© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Tommy Johnston, Sr. Cloud Administrator, Aptean

Kevin Wilmot, Senior Manager, Solution Architecture

November 30, 2016

STG217

Backups with CPMHow Aptean Uses N2W's Cloud Protection Manager to Back

Up Sizable AWS Environments Leveraging Native Snapshots

Storage Solutions on AWS

aws.amazon.com/mp/storage

Amazon EBS EC2 Block Storage Volumes

AWS Import/Export SnowballLarge Scale Data Transport

Amazon S3Scalable Storage in the Cloud

Amazon Elastic File SystemFully Managed File System for EC2

AWS Storage GetawayHybrid Storage Integration

Amazon CloudFrontGlobal Content Delivery Network

Amazon GlacierLow-Cost Archive Storage in the Cloud

Storage & Content Delivery

File Transfer Primary Storage ArchiveBCDRBackup

Find and deploy the solution you need in minutes

Save money with pay-as-you-go pricing

Scale globally with our pre-configured, public managed catalog

About Me

Tommy Johnston, Sr. Cloud Administrator, Aptean

AWS Certified SysOps Administrator – Associate - 2015

VCP 5 Certified -- 2012

10+ Years experience in Enterprise IT, Virtualization/Cloud

BS Clemson University, 2004

The Industries Aptean Serves

Financial &

Commercial Services

Process

Manufacturing

Discrete

ManufacturingRetail & Distribution

Technology Providers Healthcare Public Sector Life Sciences

Unique, Mission-Critical SolutionsCustomer-focused approach to product investments

Aptean Customer Base

Aptean Cloud Hosting Services

• Aptean CHS hosts a variety Aptean

software products in dedicated and

SaaS Environments

• CHS is responsible for Infrastructure

management, including Disaster

Recovery

• Hosting in AWS since 2010

• Currently over 400 Instances in 5

Regions in 79 Distinct AWS Accounts

Aptean SaaS Architecture on AWS

Customer 1 Customer 2 Customer n

Elastic Load Balancing

Customer 2

Elastic Load Balancing

Customer n

conceptual architecture

VPC 1 subnet AZ 1 VPC 1 subnet AZ 2

VPC 2 subnet AZ 1

web server 001 … web server n

Scalable

SQL111

database 001

SQL11n

database 00n

app 111

app 112

web server 002 …

Scalable

web server n

Elastic Load Balancing

Customer 1

Why Do I Need Backups in AWS?

Myth - I don’t need to backup EBS. It’s so redundant I’ll

never lose data.

• Application Requests (Incorrect Deletes)

• Crypto Attacks (Ransomware)

• EBS Failures (Rare)

• Single AZ Outages (Rarer)

• Compliance Requirements

Backup Terms

• RTO – Recovery Time Objective

• RPO – Recovery Point Objective

• Crash Consistent Backup – General backup of Instances, to restore as if the power

cord had been pulled.

• Application Consistent Backup – Backup where the Application has insured it’s ready

to be backed up, not in the middle of any transactions, etc.

• Offsite Backup – Backups that are stored in a physically distinct location to the

production environment.

RPO

RTO

Restore Complete

Physical

VM

AWS

RPO

RPO

RTO

RPO/RTO

RTO

Restore Complete

Restore Complete

Backup

Backup Backup

Backups

Traditional Backup Architecture

Amazon S3 StorageNetwork Connectivity

Corporate Data Center

Removable Media Backup

Offsite Backup Storage

Servers

Virtual Backup Architecture

Amazon S3 StorageNetwork Connectivity

Corporate Data Center

Removable Media Backup

Offsite Backup Storage

Servers

VMs VMs VMs

storage network

US East

Availability Zone A

Availability Zone B Availability Zone C Availability Zone D Availability Zone E

AWS Backup Architecture

Aptean Basic DR Strategy

• Use AWS Snapshots

• Nightly Snapshots for Crash Consistent Backup

• DB Backups placed on dedicated EBS Backup

Volume

• Snapshots on Backup Vol scheduled every 4

hours

• Application Consistent Backup from DB backups

on Backup volume

Backups Prior to N2W Cloud Protection

Manager

• In-House developed code

• Automated Snapshots created via SOAP Requests

using x509 Certs for authentication

• Scheduled using Cron jobs configured by Tags on EBS

Volumes for schedule and retention

Network Connectivity

SOAP Requests

Pains of Prior Solution

• Root Account – Poor Security

• SOAP Request deprecated December 1, 2015

• Inflexible Policy Management; 90 Day retention means 90 nightly

snaps.

• Manual Restores

• Single Threaded Scheduling

N2W Cloud Protection Manager Advantages

Support for IAM accounts with least privilege access.

Individual File Level Restore.

Cross-Account DR Available

Cross-Region DR Available

Agent Available for Application Aware Backups.

AMI only policies with retention for maintenance

events.

Reporting to confirm backups completed successfully

or report any errors.

Management interface to assist with restores.

Support for multiple policies per instance, volume, etc.

AWS API Calls, fully supported, no deprecation issues.

CHS Improvements with CPM

Confidence. Scalable, no scheduling issues. Nightly

email confirms no errors. Any errors encountered are

emailed immediately so they can be addressed.

In some accounts, reduced Snapshots due to inefficient

policies. 20% snapshot cost reduction in some cases.

Maintenance Window AMIs reduced from 2-3 Hours to

15-30 minutes.

Example Policies

Demo

Next Steps

• Snapshots are the best way to perform backup in an AWS

environment

• Production environment need a reliable, flexible and automated

solution to manage snapshots

• N2W Cloud Protection Manager provides an easy, scalable and

efficient way to manage snapshot-based backup in AWS

Visit N2W Software at Booth #902 and get $100 infrastructure

credit. CPM Available for 30-day free trial on the Marketplace. Just

choose the Trial & BYOL Edition.

Q&A