Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Tudor Damian - Microsoft Azure ca si solutie pentru backup sau disaster recovery


Published on

În această sesiune se intră în detalii despre ceea ce înseamnă cu adevărat continuitatea afacerii și recuperarea în caz de catastrofe. Dacă v-ați confruntat cu întreruperi de funcționare sau momente în care soluția Dvs. nu a fost online, dacă aveți o soluție ERP / CRM / altă soluție de LOB care trebuie neapărat să ruleze în timpul orelor de program, dar uneori nu pornește, dacă vă este teamă de o posibilă pierdere a datelor companiei Dvs. și de tot timpul pe care va trebui să-l pierdeți încercând recuperarea lor, cu siguranță veți găsi această sesiune extrem de interesantă.

Published in: Software
  • Login to see the comments

  • Be the first to like this

Tudor Damian - Microsoft Azure ca si solutie pentru backup sau disaster recovery

  1. 1. 23 NOIEMBRIE 2017 | BUCUREȘTI Microsoft Azure as a solution for DR: Backup or Disaster Recovery? TUDOR DAMIAN Executive Manager & CIO @ Avaelgo Microsoft Cloud & Datacenter Management MVP Certified Ethical Hacker
  3. 3. 23 NOIEMBRIE 2017 | BUCUREȘTI • Business Continuity & Disaster Recovery primer –Challenges, threats, RTO/RPO, Cloud concerns • Azure Backup • Azure Site Recovery • Conclusions Agenda
  5. 5. 23 NOIEMBRIE 2017 | BUCUREȘTI • Every company relies on IT systems to operate in this digital world –Implementing disaster recovery across your enterprise can be daunting and is therefore usually avoided • Yet, nearly every company is susceptible to some kind of disaster –Failure to provide service can lead to not only a service outage but long term brand damage Why Disaster Recovery is needed
  6. 6. 23 NOIEMBRIE 2017 | BUCUREȘTI • The DR plan… – Does not exist at all – Is incorrect or unreliable – Includes unnecessary technology – Hasn’t been effectively tested – Doesn’t include sufficient information management regulations • The cost is too high – Datacenter, resources, hardware, management, staff, etc. • The complexity is overwhelming – Multiple data centers – Replication technologies – Potential need for dedicated restore hardware – DR management software Current Challenges (1)
  7. 7. 23 NOIEMBRIE 2017 | BUCUREȘTI • Slow Cloud Adoption – Companies are trapped in traditional backup infrastructures that were never desired to embrace the Cloud • Long Backup Windows – The traditional model becomes unmanageable as data sizes grow and full backup windows extend beyond SLAs – Lengthy backup windows can impact application performance • Slow Recoveries – If you cannot recover your backups then why have them in the first place? – Lengthy recovery windows can impact business operations, customer experience and typically revenue Current Challenges (2)
  8. 8. 23 NOIEMBRIE 2017 | BUCUREȘTI • Disaster Recovery Challenges – Businesses have to plan for both local backup and recovery and DR – Traditional backup and recovery methodologies create significant DR challenges due to restoration complexity – As a result, many companies limit their focus on DR and if they do focus on it, tests are run infrequently • Multiple RPOs – Different applications mandate different recovery point objectives – This typically results in multiple different protection tools • Very Large Database Protection – All challenges of backup and recovery are amplified with very large databases • Tape Trouble – Low confidence in tape backup for long term data retention and data access Current Challenges (3)
  9. 9. 23 NOIEMBRIE 2017 | BUCUREȘTI Natural Threats • Natural disasters • Floods • Earthquakes • Hurricanes Physical Security Threats • Loss or damage of system resources • Physical intrusion • Sabotage, espionage and errors Human threats • Hackers • Insiders • Social engineering • Lack of knowledge and awareness Information Security Threats - examples (1)
  10. 10. 23 NOIEMBRIE 2017 | BUCUREȘTI Network Threats • Information gathering • Sniffing and eavesdropping • Spoofing • Session hijacking • Man-in-the-middle attacks • ARP Poisoning • Password-based attacks • Denial of service attack • Compromised-key attack Host Threats • Malware attacks • Target Footprinting • Password attacks • Denial of service attacks • Arbitrary code execution • Unauthorized access • Privilege escalation • Backdoor Attacks • Physical security threats Application Threats • Data/input validation • SQL injection • Authentication and Authorization attacks • Configuration management • Information disclosure • Session management issues • Buffer overflow issues • Cryptography attacks • Parameter manipulation • Improper error handling and exception management • Auditing and logging issues Information Security Threats - examples (2)
  11. 11. 23 NOIEMBRIE 2017 | BUCUREȘTI • Recovery Time Objective (RTO): – Acceptable amount of time to restore the function/service – Requirement example: • RTO = 0 in case of a site/datacenter being down • RTO = 4 hour in case of 2 sites/datacenters being down • Recovery Point Objective (RPO): – Acceptable latency of data that will not be recovered – Requirement example: • RPO = 0 (no data is lost) in case of a site/datacenter being down • RPO = 30 min in case of 2 sites/datacenters being down Let’s start with the basics, RTO vs RPO
  12. 12. 23 NOIEMBRIE 2017 | BUCUREȘTI • They should be set for each app/service, based on: –The expected loss to the business within the objective –The cost of achieving the objective RTO & RPO objectives Last backup Event Data restored RPO RTO Time
