More Related Content Similar to Deep Dive: a technical insider's view of NetBackup 8.1 and NetBackup Appliances (20) More from Veritas Technologies LLC (20) Deep Dive: a technical insider's view of NetBackup 8.1 and NetBackup Appliances4. Challenges with Data ManagementToday
© 2017 Veritas Technologies4
Complex Cloud
Migration
Rising Storage
Costs
Fragmented
Protection/Control
Stricter
Regulations
Slow App
Deployment
5. Modernizing Data Protection for the Multi-Cloud Digital Enterprise
Multi-cloud, modern workloads, resilient infrastructure, security, integrated data management
© 2017 Veritas Technologies5
ComplexCloud
Migration
Move to Multi-Cloud
6. Modernizing Data Protection for the Multi-Cloud Digital Enterprise
Multi-cloud, modern workloads, resilient infrastructure, security, data management
© 2017 Veritas Technologies6
Fragmented
Protection/Control
SlowApp
Deployment
Big Data 2012
Big Data 2014
Big DataToday!
7. Modernizing Data Protection for the Multi-Cloud Digital Enterprise
Multi-cloud, modern workloads, resilient infrastructure, security, data management
© 2017 Veritas Technologies7
Fragmented
Protection/Control
Rising Storage
Costs
Always-On, Easy-to-Deploy
Scale-Out Infrastructure
Active-Active HA Clusters Right-for-Me Deployment Options IT-as-a-Service
100s petabytes • max performance
zero downtime • end-to-end dedupe
ü software defined
ü integrated appliances
ü virtual appliances
workload owners • multi-tenant
role-based • end-users
• • • APIs
datacenter • remote office
private • public • hybrid clouds
9. Modernizing Data Protection for the Multi-Cloud Digital Enterprise
Multi-cloud, modern workloads, resilient infrastructure, security, data management
© 2017 Veritas Technologies9
By 2020, 30% of organizations will leverage backup for more than
just operational recovery (e.g., disaster recovery, test/dev,
DevOps, etc.), up from less than 10% at the beginning of 2016.”
2016 Gartner Magic Quadrant for
Data Center Backup and Recovery Software
Data Portability
Business Continuity
Data Visibility
Compliance Readiness
Data Protection
Storage Optimization
10. Modernizing Data Protection for the Multi-Cloud Digital Enterprise
Multi-cloud, modern workloads, resilient infrastructure, security, data management
© 2017 Veritas Technologies10
Always-On, Right-for-Me
Infrastructure
Do more with
data protection
Modern Scale-Out
Workloads
Any Network
Data Security
This image cannot currently be displayed.
Manage
Multi-Cloud
12. NetBackup 8.1 | CustomerValue
© 2017 Veritas Technologies12
Manage
Multi-Cloud
ü Leverage multi-cloud for
long term storage
ü Fastest and the most
efficient backup to cloud
ü More choice for cloud
storage platforms
ü Cloud confidence with
fully certified connectors
Modern Scale-Out
Workloads
ü Deploy scale-out
workloads
ü Accelerate deployment
of modern workloads
ü Protect Hyper-
Converged environments
ü Granular control and
faster speed for VMs
ü Instant access to Oracle
applications
Always-On, Right-for-Me
Infrastructure
ü Simplified deployment,
upgrades, maintenance
ü Greater deployment
options with virtual
appliances for remote
office and datacenter
ü 50% faster Isilon backups
ü Zero downtime for backup
and recovery with
appliance HA
ü Ready when you are.
360 data management does
more with data protection
ü Global data visibility to reduce
storage cost and risk
ü Multi-cloud migration and
single-click disaster recovery
ü Instant access to data to
accelerate dev/ops
ü Integrated software defined,
scale out object storage
Any Network
Data Security
ü Safe and secure across
any network.
13. NetBackup 8.1 | Leverage Cloud for LongTerm Retention
© 2017 Veritas Technologies13
IntroducingVeritas NetBackup CloudCatalyst
Check-out HOLs
For CloudCatalyst
16. NetBackup 8.1 | Leverage Cloud for LongTerm Retention
© 2017 Veritas Technologies16
OTHER VENDORS
NetBackup w/ CloudCatalyst
0.7 TB / hr physical
14 TB / hr logical
OTHER VENDORS
0.5 - 9 TB / hr physical
0.5 – 9 TB / hr logical
MSDP @ 95% Dedupe @ 95%
Source data = 1 TB Source data = 1 TB
95% deduped data, NOT rehydrated
Full Backup: CC processes .05 TB
Data rehydrated due to incompatible dedupe
Full Backup: 1 TB sent to gateway
17. NetBackup 8.1 | Granular Options forVMware
© 2017 Veritas Technologies17
VM Restore
EntireVM
Files &
Folders
Applications
VMDK(s)
VM
virtual
18. NetBackup 8.1 | Granular Options forVMware
© 2017 Veritas Technologies18
VM Backup
Exclude
Independent
Disks
Exclude
Boot
Disk
Exclude All
Data
Disks
Exclude Selected
Disks
virtual
virtual
virtual
virtual
19. NetBackup 8.1 | NetBackup Parallel Streaming
© 2017 Veritas Technologies19
#parallestreaming
20. NetBackup Heterogeneous Support | Modern Data Protection
Past
• Static Protection Policies
• Release Dependent
Present
• NetBackup Intelligent Policies
• Agentless forVirtualization
• NetBackup Accelerator
• ReadyWhenYou Are!
