Ransomware? More Like Ransom Everywhere …

Stupid title, but ransomware has been in the news quite a bit recently. I’ve had some tabs open in my browser for over twelve months with articles about ransomware that I found interesting. I thought it was time to share them and get this post out there. This isn’t comprehensive by any stretch, but rather it’s a list of a few things to look at when looking into anti-ransomware solutions, particularly for NAS environments.

 

It Kicked Him Right In The NAS

The way I see it (and I’m really not the world’s strongest security person), there are (at least) three approaches to NAS and ransomware concerns.

The Endpoint

This seems to be where most companies operate – addressing ransomware as it enters the organisation via the end users. There are a bunch of solutions out there that are designed to protect humans from themselves. But this approach doesn’t always help with alternative attack vectors and it’s only as good as the update processes you have in place to keep those endpoints updated. I’ve worked in a few shops where endpoint protection solutions were deployed and then inadvertently clobbered by system updates or users with too many privileges. The end result was that the systems didn’t do what they were meant to and there was much angst.

The NAS Itself

There are things you can do with NetApp solutions, for example, that are kind of interesting. Something like Stealthbits looks neat, and Varonis also uses FPolicy to get a similar result. Your mileage will vary with some of these solutions, and, again, it comes down to the ability to effectively ensure that these systems are doing what they say they will, when they will.

Data Protection

A number of the data protection vendors are talking about their ability to recover quickly from ransomware attacks. The capabilities vary, as they always do, but most of them have a solid handle on quick recovery once an infection is discovered. They can even help you discover that infection by analysing patterns in your data protection activities. For example, if a whole bunch of data changes overnight, it’s likely that you have a bit of a problem. But, some of the effectiveness of these solutions is limited by the frequency of data protection activity, and whether anyone is reading the alerts. The challenge here is that it’s a reactive approach, rather than something preventative. That said, companies like Rubrik are working hard to enhance its Radar capability into something a whole lot more interesting.

Other Things

Other things that can help limit your exposure to ransomware include adopting generally robust security practices across the board, monitoring all of your systems, and talking to your users about not clicking on unknown links in emails. Some of these things are easier to do than others.

 

Thoughts

I don’t think any of these solutions provide everything you need in isolation, but the challenge is going to be coming up with something that is supportable and, potentially, affordable. It would also be great if it works too. Ransomware is a problem, and becoming a bigger problem every day. I don’t want to sound like I’m selling you insurance, but it’s almost not a question of if, but when. But paying attention to some of the above points will help you on your way. Of course, sometimes Sod’s Law applies, and things will go badly for you no matter how well you think you’ve designed your systems. At that point, it’s going to be really important that you’ve setup your data protection systems correctly, otherwise you’re in for a tough time. Remember, it’s always worth thinking about what your data is worth to you when you’re evaluating the relative value of security and data protection solutions. This article from Chin-Fah had some interesting insights into the problem. And this article from Cohesity outlined a comprehensive approach to holistic cyber security. This article from Andrew over at Pure Storage did a great job of outlining some of the challenges faced by organisations when rolling out these systems. This list of NIST ransomware resources from Melissa is great. And if you’re looking for a useful resource on ransomware from VMware’s perspective, check out this site.

Random Short Take #56

Welcome to Random Short Take #56. Only three players have worn 56 in the NBA. I may need to come up with a new bit of trivia. Let’s get random.

