Review this webinar content to learn how to use the variety of AWS storage services and features to deploy backup and archiving solutions that are low cost and easy to deploy, manage and maintain. We will present reference architectures, best practices and use cases based on AWS services including Amazon S3, Glacier and Storage Gateway. Special topics will include how to move your data securely into the AWS cloud, how to retrieve and restore your data, and how to back-up on-premises data to the cloud using Amazon Storage gateway and other third party storage gateways.

1. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
Backup and Archiving
in the AWS Cloud
Amazon Web Services
August 12, 2014

2. Agenda
• AWS Global Infrastructure
• Traditional vs. Cloud Approach
• Cloud Integrated Backup and Archive Gateways
• Connectivity Options
• AWS Storage and Archive Options
• Retrieve / Restore
• TCO

3. Why AWS for Backup and Archive?
Metered usage:
Pay as you go
No capital investment
No commitment
No risky capacity planning
Avoid opex and risks of
physical media
handling
Control your
geographic locality for
performance and
compliance

4. AWS Global Infrastructure
10 Regions
24* Availability Zones
50+ Edge locations

5. AWS Regions and Availability Zones
Customer decides where applications and data reside
Asia Pacific (Tokyo) US West (Oregon)EU (Ireland)US East (N. Virginia)
US West (N. Cal)
(Asia Pacific) Singapore
AWS GovCloud (US) South America (Sao Paulo)
China (Beijing –
Limited Preview)
Availability
Zone
Availability
Zone
Availability
Zone Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Availability
Zone
Asia Pacific (Sydney)

6. AWS Security
Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure
Regions
Availability Zones
Edge Locations
Client-side Data Encryption & Data
Integrity Authentication
Server-side Encryption
(File System and/or Data)
Network Traffic Protection
(Encryption/Integrity/Identity)
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customer Data
AmazonCustomer
• SAS-70 Type II
• SOC 1 and 2
• ISO 27001/ 2 Certification
• Payment Card Industry (PCI)
• Data Security Standard (DSS)
• NIST Compliant Controls
• DoD Compliant Controls
• FedRAMP Compliant Controls
• HIPAA and ITAR Compliant
• Customers implement their
own set of controls
• Multiple customers with
• FISMA ATOs
• DIACAP ATOs

7. AWS Security
2. Physical and logical security
• Unmarked buildings
• Access restrictions
• Deep Back ground checks
• Multi-factor authentication @ doors
• Armed security guards
• Physical access / Logical access
1. 3rd party attestations
• HIPAA
• PCI DSS Level 1
• ISO 27001
• FedRAMPSM
• DIACAP and FISMA
• ITAR
• FIPS 140-2
• CSA
• MPAA
• SOC 1/SSAE 16/ISAE 3402 (formerly SAS70)
• SOC 2
• SOC 3
3. Best practices
• Data encryption
• Network encryption
• Built in firewalls
• IAM
• MFA
• VPN / VPC
• Direct Connect
• GovCloud
• CloudHSM

8. Traditional Backup and Archive
• Time: Long/slow recovery time
• Money: Capital intensive with ongoing upgrades
• Effort: Complex to manage
• Quality: Low durability, Error Prone
Days or Weeks

9. Traditional Backup and Archive
• Backup Software
• Edge to core topologies
• Dedicated people
• Tape Silos / Tape Libraries
• Tape Drives (LTO-X / DLT / etc)
• Virtual Tape Libraries (VTLs)
• Tape out / Vaulting
• Unified Backup Solutions
• Deduplication
• Compression
• Encryption

10. Traditional Backup and Archive
Tape Systems

11. Traditional Backup and Archive
Virtual Tape Library

12. Cloud Backup and Archive

13. Cloud Backup and Archive
• Backup Software
• Edge to core topologies
• Single pane of glass
• Tape Silos / Tape Libraries
• Tape Drives (LTO-X / DLT / etc)
• Virtual Tape Libraries (VTLs)
• Tape out
• Unified Backup Solutions
• Deduplication
• Compression
• Encryption

14. Cloud Backup and Archive Topologies
1. Branch office backup to cloud
2. Core data center backup to cloud
3. Cloud backup to cloud
4. Hybrid cloud backup

15. Branch office backup to cloud
Considerations:
- Backup Software
- Storage / Caching Gateway
- WAN or Internet
- Deduplication
- Compression
- Encryption
- WAN Acceleration

