(bac302) using aws to create a low cost, secure backup environment for your on-premises data | aws...

November 12, 2014 | Las Vegas, NV

Curd Zechmeister, Amazon Web Services

Jason Blevins, Amtrak – Director Systems Engineering

Antoine Boury, JWT – Head of Information Technology

Metered usage:

Pay as you go

No capital investment

No commitment

No risky capacity planning

Avoid Opex and risks of

physical media

handling

Control your

geographic locality for

performance and

compliance

Built-in redundancy

Designed for

99.999999999%

durability

Store backups in Amazon S3

Internet-scale storage

Grow without limits

Benefit from AWS’s

massive security

investments

Low price

per GB per month

No commitment

No up-front cost

Long term backup retention in

Amazon Glacier

Stop managing

physical media

Amazon Glacier has

lower cost than

Amazon S3 with the

same durability

Amazon Glacier is

optimized for infrequent

retrieval

AWS Direct Connect

Dedicated connectivity

to AWS Edge Locations

AWS Import/Export

Data transfer using

portable disk drives

Transfer data in a

secure SSL tunnel over

the public Internet

• On-premises, virtual iSCSI

storage appliance

• $125 / month

• Server Side Encryption (SSE)

• 5 TB of throughput per day

• Recover to Amazon EBS

• 3 Configurations

• Gateway-Cached Volumes

• Gateway-Stored Volumes

• Gateway Virtual Tape Library

VPC – Datacenter #4

Single GUI for

management

Restore back to on-premises

Amazon

GlacierAmazon S3

3-5 hour

retrieval

(staging)

Immediate

restore

Ctera

• Local caching appliance

• Presents NAS protocols– CIFS / NFS

• Up to 30x deduplication

• Compression

• Encryption

• Key management

• WAN acceleration

• S3 and Glacier support

• AMI available

The catalyst for change

The catalyst for change

So how often is this stuff used?

Change has come…

Requirements…

• founded 1864

• WPP company (NYSE: WPP)

• world's best-known marketing

communications brand

JWT | Middle East & Africa

15 Offices

~1,000 Employees

Challenges

JWT | External Factors

• Political Instability

• Poor Infrastructure

• Distance

JWT | Internal Factors

• High Turnover• Industry: As Much As 30% Y/Y

• Know-How & Data Must Persist

• Regionalization• Resources,

• Collaboration

• Knowledge Sharing

• Data Growth: 35% Y/Y

Branch

Office IT:

Previous

Architecture

Before AWS

K:\

laptops

desktops

3rd Party

Bank

Locally-Shared Knowledge Protected

for compliance and risk management

3rd Party

Backup Tools

server

JWT Branch Office Options

Branch File Sharing

Disaster Recovery

Backups

Traditional Remote Office

• Difficult To Manage

• Expensive

• Unpredictable Costs

• Slow Performance

Cloud-Enabled Offices

• Self-Administered

• Centrally Governed

• Affordable

• Predictable RTO

• Centralized Data

• Globally Accessible

• Predictable RPO

• Low Cost Gateways

• Fast Performance

• Remotely Manageable

JWT’s Cloud

Transformation

• Data sync’d to global

namespace in AWS

• All remote office and user

data aggregated to one

platform for total data control.

• All services are remotely

managed for simple branch

IT

JWT’s Cloud Storage Services Platform

EU (Ireland)

Region 1 Cloud Gateway

NAS & Backup Appliance

Region 1 Cloud Gateway

NAS & Backup Appliance

Region 1 Cloud Gateway

NAS & Backup Appliance

JWT Secure Cloud Storage-As-A-Service

VPC

S3 Buckets

Region 1

S3 Buckets

Region 2

S3 Buckets

Region ...

CTERA Portal

Database

CTERA Cloud

Storage Services

MiddlewareOptimized Instance

w/ Cloudwatch

Management

EU: Ireland

Region

Branch

Offices

Installs | MEA

* Pending

JWT MEA

AWS Cloud

Beirut

Dubai

Qatar*

Kuwait

Cairo

Jordan*

Jeddah

Riyadh

Cape Town

Johannesburg

Ireland

Benefits | AWS + CTERA

JWT Knowledge Now

Survives Employee Turnover

Low Cost and Simplicity

Ensure Global Conformance

Cloud Economics and

CTERA Deduplication

Ensure Predictable Costs

Maximum Security with

Source-Based Storage

Service Encryption

Source-Based

Deduplication Makes

Cloud Services Fast...

JWT’s Cloud-Enabled Security

Virtual Private

Data Access Is 100%

in JWT’s AWS VPC

Fully-Encrypted

CTERA AES-256 Bit

In-Flight & At-Rest

Containerized Access

Each region has it’s

bucket, everything is

AD-authenticated

Private Keys

JWT owns all its

encryption keys

If access to backup set is possible

From current location

Requires on site IT

Not Available

Not Supported

Only if using same set

More complex and unpredictable

High

Slow

Standalone

Innovative

Availability

Accessibility

Management

Deduplication

Snapshots

Incremental

Cost

Maintenance

Data Restores

Centralized Management

Traditional

24/7

From any location

Can be managed remotely

Available

Supported

Always

Simpler and Predictable

Low

Extremely Fast

Fully Centralized

http://bit.ly/awsevals