  • Are we nearing the end of blade servers? I’d hoped the answer was yes, but it’s not that simple, sadly. It’s not that I hate them, exactly. I bought blade servers from Dell when they first sold them. But they can present challenges.
  • 22dot6 emerged from stealth mode recently. I had the opportunity to talk to them and I’ll post something soon about that. In the meantime, this post from Mellor covers it pretty well.
  • It may be a Northern Hemisphere reference that I don’t quite understand, but Retrospect is running a “Dads and Grads” promotion offering 90 days of free backup subscriptions. Worth checking out if you don’t have something in place to protect your desktop.
  • Running VMware Cloud Foundation and want to stretch your vSAN cluster across two sites? Tony has you covered.
  • The site name in VMware Cloud Director can look a bit ugly. Steve O gives you the skinny on how to change it.
  • Pure//Accelerate happened recently / is still happening, and there was a bit of news from the event, including the new and improved Pure1 Digital Experience. As a former Pure1 user I can say this was a big part of the reason why I liked using Pure Storage.
  • Speaking of press releases, this one from PDI and its investment intentions caught my eye. It’s always good to see companies willing to spend a bit of cash to make progress.
  • I stumbled across Oxide on Twitter and fell for the aesthetic and design principles. Then I read some of the articles on the blog and got even more interested. Worth checking out. And I’ll be keen to see just how it goes for the company.

*Bonus Round*

I was recently on the Restore it All podcast with W. Curtis Preston and Prasanna Malaiyandi. It was a lot of fun as always, despite the fact that we talked about something that’s a pretty scary subject (data (centre) loss). No, I’m not a DC manager in real life, but I do have responsibility for what goes into our DC so I sort of am. Don’t forget there’s a discount code for the book in the podcast too.

Random Short Take #55

Welcome to Random Short Take #55. A few players have worn 55 in the NBA. I wore some Mutombo sneakers in high school, and I enjoy watching Duncan Robinson light it up for the Heat. My favourite ever to wear 55 was “White Chocolate” Jason Williams. Let’s get random.

  • This article from my friend Max around Intel Optane and VMware Cloud Foundation provided some excellent insights.
  • Speaking of friends writing about VMware Cloud Foundation, this first part of a 4-part series from Vaughn makes a compelling case for VCF on FlashStack. Sure, he gets paid to say nice things about the company he works for, but there is plenty of info in here that makes a lot of sense if you’re evaluating which hardware platform pairs well with VCF.
  • Speaking of VMware, if you’re a VCD shop using NSX-V, it’s time to move on to NSX-T. This article from VMware has the skinny.
  • You want an open source version of BMC? Fine, you got it. Who would have thought securing BMC would be a thing? (Yes, I know it should be)
  • Stuff happens, hard drives fail. Backblaze recently published its drive stats report for Q1. You can read about that here.
  • Speaking of drives, check out this article from Netflix on its Netflix Drive product. I find it amusing that I get more value from Netflix’s tech blog than I do its streaming service, particularly when one is free.
  • The people in my office laugh nervously when I say I hate being in meetings where people feel the need to whiteboard. It’s not that I think whiteboard sessions can’t be valuable, but oftentimes the information on those whiteboards should be documented somewhere and easy to bring up on a screen. But if you find yourself in a lot of meetings and need to start drawing pictures about new concepts or whatever, this article might be of some use.
  • Speaking of office things not directly related to tech, this article from Preston de Guise on interruptions was typically insightful. I loved the “Got a minute?” reference too.

 

Random Short Take #54

Welcome to Random Short Take #54. A few players have worn 54 in the NBA, but my favourite was Horace Grant. Let’s get random.

  • This project looked like an enjoyable, and relatively accessible, home project – building your own NVMe-based storage server.
  • When I was younger I had nightmares based on horror movies and falling out of bed (sometimes with both happening at the same time). Now this is the kind of thing that keeps me awake at night.
  • Speaking of disastrous situations, the OVH problem was a real problem for a lot of people. I wish them all the best with the recovery.
  • Tony has been doing things with vSAN in his lab and in production – worth checking out.
  • The folks at StorageOS have been hard at work improving their Kubernetes storage platform. You can read more about that here.
  • DH2i has a webinar coming up on SQL Server resilience that’s worth checking out. Details here.
  • We’re talking more about burnout in the tech industry, but probably not enough still. This article from Tom was insightful.

Random Short Take #53

Welcome to Random Short Take #53. A few players have worn 53 in the NBA including Mark Eaton, James Edwards, and Artis Gilmore. My favourite though was Chocolate Thunder, Darryl Dawkins. Let’s get random.

