Presentation on theme: "Transforming Business Risk into Operational Efficiency Val Bercovici Chief Technical Architect Network Appliance."— Presentation transcript:
Transforming Business Risk into Operational Efficiency Val Bercovici Chief Technical Architect Network Appliance
NetApp Confidential -- Do Not Distribute2 People l Appliances reduce people costs l Leverage knowledge Time l Deploy rapidly l Embrace change l Perform! Risk l Reliability l Availability l Non-repudiation l SOOTHe Money l Spend Less l Thin Provisioning l RAID-DP l Snapshots™ l Earn More NetApp’s Business Value
NetApp Confidential -- Do Not Distribute3 Regulatory Compliance Market Drivers Market Drivers Regulations SEC 17 a-4 Sarbanes-Oxley NASD 3010/3110 DOD 5015.2 SB 1386 Graham Leach Bliley HIPAA Basel II Patriot Act 21 CFR Part 11 Check 21 Litigation Protection Compliant Storage Requirements Data Permanence Immutable storage Data authenticity Data integrity Data replication Privacy & Security Authorisation Access controls Encryption Auditing Secure deletion
NetApp Confidential -- Do Not Distribute4 Regulations and Required Storage Features Summarised WORM non- rewritable non erasable Write confirmation Error detection & correction File retention Authorization & access controls Encryption & data shredding SEC 17a-4 Sarbanes- Oxley Section 802 Gramm- Leach- Bliley Act 21 CFR Part 11 HIPAA Regulations & Required Storage Features
NetApp Confidential -- Do Not Distribute5 Regulatory Compliance: Diverse & Evolving Requirements OpticalTapeATAFibre Channel RetainSecureProtectReplicateDestroy Home grownOff the shelfVendor proprietary Evolving regulatory requirements plus data center complexity requires storage solutions to be flexible Many regulations with diverse requirements Multiple storage mediums in a single environment Many applications that perform specific tasks Structured Data Semi-Structured Data Unstructured Data All data types under regulatory purview
NetApp Confidential -- Do Not Distribute6 Compliance Business Requirements: Questions to ask Long Term Data Access How quickly can I retrieve my stored data? Will I be able to access stored data years from now? How dependant am I on this vendor for access to my data? Flexibility & Scalability If additional data types become regulated, will this platform support them? Am I restricted to purchasing a similar system to replicate data? Can I use it for anything other than regulatory compliance? Integration & Ease of Management Can I easily back up/migrate data to another storage device? We use a 3rd party email archival application, will it integrate with this hardware platform?
NetApp Confidential -- Do Not Distribute7 Un-Structured Data - The Compliance Conundrum Policy Driven Compliance All Un-structured Data OR Regulated Document? ? Unregulated backup? ? Limited retention? ? Personal document ? Residual “non- compliance” risk Selective, policy based retention Across the board compliant retention Eliminate Guesswork & Regulatory Risk Author? Date? Workgroup? Keywords? File Type? Unified Backup & Compliance
NetApp Confidential -- Do Not Distribute8 Compliant Backup of Unstructured Data Customer Case Study: Customer Profile: Large multinational Financial Services Corporation –Environment Hundreds of file/application servers Many PB of un-structured data Dozens of branch offices worldwide Had already implemented compliant retention of email –Issue Regulatory audit highlighted need for compliant retention of certain unstructured data –Compliance Requirements Immutable copies of all file servers, on a nightly basis Mirrored copy of all compliant data
NetApp Confidential -- Do Not Distribute9 Customer Case Study: Alternatives Reviewed Content Addressable Storage Just a collection of objects -- no point-in-time view Proprietary APIs: Substantially slower* Vendor/version specific File level single-instance** Uses MD5, not FIPS 140-2 compliant (**) Unified Backup & Compliance Nightly enterprise snapshots available online Open protocols: High performance Truly “future proof” Block level single-instance Independent security controls (*) Customer comparison showed up to 100x performance difference
NetApp Confidential -- Do Not Distribute10 Customer Case Study: Alternatives Reviewed(2) WORM Tape Off-line backups: Limited search and indexing capability High management overhead File level incremental backups Unified Backup & Compliance On-line backups: Quick search and retrieval Easy to manage Block level single-instancing (20:1)
NetApp Confidential -- Do Not Distribute11 Customer Case Study: Tape versus LockVault ™ with NearStore ® Assumptions: No recycling of tape Start with 12 TB data 2% daily change 4% monthly growth Weekly fulls, daily incrementals LockVault with NearStore Tape Day 1 12 TB Day 7 12 TB 14 TB Day 30 13 TB 56 TB Day 365 42 TB 907 TB
NetApp Confidential -- Do Not Distribute12 Primary Site Total Enterprise Compliance Remote Site Servers with Storage (UNIX / Windows – OSSV) ERP/ ECM Server Workgroup Servers Archival Application NearStore FAS Primary Storage UNIX Servers Windows Servers Email Server NetCache IP HTTP FTP FAS Primary Storage Risk Mitigation, Block Incremental Efficiency - LockVault TM File Level Retention - SnapLock TM Unified Backup & CompliancePolicy Driven Compliance Data Privacy Compliance Access Controls, Authentication, Audit Logs, Encryption UNIX Servers Windows Servers Total Enterprise Compliance
NetApp Confidential -- Do Not Distribute13 Regulatory Compliance Key Takeaways Understand the Regulatory Landscape Vague, Complex, Sometimes Contradictory, Evolving Protect Your Investments Leverage from existing infrastructure Utilise solutions based on open standards Implement flexible, scalable storage solutions that satisfy multiple business requirements and support future needs Align Storage Infrastructure to Regulatory Requirements and Business Needs Transform risk into operational efficiency!