• Release Dependent for New
Workloads
• NetBackup Parallel Streaming #parallelstreaming
• Agentless & Modern API Based
• Support new workloads (6 to 8 weeks)
• Release Independent
• ReadyWhenYou Are!
• 3rd Parties Can Develop Plug-Ins
• High Performance Data Protection
• Same NetBackup Reliability!
• Of course, all the existing good stuff
Future!!!
20 © 2017 Veritas Technologies
21. NetBackup 8.1 | Deploy Scale-out & EmergingWorkloads
© 2017 Veritas Technologies21
• Veritas NetBackup 8.1 (and forward) will offer fully integrated, native support for the industry’s
leading database management systems, from open source to commercial DBs
• Sold and supported directly withVeritas NetBackup
• Integrated and certified with NetBackup 8.1 using XBSA and Big Data Frameworks
• Support for both Physical andVirtual environments
• MySQL
• PostgreSQL
• MariaDB
• SQLite
Open Source RDBMS
• Nutanix
• Hadoop
• HBase
• MongoDB
• Cassandra
Big Data, NoSQL, Hyper Converged
• Oracle
• MS SQL Server
• IBM DB2/Informix
• SAP HANA/ASE/MaxDB/Oracle
• Exchange
• SharePoint
Traditional / Commercial
Oct ‘17
Oct ‘17
Nov ‘17
Q1 ‘18
Q1 ‘18
Sep ‘17
Oct ‘17
Nov ‘17
Dec ‘17
22. NetBackup 8.1 | Easy Deployment
© 2017 Veritas Technologies22
• Native Packaging for Clients
- Windows (GA)
- Linux (GA)
- Solaris, AIX, HP (8.1)
• Native Packaging for Servers
- Windows (GA)
- Linux, Solaris (Next)
Native Packaging
• Client Upgrades, Installation, and EEB
Deployment (8.1)
- Chef, SCCM
• Server Upgrades (Next)
• Additional templates (Next)
- Puppet
- Ansible/Yum/Satellite
- HPSA
- Others?
DeploymentTemplates
24. What is Secure Communications &What Problems Does it Solve?
© 2017 Veritas Technologies24
• All communications “in flight” between known NetBackup entities is authenticated
(certificates) and encrypted (TLS)
– We’re protecting the data channel by encrypting it.We’re NOT encrypting the data
• Applies to both ‘control’ channel and ‘data’ channel (includes metadata channel)
• It defines a “boundary of trust”
– NetBackup entities (hosts, services, etc.) are given unique identities (certificates) and can be
“added”, “removed” from the boundary of trust
– NetBackup domain (Single Master, media servers, and clients)
• OpsCenter Server will be handled as a special case similar to NBAC
– One host (NetBackup Client) part of multiple boundaries of trust
NetBackup
This image cannot currently
be displayed.
This image cannot currently be
displayed.
25. Goal for Secure Communications
© 2017 Veritas Technologies25
Provide strong host authentication, host authorization,
integrity, and confidentiality for all communication between
NetBackup hosts and processes using industry standard X.509
certificates and theTransport Layer Security (TLS) protocol.
ü Be safe and secure across any network
ü Modern communications architecture for
cloud and on-premises
ü Provide best in class secure access controlsSecurity
26. Benefits of Secure Communications
© 2017 Veritas Technologies26
üAuthenticate “Machine to Machine” and “User to Machine”
– Mitigates spoofing and “man in the middle” attacks
üEncryption
– Security of data “in flight” via SSL/TLS and encrypting the communication
channels
üSecurity Management
– Ability to easily see/add/remove entities (hosts, services, etc.) in/from
NetBackup’s boundary of trust (long term)
27. Benefits of Secure Communications
© 2017 Veritas Technologies27
NetBackup 8.0 NetBackup 8.1 NetBackup Next
Certificates and deployment
(manual & automatic)
Control path encryption (always enabled) Data path encryption (optional)
Support for single boundary
of trust and internal CA hosted on
Master server
Certificates need to support AIR, DR,
AgentlessVMs, and Cloud.
Secure Comms for MSDP,
BMR, OpsCenter
“View a certificate per host”, “Renew
certificates”, “Revoke certificates”,
“Manually deploy certificates” and “Re-issue
certificate”
Back-level host compatibility,
Catalog recovery changes, Certificate
Revocation Support, Disable insecure
communication, Enable auto detection of
aliases, and Auditing of events.
Catalog passphrase improvements, etc.
Telemetry support Telemetry support
28. Certificate Deployment Security Level
© 2017 Veritas Technologies28
• Very High
Only token based manual deployment of
certificates
• High
Certificates are automatically deployed on
known hosts
• Medium
Certificates will be automatically deployed
on all hosts
31. Summary – Secure Communications
© 2017 Veritas Technologies31
• Certificates are mandatory for NetBackup 8.1
• All communications for NetBackup 8.1 hosts will fail it does NOT have a validate
certificate
• If the host ID certificate is revoked for a host, all communications will be broken
• Catalog Backups require a passphrase to be configured
– This passphrase is critical for DR of Master server
• Enable Insecure Communications
– Default is ON
– If turned OFF, NetBackup 8.0 or previous hosts are not supported for heightened security
34. Copyright © 2017 Veritas Technologies. All rights reserved. Veritas and the Veritas Logo are trademarks or registered trademarks of Veritas Technologies or its affiliates in the
U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or
implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
ThankYou