  • I love Preston’s series of articles covering the basics of backup and recovery, and this one on backup lifecycle is no exception.
  • Speaking of data protection, Druva has secured another round of funding. You can read Mellor’s thoughts here, and the press release is here.
  • More data protection press releases? I’ve got you covered. Zerto released one recently about cloud data protection. Turns out folks like cloud when it comes to data protection. But I don’t know that everyone has realised that there’s some work still to do in that space.
  • In other press release news, Cloud Propeller and Violin Systems have teamed up. Things seem to have changed a bit at Violin Systems since StorCentric’s acquisition, and I’m interested to see how things progress.
  • This article on some of the peculiarities associated with mainframe deployments in the old days by Anthony Vanderwerdt was the most entertaining thing I’ve read in a while.
  • Alastair has been pumping out a series of articles around AWS principles, and this one on understanding your single points of failure is spot on.
  • Get excited! VMware Cloud Director 10.2.2 is out now. Read more about that here.
  • A lot of people seem to think it’s no big thing to stretch Layer 2 networks. I don’t like it, and this article from Ethan Banks covers a good number of reasons why you should think again if you’re that way inclined.

Random Short Take #52

Welcome to Random Short Take #52. A few players have worn 52 in the NBA including Victor Alexander (I thought he was getting dunked on by Shawn Kemp but it was Chris Gatling). My pick is Greg Oden though. If only his legs were the same length. Let’s get random.

  • Penguin Computing and Seagate have been doing some cool stuff with the Exos E 5U84 platform. You can read more about that here. I think it’s slightly different to the AP version that StorONE uses, but I’ve been wrong before.
  • I still love Fibre Channel (FC), as unhealthy as that seems. I never really felt the same way about FCoE though, and it does seem to be deader than tape.
  • VMware vSAN 7.0 U2 is out now, and Cormac dives into what’s new here. If you’re in the ANZ timezone, don’t forget that Cormac, Duncan and Frank will be presenting (virtually) at the Sydney VMUG *soon*.
  • This article on data mobility from my preferred Chris Evans was great. We talk a lot about data mobility in this industry, but I don’t know that we’ve all taken the time to understand what it really means.
  • I’m a big fan of Tech Field Day, and it’s nice to see presenting companies take on feedback from delegates and putting out interesting articles. Kit’s a smart fellow, and this article on using VMware Cloud for application modernisation is well worth reading.
  • Preston wrote about some experiences he had recently with almost failing drives in his home environment, and raised some excellent points about resilience, failure, and caution.
  • Speaking of people I worked with briefly, I’ve enjoyed Siobhán’s series of articles on home automation. I would never have the patience to do this, but I’m awfully glad that someone did.
  • Datadobi appears to be enjoying some success, and have appointed Paul Repice to VP of Sales for the Americas. As the clock runs down on the quarter, I’m going two for one, and also letting you know that Zerto has done some work to enhance its channel program.

StorONE and Seagate Team Up

This news came out a little while ago, but I thought I’d cover it here nonetheless. Seagate and StorONE recently announced that the Seagate Exos AP 5U84 Application Platform would support StorONE’s S1:Enterprise Storage Platform.

 

It’s A Box!

[image courtesy of StorONE]

The Exos 5U84 Dual Node supports:

  • 2x 1.8 GHz CPU (E5-2648L v4)
  • 2x 256GB RAM
  • Storage capacities between 250TB and 1.3PB

 

It’s Software!

Hardware is fun, but it’s the software that really helps here, with support for:

  • Full High Availability
  • Automated Tiering
  • No Write Cache
  • Rapid RAID Rebuilds
  • Unlimited Snapshots
  • Cascading Replication
  • Self Encrypting Drives

It offers support for multiple access protocols, including iSCSI, NFS, SMB, and S3. Note that there is no FC support with this unit.