  13. 13. 23 NOIEMBRIE 2017 | BUCUREȘTI • Moving DR data to the Cloud –The cost of shifting massive amounts of data over the Internet has declined dramatically –Broadband speeds continue to increase –The cost of storing vast quantities of data in the cloud has declined dramatically (e.g. cold storage) –The functionally limitless storage capacity of the cloud, as long as organizations are willing to pay for it –Hybrid cloud is building a lot of momentum Cloud backup/DR concerns (1)
  14. 14. 23 NOIEMBRIE 2017 | BUCUREȘTI • Cloud security worries are generally wrong • Concerns about pricing blowouts –Pricing has consistently decreased for Cloud storage • Recovery speeds could be impacted –Traditional tape storage allows for large amounts of data to move around quickly (e.g. via courier) • Long-term storage and its impact on cost • Managing and monitoring backup & DR Cloud backup/DR concerns (2)
  15. 15. 23 NOIEMBRIE 2017 | BUCUREȘTI • Should the service just move to the cloud? –Consider services like Exchange, SharePoint, Skype for Business, CRM –These would be critical during a DR failover to facilitate communication between parties • A better option may be to move to a SaaS based solution in the cloud, e.g. Office 365 / Dynamics 365 –Could also use similar approach for other services that are available as SaaS or even move to cloud PaaS for regular production use Service Migration to Azure
  17. 17. 23 NOIEMBRIE 2017 | BUCUREȘTI • Reliable Offsite Data Protection – Easy replacement for tape backup • Protect individual servers on-prem or in the Cloud – Integrates with DPM and Windows Server Backup • It can back up: – Azure VMs – System States – Volumes, Files & Folders – Applications/Workloads • Out of the box, it offers: – Automatic storage management with unlimited scaling – Multiple storage options (locally-redundant or geo-redundant) – Unlimited inbound data transfer – Data encryption – Application-consistent backups – Long-term retention Microsoft Azure Backup
  18. 18. 23 NOIEMBRIE 2017 | BUCUREȘTI • Azure Backup (MARS) Agent – File & Folder backup, on-prem or Cloud – Backup 3 times per day, not application aware – No Linux Support • System Center DPM / Azure Backup Server – App-aware backups (VSS) for SQL Server, SharePoint, Exchange, etc. – Covers Disk-to-Disk-to-Cloud backups – Full flexibility on backup times – Recover granularity – Linux Support on Hyper-V & VMWare VMs – Azure Backup Server does not support tape backups • Azure IaaS VM Backup – Native backup for Linux & Windows, no agent required Azure Backup Components
  20. 20. 23 NOIEMBRIE 2017 | BUCUREȘTI • Near-real-time transfer to alternative location/site • Meet tight RPO and RTO objectives via failover How is disaster recovery achieved on-premises? Primary Secondary
  21. 21. 23 NOIEMBRIE 2017 | BUCUREȘTI • The same process as on-premises, but with the benefits of Azure Disaster Recovery to Azure Primary Cloud StorSimple/Azure Files Sync Azure Site Recovery Azure Site Recovery SQL AlwaysOn, etc.
  22. 22. 23 NOIEMBRIE 2017 | BUCUREȘTI • Orchestrates and automates replication of: –Azure VMs between regions –On-premises VMs and physical servers to Azure –On-premises machines to a secondary datacenter • It covers: –Azure VMs –Hyper-V virtual machines –Physical servers (Windows & Linux) –VMware virtual machines Azure Site Recovery
  23. 23. 23 NOIEMBRIE 2017 | BUCUREȘTI • Running an instance in Azure requires: – Network connectivity (S2S VPN/ExpressRoute) – Compute charges • To achieve HA, you can leverage other services such as: – Azure Traffic Manager – Azure IaaS Availability Sets – Microsoft SQL Always-On • Services requiring the highest RPO/RTO are good candidates here – Look at tier 1 SQL Servers or Domain Controllers • You can also cut down on licensing/compute charges – VM Scale Sets – Azure Resource Manager Templates • Other less critical applications may use ASR Application-level replication SQLAvailabilityGroup
  24. 24. 23 NOIEMBRIE 2017 | BUCUREȘTI • Billing is done per OS instance protected –It’s free for the first 31 days for any new OS instance • These same technology can be used to migrate existing workloads to Azure • What is a migration? –Perform replication –Failover once –Stop replication ASR Side Notes
  26. 26. 23 NOIEMBRIE 2017 | BUCUREȘTI • Clearly define your existing RPO/RTO –The expected loss to the business within the objective –The cost of achieving the objective • Evaluate both Azure Backup and ASR, as they achieve different purposes –Azure Backup: VM deletion/corruption, data loss inside VM, create a copy of an older version –ASR: low RTO/RPO objectives (as low as 30 seconds), near-real-time failover, migration First steps
  27. 27. 23 NOIEMBRIE 2017 | BUCUREȘTI • Go with Azure Backup when: – The business isn't accessing data on an urgent basis (cold data, any workload with a long RTO window) – Rebuilding instances/images in the public cloud isn't too complex – You have in-house expertise in DR, and a willingness to test readiness at least every six months • Azure Site Recovery (DRaaS) is a better choice when: – The sysadmin team consists of generalists with little expertise in DR – The RTO is short (e.g. online marketing operations) – The application and infrastructure setup is complex • It’s generally better to do both Azure Backup vs ASR
  28. 28. 23 NOIEMBRIE 2017 | BUCUREȘTI Q & A