructure they need on a per-project basis, cutting project timelines and replacing large capital expenditures with usage-based pricing. With Amazon Web Services support for hybrid solutions, such as production on-premise and non-production in the cloud or cloud burst capacity, a far wider range of applications are taking advantage of the cloud than ever before. IOPS COSTS, COMPLIANCE & SECURITY, AND APPLICATION QUALITY However, organizations moving to the cloud face several challenges. Among the most salient of these is cost. While the per-gigabyte cost of storage is low, cloud providers charge separately for compute and IOPS. Low initial charges can thus rise rapidly, especially when unexpected operations, such as backup recovery, are required. These costs cut into cloud benefits: organizations cannot take advantage of added agility if data movement pricing is prohibitive. The cloud also raises serious challenges of compliance and security. Sensitive data must often be protected before it is sent to the cloud, sometimes under threat of regulatory penalties. This adds an additional layer of complexity and delay to cloud operations. If a cloud deployment replaces an older on-premise application, there may also be a compliance need to keep the old application active; this makes cloud options less accessible. Finally, cloud agility only addresses some of the bottlenecks that constrain major IT projects. A cloud deployment can spin up additional hardware rapidly, but may be no faster than a traditional datacenter at standing up an environment, refreshing its data, or recovering a prior state. DELPHIX & AWS COMMON USE CASES: Cloud Migrations Disaster Recovery Hybrid Application Development and Test Backup and Recovery Archiving Data Masking Copy Data Management DELPHIX HELPS ORGANIZATIONS: Accelerate cloud migrations Decrease AWS operating costs Govern data and achieve compliance in AWS Eliminate data security risks Implement efficient hybrid cloud environments Double application development agility and output 3
OVERVIEW: DELPHIX VIRTUAL DATA PLATFORM Delphix provides virtualized environments of databases, applications, and files by abstracting data from hardware and storage. Through intelligent data block mapping and sharing, Delphix eliminates widespread data redundancy and provides market-leading virtual data delivery capabilities. Delphix can provision virtual environments for any IT function including development, QA, reporting, analytics, or data recovery. These virtual environments function just like full physical copies, but consume a fraction of the space and can be created in a fraction of the time. Delphix virtual environments can be refreshed in minutes, bookmarked and rolled back to previous points in time, and mapped to specific code builds, all with self-service and with 90% less infrastructure. As a result, IT organizations operate faster and at a lower cost. Further, Delphix maintains synchronization with production by collecting changes and tracking all versions for as long as required. Delphix non-disruptive synchronization eliminates 95% of source and network load caused by full data extraction and movement, and each virtual environments can be quickly and automatically refreshed to provide full data from any point in time. VIRTUALIZE GOVERN DEPLOY Efficient, near real-time Secure copies on-demand Run 10 copies in space of 1 10x less bandwidth required Manage release versions 10x time, storage savings Any app, server, storage Store 30 days in space of 1 On-premise, offsite, cloud The capabilities of the Delphix Virtual Data Platform are supported across a large number of data sources and delivered as a software virtual appliance referred to as the Delphix Engine. The virtual appliance form factor of the Delphix Engine maximizes deployment flexibility, scale, availability and cloud readiness. 4
DELPHIX FOR AWS ENABLE SUCCESSFUL AWS PROJECTS Delphix helps organizations accelerate their AWS projects and operate more efficiently in AWS environments with: 1. Increased data security 2. Superior data management & agility 3. Lower AWS costs INCREASED DATA SECURITY GOVERN DATA, ACHIEVE COMPLIANCE & ELIMINATE RISK The lack of visibility and control in a public cloud s infrastructure layer is a major area of concern when assessing the risk of moving sensitive data or workloads to AWS. In order to justify using AWS or any public cloud environment for business critical workloads, smart CISOs and IT leaders will choose solutions that ensure their cloud projects meet compliance requirements and reduce their level of risk. With Delphix, organizations can govern data changes, achieve compliance, and eliminate the risk of sensitive data residing in AWS. Many organizations want to take advantage of cost-effective elastic cloud environments but cannot justify the risk of having sensitive data in a public cloud such as AWS. This is especially true in industries such as finance, retail, government, and healthcare where regulations mandate protection of sensitive data. Delphix provides an innovative solution for data security by delivering in-line data masking to ensure that sensitive data is never sent to AWS without first being masked. This eliminates the risk of sensitive data being stored and potentially compromised in AWS. It s important to note that an intelligent data masking strategy can provide better risk mitigation than identity management, encryption, or some network security solutions if the data is never sent to AWS, then compromises in other security controls won t result in a breach of sensitive data. For more detail on Delphix Data Masking, please download the Delphix Agile Masking data sheet. 5