 

Thoughts and Further Reading

I’ve had positive things to say about StorONE in the past, particularly when it comes to transparent pricing and the ability to run this storage solution on commodity hardware. I’ve been on the fence about whether hybrid storage solutions are really on the way out. It felt like they were, for a while, and then folks kept coming up with tweaks to software that meant you could get even more bang for your buck (per GB). Much like tape, I think it would be premature to say that hybrid storage using spinning disk is dead just yet.

Obviously, the folks at StorONE have skin in this particular game, so they’re going to talk about how hybrid isn’t going anywhere. It’s much the same as Michael Dell telling me that the on-premises server market is hotting up. When a vendor is selling something, it’s in their interest to convince you that a market exists for that thing and it is hot. That said, some of the numbers Crump and the team at StorONE have shown me are indeed compelling. When you couple those numbers with the cost of the solution (you can work out for yourself here) it becomes difficult to dismiss out of hand.

When I look at storage solutions I like to look at the numbers, and the hardware, and how it’s supported. But what’s really important is whether the solution is up to the task of the workload I need to throw at it. I also want to know that someone can fix my problem when the magic smoke escapes said storage solution. After a while in the industry, you start to realise that, regardless of what the brochures look like, there are a few different ways that these kind of things get put together. Invariably, unless the solution is known for being reckless with data integrity, or super slow, there’s going to be a point at which the technical advantages become less of a point of differentiation. It’s at that point where the economics really come into play.

The world is software-defined in a lot of ways, but this doesn’t mean you can run your favourite storage code on any old box and expect a great outcome. It does, however, mean that you no longer have to pay a premium to get good performance, good capacity, and a reliable outcome for your workload. You also get the opportunity to enjoy performance improvements as the code improves, without necessarily needing to update your hardware. Which is kind of neat, particularly if you’ve ever paid a pretty penny for golden screwdriver upgrades from big brand disk slingers in the past. This solution might not be for everyone, particularly if you already have a big arrangement with some of the bigger vendors. But if you’re looking to do something, and can’t stretch the economics to an All-Flash solution, this is worth a look.

Storage Field Day 21 – Wrap-up and Link-o-rama

Disclaimer: I recently attended Storage Field Day 21.  My flights, accommodation and other expenses were paid for by Tech Field Day. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

This is a quick post to say thanks once again to Stephen and Ben, and the presenters at Storage Field Day 21. I had a great time. For easy reference, here’s a list of the posts I did covering the events (they may not match the order of the presentations).

Storage Field Day 21 – I’ll Be At Storage Field Day 21

Storage Field Day 21 – (Fairly) Full Disclosure

Back To The Future With Tintri

Hammerspace, Storageless Data, And One Tough Problem

Intel Optane – Challenges and Triumphs

NetApp Keystone – How Do you Want It?

Pliops – Can We Take Fast And Make It Faster?

Nasuni Puts Your Data Where You Need It

MinIO – Cloud, Edge, Everywhere …

Also, here’s a number of links to posts by my fellow delegates (in no particular order). They’re all very smart people, and you should check out their stuff, particularly if you haven’t before. I’ll attempt to keep this updated as more posts are published. But if it gets stale, the Storage Field Day 21 landing page will have updated links.

 

Jason Collier (@BocaNuts)

 

Barry Coombs (@VirtualisedReal)

#SFD21 – Storage Field Day 21 – Tintri

#SFD21 – Storage Field Day 21 – NetApp

#SFD21 – Storage Field Day 21 – Nasuni

#SFD21 – Storage Field Day 21 – MinIO Session

#SFD21 – Storage Field Day 21 – Pliops

#SFD21 – Storage Field Day 21 – Hammerspace

#SFD21 – Storage Field Day 21 – Intel

 

Becky Elliott (@BeckyLElliott)

 

Matthew Leib (@MBLeib)

 

Ray Lucchesi (@RayLucchesi)

The rise of MinIO object storage

Data Science storage with NetApp’s Python Toolkit

Storageless data!?