16. Core data center backup to cloud
Considerations:
- Backup Software
- Storage / Caching gateway
- Direct Connect or Internet
- Telco Burst Models
- Time Warner Telecom
- Deduplication
- Compression
- Encryption
- WAN Acceleration

17. Cloud backup to Cloud
Applications running on EC2 backing up to S3 / Glacier
Considerations:
- Backup software
- Encryption
- Deduplication
- Compression
- Native S3 and Glacier
integration
- AMI Backup Appliance?
- AMI = Golden Master
- EBS Snaps / Scripting

18. Hybrid Cloud Backup
VPC – Datacenter #4
Single GUI for Management

19. Cloud Integrated Backup and Archive Gateways

20. AWS Storage Gateway
• On-premises, virtual iSCSI
storage appliance
• $125 / Month*
• Local cache enables low
latency access to data
• Server Side Encryption (SSE)
• 5 TB of throughput per day
• Recover to Amazon EBS

21. AWS Storage Gateway-VTL
(Virtual Tape Library)
• On-premises, virtual tape library
storage appliance
• $125 / Month
• 10 virtual tape drives / 1500
virtual tape slots
• 150 TB local cache
– VTL – virtual tape library
• Restore in seconds from VTL
– VTS – virtual tape shelf
• Next Generation Offsite Vault
• 24 hour retrieval from VTS
• Encryption in transit and at rest
• Gateway VTL-AMI

22. AWS partner backup and archive solutions
Avere → S3
AWS SGW → S3
AWS VTL → S3-Glacier
BridgeSTOR → S3-Glacier
CA Arcserve → S3
CA Mainframe → S3-Glacier
Commvault → S3-Glacier
Ctera → S3
Druva → S3
Maginatics → S3
Oracle RMAN + OSB Module → S3
Panzura → S3
Riverbed Whitewater → S3-Glacier
Sonian → S3
Veeam → S3-Glacier
Zmanda → S3

23. Commvault
• Unified platform integrates
Backup, Archive, Replication,
Analysis and Search, Alerting,
Reporting, and Tracking of all
data via a single common
code base
• Integrated with Amazon S3
and Amazon Glacier with
deduplication & encryption
support
• Single console management
Amazon S3 Amazon Glacier

24. Riverbed SteelStore
• Local caching appliance
• Presents NAS protocols
– CIFS / NFS
• Up to 30x deduplication
• S3 and Glacier support
• AMI Available

25. Maginatics
• Create a globally accessible, NAS
archive based on SW clients
• NO HARDWARE REQUIRED
• High throughput migration
• Global Namespace, Deduplication,
Locking
• Purpose built cloud file system
• POSIX / SMB compliant
• Windows / Mac / Linux / iOS /
Android
• DEMO!
Amazon S3
EC2 - VPC
On-Premises
and/or
In-Cloud

26. Data Ingestion Options

27. Data Ingestion Options
AWS Direct Connect
Dedicated bandwidth between
your site and AWS
Internet
Transfer data in a secure SSL tunnel over
the public Internet
AWS Import/Export
Physical transfer of media into and
out of AWS

28. AWS Ingest Options
Internet / One Common Theme: Parallel Uploads
1. Multipart upload
2. Request rate optimization
3. TCP window scaling
4. TCP selective
acknowledgement
AWS has customers that ingest roughly 1 PB per day

29. AWS Ingest Options
AWS Direct Connect
• Private connectivity to AWS
– Physical connection – 1 Gbps or 10 Gbps
port
• Consistent network performance
• Consider burst models on ingest
• Reduces costs for bandwidth-
heavy outbound workloads
Locations
• CoreSite 32 Avenue of the Americas, NY
• CoreSite One Wilshire & 900 North Alameda, LA
• Equinix DC1 – DC6 & DC10 - DC11, Ashburn, VA
• Equinix SV1 & SV5, San Jose, CA
• Equinix SE2 & SE3, Seattle, WA
• Equinix SG2, Singapore
• Equinix SY3, Sydney
• Equinix TY2, Tokyo
• Eircom, Clonshaugh
• TelecityGroup Docklands, London
• Terremark NAP do Brasil, Sao Paulo

30. AWS Ingest Options
AWS Import/Export
• Rapidly move data into and
out of AWS
• Portable storage device
shipment to AWS
• Supports
– Amazon EBS
– Amazon S3
– Amazon Glacier
• Use cases
– Initial data migration
– Content distribution via portable
devices
– Disaster recovery