DATA MASKING & GOVERNANCE AWS AUTOMATICALLY MASK SENSITIVE DATA ENCRYPTED TRANSMISSION & SINGLE COMMUNICATION PORT PRODUCTION MASKED DATA SYNC REPLICATE FIREWALL AUDIT CHANGES, PROVIDE SOURCE OF RECORD ON PREMISE Data and network security can also be a challenge for AWS projects. Even though secure VPN connections to the cloud can be achieved via AWS services such as Virtual Private Cloud (VPC), organizations still want to minimize the number of communication ports that are exposed to any outside environment. Delphix replication can be utilized both for migration into AWS and for maintaining a seamless connection between on-premise datacenters and AWS Regions. Delphix replication provides added layers of network security, allowing organizations to take advantage of Delphix network layer encryption over the existing VPN, and by restricting access to only the Delphix replication communication ports. Tracking and auditing changes in a cloud environment can require multiple management and alerting tools, and an additional set of tools to enforce change control or perform remediation. Delphix built-in logging provides organizations with a source of record of the location of your data in the cloud, who is accessing it, and what changes have occurred. Delphix also enables immediate remediation by providing the ability to quickly roll back data and environments to a known-safe point in time. 6
INCREASE BUSINESS AGILITY PROVISION, REFRESH, REWIND & ARCHIVE ENVIRONMENTS IN MINUTES The goal of operating in public IaaS clouds like AWS is to get infrastructure layer agility benefits such as elastic compute and storage. Unfortunately, these infrastructure layer agility features rarely (if ever) extend to the entire application stack. Customers must still address the same challenges as on-premise environments when it comes to installing and managing their applications and data, as well as provisioning and refreshing data constantly. With Delphix, organizations achieve agility throughout the entire application stack with the ability to provision full environments in minutes, and to refresh, rewind, and archive entire environments. AWS REGION-TO-REGION REPLICATION AWS EAST AWS WEST SELF PROVISIONED & REFRESHED DATA REPLICATE ONLY CHANGED DATA REDUCE BANDWIDTH NEEDS BY 10X ONLY PROVISION WHEN NEEDED REDUCED COSTS: LICENSE & IAAS Using Delphix to operate across AWS Availability Zones is a prime example of how Delphix can deliver full application stack agility. It s great to be able to use AWS orchestration to rapidly spin up compute and storage in a different AWS zone for disaster recovery or any number of elastic compute purposes but refreshing a large dataset or database across Availability Zones can result in paying a steep border tax for moving data within AWS. Utilizing Delphix, customers can refresh, for example, a 2TB database that is currently in AWS East to an EC2 instance in AWS West by moving only 20GB of data. Scenarios like this open up vast new use cases of agility and can enable an efficient global AWS deployment without borders. 7
DECREASE THE COST OF OPERATING IN AWS In order to achieve the desired cost savings when moving to AWS (or any public cloud IAAS), organizations must minimize: 1. Cost, time and risk of migrating environments to the cloud 2. Infrastructure and administration costs of operating in the cloud MIGRATING TO AWS: TESTING, MODERNIZATION, AND MIGRATION Thorough testing before migrating to AWS is a critical part of any successful AWS migration project. As part of an AWS migration, organizations may also need to modernize their applications for example, porting an application from a legacy Unix platform to an AWS supported version of Linux. Delphix helps organizations accomplish all of these testing and modernization tasks with exceptional efficiency. Delphix delivers parallel virtual environments that improve the quality and speed of QA, user acceptance, and development testing all with no impact on current production environments. Delphix also delivers on-demand access to full, current datasets throughout the testing environment both on premise and in AWS. The result is that organizations accelerate their migration projects by performing more thorough testing in a shorter period of time. Delphix also provides the ability to effortlessly convert legacy Unix environments into Linux. Simply sync Delphix with a Unix environment and Delphix performs the endian conversion necessary to provision that environment into Linux drastically accelerating the modernization phase of a cloud migration project. A common challenge to successful AWS migrations is the large amount of data that needs to first be migrated into the cloud and then constantly refreshed with current data. Delphix WAN optimization utilizes compression and block filtering to significantly cut down on the amount of data sent during the first upload into AWS. After the initial upload, Delphix replicates only changed data blocks to AWS by collecting incremental changes forever eliminating all future full data uploads. The result: Delphix drastically reduces the time and cost of uploading data into AWS and across AWS regions. 8