115-GreyBeards talk database acceleration with Moshe Twitto, CTO&Co-founder, Pliops

 

Andrea Mauro (@Andrea_Mauro)

 

Max Mortillaro (@DarkkAvenger)

Nasuni – Cloud-Scale NAS Without Cloud Worries

Storage Field Day 21 – The TECHunplugged Take on Nasuni

Pliops: Re-Imagining Storage, Crushing Bottlenecks and a Bright Future in the Cloud

 

Keiran Shelden (@Keiran_Shelden)

 

Enrico Signoretti (@esignoretti)

Object Storage Is Heating Up

Storage Options for the Distributed Enterprise

 

Paul Stringfellow (@TechStringy)

Looking ahead with Storage Field Day 21 – Barry Coombs, Jason Collier, Max Mortillaro – Ep 149

Storageless data, really? – Doug Fallstrom – Ep156

 

Frederic Van Haren (@FredericVHaren)

 

On-Premise IT Podcast

Is Storageless Storage Just Someone Else’s Storage?

 

Now please enjoy this group photo.

[image courtesy of Gestalt IT]

MinIO – Cloud, Edge, Everywhere …

Disclaimer: I recently attended Storage Field Day 21.  My flights, accommodation and other expenses were paid for by Tech Field Day. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

MinIO recently presented at Storage Field Day 21. You can see videos of the presentation here, and download my rough notes from here.

 

What Is It?

To quote the good folks at MinIO, it is a “high performance, Kubernetes-native object store”. It is designed to be used for large-scale data infrastructure, and was built from scratch to be cloud native.

[image courtesy of MinIO]

Design Principles

MinIO has been built with the following principles in mind:

  • Cloud Native – born in the cloud with “cloud native DNA”
  • Performance Focussed – believe it is the fastest object store in existence
  • Simplicity – designed for simplicity because “simplicity scales”

S3 Compatibility

MinIO is heavily focussed on S3 compatibility. It was first to market with V4 and one of the few vendors to support S3 Select. It has also been strictly consistent from inception.

Put Me In Your Favourite Box

The cloud native part of MinIO was no accident, and as a result more than 62% of MinIO instances run in containers (according to MinIO). 43% of those instances are also managed via Kubernetes. It’s not just about jamming this solution into your favourite container solution though. The lightweight nature of it means you can deploy it pretty much anywhere. As the MinIO folks pointed out during the presentation, MinIO is going everywhere that AWS S3 isn’t.

 

Thoughts And Further Reading

I love object storage. Maybe not in the way I love my family or listening to records or beer, but I do love it. It’s not just useful for storage for the great unwashed of the Internet, but also backup and recovery, disaster recovery, data archives, and analytics. And I’m a big fan of MinIO, primarily because of the S3 compatibility and simplicity of deployment. Like it or not, S3 is the way forward in terms of a standard for object storage for cloud native (and a large number of enterprise) workloads. I’ve written before about other vendors being focussed on this compatibility, and I think it’s great that MinIO has approached this challenge with just as much vigour. There are plenty of problems to be had deploying applications at the best of times, and being able to rely on the storage vendor sticking to the script in terms of S3 compatibility takes one more potential headache away.

The simplicity of deployment is a big part of what intrigues me about MinIO too. I’m old enough to remember some deployments of early generation on-premises object storage systems that involved a bunch of hardware and complicated software interactions for what ultimately wasn’t a great experience. Something like MinIO can be up and running on some pretty tiny footprints in no time at all. A colleague of mine shared some insights into that process here.

And that’s what makes this cool. It’s not that MinIO are trying to take a piece of the AWS pie. Rather, it’s positioning the solution as one that can operate everywhere that the hyperscalers aren’t. Putting object storage solutions in edge locations has historically been a real pain to do. That’s no longer the case. Part of this has to do with the fact that we’ve got access to really small computers and compact storage. But it also has a bit to do with lightweight code that can be up and running in a snap. Like some of the other on-premises object vendors, MinIO has done a great job of turning people on to the possibility of doing cool storage for cloud native workloads outside of the cloud. It seems a bit odd until you think about all of the use cases in enterprise that might work really well in cloud, but aren’t allowed to be hosted in the cloud. It’s my opinion that MinIO has done a great job of filling that gap (and exceeding expectations) when it comes to lightweight, easy to deploy object storage. I’m looking forward to see what’s next for them, particularly as the other vendors start to leverage the solution. For another perspective on MinIO’s growth, check out Ray’s article here.