31. AWS Storage and Archive Options

32. AWS Storage and Archive Options
Amazon Simple Storage Service (S3)
Highly scalable object storage
1 byte to 5 TB in size
99.999999999% durability
Amazon Elastic Block Store (EBS)
High-performance block storage device
1 GB to 1 TB in size
Mount as drives to instances with
snapshot/cloning functionalities
Amazon Glacier
Long-term object archive
Extremely low cost per gigabyte
99.999999999% durability

33. AWS Storage and Archive Options
Amazon Elastic Block Store (EBS)
• High I/O block storage for Amazon EC2
• Point-in-time snapshots to Amazon S3
• 99.999999999% Durability
• Snapshot software is FREE
• Point-in-time snapshots across regions

34. AWS Storage and Archive Options
Amazon S3: Trillions of objects under management
• New!: SSE-C
• Time: Instant access, any time, any where
• Money: Pay for what you store / 51% price reduction
• Effort: Scales as you grow
• Quality: 99.999999999% durability

35. AWS Storage and Archive Options
Amazon Glacier
• $0.01 per GB/mo, $120 per TB/yr
• 3-5 hour data retrieval latency
• Archives: single file or zipped files
• Vaults: collection of archives
• Infinite archival storage
• 99.999999999% durability
• Immutable, encrypted by default

36. AWS Storage and Archive Options
Object Lifecycle Management: Amazon S3 → Amazon Glacier
→
• Seamlessly move data from Amazon S3 → Amazon Glacier
• 3-5 hour asynchronous retrieval
• Data lifecycle policies
• $0.01 per GB for Amazon Glacier costs

37. Retrieve / Restore

38. Retrieve / Restore back to On Premises Data Centers
Amazon
Glacier
Amazon S3
3-5 Hour
Retrieval
(staging)
Immediate
Restore
*Storage Gateway mitigates restores from cloud

39. Retrieve / Restore in AWS
$$
Hours
Amazon
Glacier
Amazon S3 Amazon EC2
/ HPC
Amazon
CloudFront
Generating
Business
Value
Mins / Seconds

40. TCO: On-Premises Cost Considerations
1. Primary storage hardware (primary / remote site)
2. DR / Remote site storage hardware
3. Raw to utilized storage (both primary and DR)
4. Storage growth (cost of upgrades)
5. Storage management software and 3rd party tools
6. Professional services
7. Hardware maintenance
8. Software maintenance
9. Backup software
10.Backup hardware (primary / remote site)
11.Offsite tape storage / vault
12.Archive software
13.Archive hardware
14.Power
15.Cooling
16.Space
17.Labor
18.Cost of capital
19.Training
20.Asset depreciation
21.Migration
22.Decommission / remove
23.Recycle

41. Customer Stories
AWS Storage Gateway is used in a variety of ways
Jollibee (JFC) is using the AWS Storage Gateway to backup and
mirror their Oracle SQL server database from their on-premises
data center to AWS. JFC is the largest fast food chain in the
Philippines with revenues well over 2 Billion USD.. The Storage
Gateway also provides us access to the same database
snapshots for use in Amazon EC2, providing a cost-effective in-
cloud DR solution.
AWS Storage Gateway provided us the most cost
effective way to backup our SAP workloads to AWS, it is
helped us perform SAP System ‘refresh’ much faster and
in a more convenient way, backing up to S3 has also helped us
to prepare for DR & also run SAP Dev/QA restores easily on EC2
“Amazon Web Services and AWS Storage Gateway are great
assets that help us scale fast, store data in an ultra-secure
environment, spend more time on product development (rather
than disaster recovery & backup)
…By using AWS Storage Gateway, we went to just hours instead
of days to restore from backup.”
The large Japanese Retail chain uses AWS
Storage Gateway to share & store files in S3 and
drastically cut down it’s spend on premise NAS
footprint.

42. AWS – Your Global Data Center for Backup and Archive
• Choose the region that fits your business and compliance needs
• 10 regions world wide – set up with a few clicks
• Broad range of backup/archive tools that are AWS integrated
• Low cost, reliable AWS Transport and Storage options
• Enhance Security Posture
• Increase Scalability
• Significantly Higher Data Durability
• All at a lower TCO

43. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
THANK YOU
John Downey
aws-bdms-storage@amazon.com