This capability also helps reduce the downtime associated with the switch to AWS. Because Delphix enables easy replication between on-premise and cloud deployments, the cloud environment may be spun up, synced with onpremise and validated while the on-premise deployment continues to serve users. The switchover then occurs without downtime or inconsistency. Finally, the Delphix Live Archive feature enables efficient archival of entire environments prior to migration to AWS. The archived environments can then be restored in minutes to satisfy audit requirements, environment rollback, disaster recovery or any other purpose. ARCHIVING & DISASTER RECOVERY AWS PRODUCTION ARCHIVE FULL ENVIRONMENTS TO AWS SYNC REPLICATE ON PREMISE RAPIDLY PROVISION ONLY WHEN NEEDED 9
OPERATING IN AWS IAAS AND LICENSING For environments migrated into AWS as well as environments that were born in the cloud, Delphix provides additional cost savings by significantly reducing the cost of AWS compute, storage, IOPS and licensing. Utilizing Delphix, customers have already seen a reduction in their monthly AWS costs of 50% or more. Delphix data efficiency utilizes compression, block sharing, and block filtering to store 20-50 virtual environments in the storage footprint of one physical environment. Delphix also provides Continuous Data Protection (CDP) the ability to rewind and restore an environment from any point in time. CDP eliminates the need for and associated costs of creating and managing backup snapshots. Managing provisioned IOPS for high performance persistent workloads, tends to be one of the most difficult challenges facing AWS customers. Here, Delphix lowers costs by providing a shared IOPS pool across environments, allowing users to avoid paying high IOPS costs for seldom-utilized environments. In many instances, Delphix actually eliminates the cost of expensive high performance EC2 instances by enabling intelligent bursting, rapid provisioning, and higher utilization. Furthermore, AWS infrastructure savings with Delphix increase with the number of environments, amount of storage, and amount of IOPS leading to even higher ROI in large-scale deployments. Finally, by intelligently provisioning environments on-demand, Delphix enables further savings when using AWS services where the BYOL licensing format is utilized. These savings are especially relevant for disaster recovery scenarios since license fees can be avoided in the recovery environment until the time of failover. 10
DELPHIX DEPLOYMENT OPTIONS A SCALABLE, FLEXIBLE DEPLOYMENT ARCHITECTURE With AWS, organizations are offered a scalable infrastructure, multiple architecture options, and open APIs for orchestration and integration within the entire environment. Savvy IT organizations realize that integrating their AWS environments with a solution like Delphix which provides the same level of architecture flexibility and orchestration through open APIs, helps drive successful and effective AWS projects. Delphix supports a wide range of deployment options to empower any combination of hybrid or born-in-the-cloud scenarios, and Delphix provides a full set of APIs for integration with a variety of orchestration and DevOps tools. The Delphix Engine runs as an Amazon Machine Image (AMI) and supports multiple EC2 instances and AWS regions. ARCHITECTURE EXAMPLE AWS PRODUCTION BRIDGE & BURST WORKLOADS INTO AWS Amazon EC2 / EBS SYNC REPLICATE ENCRYPTED TRANSMISSION VPC SYNC BACKUP Amazon EC2 / EBS Amazon S3 ON PREMISE REDUCE BANDWIDTH NEEDS BY 10X & ACCELERATE CLOUD MIGRATIONS virtual private cloud $ INCREASE AGILITY & DECREASE COSTS If organizations plan to utilize AWS as an extension of an on-premise environment, Delphix can be used to bridge or burst into the cloud in an efficient and cost-effective manner. Installing a Delphix Engine on-premise and replicating to another Delphix Engine in AWS creates a seamless hybrid cloud environment with a variety of efficiency benefits such as WAN optimization sending only changed blocks and discarding zero or unused blocks to minimize the data transferred. This hybrid option also delivers the data encryption and compression benefits of Delphix replication and enables data masking to be implemented so that sensitive data can be masked prior to being sent into AWS. Alternatively, many organizations have already cut the tether line and are now delivering suites of services from AWS without any connections to on-premise datacenters. In these scenarios, Delphix provides cloud-born environments with full application stack agility benefits such as fast provisioning, instant data refreshes, and continuous data protection. Delphix also delivers the additional benefit of AWS licensing and infrastructure cost savings. DELPHIX AWS REGION SUPPORT US East (N. Virginia) US West (Oregon) US West (Nor Cal) EU (Ireland) Asia Pacific (Singapore) Asia Pacific (Tokyo) Asia Pacific (Sydney) DELPHIX EC2 INSTANCE SUPPORT i2.2xlarge i2.4xlarge i2.8xlarge 11
Delphix for Amazon Web Services March 2015 You can find the most up- to- date technical documentation at: http://www.delphix.com/support The Delphix Website also provides the latest product updates. If you have comments about this documentation, submit your feedback to: help@delphix.com Delphix Corp. 275 Middlefield Road, Suite 210 Menlo Park, CA 94025 www.delphix.com 2015 Delphix Corp. All rights reserved. The Delphix logo and design are registered trademarks of Delphix Corp. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.