Nasuni Puts Your Data Where You Need It

Disclaimer: I recently attended Storage Field Day 21.  My flights, accommodation and other expenses were paid for by Tech Field Day. There is no requirement for me to blog about any of the content presented and I am not compensated in any way for my time at the event.  Some materials presented were discussed under NDA and don’t form part of my blog posts, but could influence future discussions.

Nasuni recently presented at Storage Field Day 21. You can see videos of the presentation here, and download my rough notes from here.

 

Nasuni?

The functionality is in the product name. It’s NAS that offers a unified file system across cloud. The key feature is that it’s cloud-native, rather than built on any particular infrastructure solution.

[image courtesy of Nasuni]

The platform is comprised of 5 key components.

UniFS

  • Consolidates files and metadata in cloud storage – “Gold Copy”
  • Ensures durability by storing files as immutable, read-only objects
  • Stores an unlimited version history of every file

Virtual Edge Appliances

  • Caches active files with 99% hit rate
  • 98% smaller footprint vs traditional file server / NAS
  • Scales across all sites, including VDI
  • Supports standard file sharing protocols
  • Built-in web server enables remote file access via web browser (HTTP)

Management Console

  • Administers appliances, volumes, shares and file recovery
  • Automated through central GUI and REST API
  • Provides centralised monitoring, reporting, and alerting

Orchestration Center

  • Multi-site file sync keeps track of versions
  • Advanced version control with Nasuni Global File Lock
  • Multi-region cloud support to ensure performance

Analytics Connector

  • Translates file data into native object storage format
  • Leverage any public cloud services (AI, data analytics, search)
  • Multi-cloud support so you can run any cloud service against your data

 

Thoughts and Further Reading

I’m the first to admit I’ve had a bit of a blind spot for Nasuni for a little while now. Not because I think the company doesn’t do cool stuff – it really does. Rather, my former employer was an investor in the tech and was keen to see how we could use the platform in every opportunity. Even when the opportunity wasn’t appropriate.

Distributed storage for file sharing has been a pain in the rear for enterprises ever since enterprises have been a thing. The real challenge has been doing something sensible about managing data across multiple locations in a cogent fashion. As local becomes global, this becomes even more of an issue, particularly when folks all across the world need to work on the same data. Email isn’t really great for this, and some of those sync and share solutions don’t cope well with the scale that is sometimes required. In the end, file serving is still a solution that can solve a problem for a lot of enterprise use cases.

The advent of public cloud has been great in terms of demonstrating that workloads can be distributed, and you don’t need to have a bunch of tin sitting in the office to get value from infrastructure. Nasuni recognised this over ten years ago, and it has put together a platform that seeks to solve that problem by taking advantage of the distributed nature of cloud, whilst acknowledging that virtualised resources can make for a useful local presence when it comes to having the right data in the right place. One of my favourite things about the solution is that you can also do stuff via the Analytics Connector to derive further value from your unstructured data. This is not a unique feature, but it’s certainly something that gives the impression that Nasuni isn’t just here to serve up your data.

The elegance of the Nasuni solution is in the fact that the complexity is well hidden from the end user. It’s a normal file access experience, but it’s hosted in the cloud. When you contrast that with what you get from the sync solutions of the world or the clumsy web-based document management systems so prevalent in the enterprise, this kind of simplicity is invaluable. It’s my opinion that there is very much a place for this kind of solution in the marketplace. The world is becoming increasingly global, but we still need solutions that can provide data where we need it. We also need those solutions to accommodate the performance and resilience needs of the enterprise.

If you’re after a great discussion on storage options for the distributed enterprise, check out Enrico’s article over at GigaOm.