Random Short Take #65

Welcome to Random Short take #65. Last one for the year I think.

  • First up, this handy article from Steve Onofaro on replacing certificates in VMware Cloud Director 10.3.1.
  • Speaking of cloud, I enjoyed this article from Chris M. Evans on the AWS “wobble” (as he puts it) in us-east-1 recently. Speaking of articles Chris has written recently, check out his coverage of the Pure Storage FlashArray//XL announcement.
  • Speaking of Pure Storage, my friend Jon wrote about his experience with ActiveCluster in the field recently. You can find that here. I always find these articles to be invaluable, if only because they demonstrate what’s happening out there in the real world.
  • Want some press releases? Here’s one from Datadobi announcing it has released new Starter Packs for DobiMigrate ranging from 1PB up to 7PB.
  • Data protection isn’t just something you do at the office – it’s a problem for home too. I’m always interested to hear how other people tackle the problem. This article from Jeff Geerling (and the associated documentation on Github) was great.
  • John Nicholson is a smart guy, so I think you should check out his articles on benchmarking (and what folks are getting wrong). At the moment this is a 2-part series, but I suspect that could be expanded. You can find Part 1 here and Part 2 here. He makes a great point that benchmarking can be valuable, but benchmarking like it’s 1999 may not be the best thing to do (I’m paraphrasing).
  • Speaking of smart people, Tom Andry put together a great article recently on dispelling myths around subwoofers. If you or a loved one are getting worked up about subwoofers, check out this article.
  • I had people ask me if I was doing a predictions post this year. I’m not crazy enough to do that, but Mellor is. You can read his article here.

In some personal news (and it’s not LinkedIn official yet) I recently quit my job and will be taking up a new role in the new year. I’m not shutting the blog down, but you might see a bit of a change in the content. I can’t see myself stopping these articles, but it’s likely there’ll be less of the data protection howto articles being published. But we’ll see. In any case, wherever you are, stay safe, happy holidays, and see you on the line next year.

Random Short Take #64

Welcome to Random Short take #64. It’s the start of the last month of the year. We’re almost there.

  • Want to read an article that’s both funny and informative? Look no further than this beginner’s guide to subnetting. I did Elizabethan literature at uni, so it was good to get a reminder on Shakespeare’s involvement in IP addressing.
  • Continuing with the amusing articles, Chris Colotti published a video of outtakes from some Cohesity lightboard sessions that had me cracking up. It’s always nice when people don’t take themselves too seriously.
  • On a more serious note, data hoarding is a problem (I know this because I’ve been guilty of it), and this article from Preston outlines some of the reasons why it can be a bad thing for business.
  • Still on data protection, Howard Oakley looks at checking the integrity of Time Machine backups in this post. I’ve probably mentioned this a few times previously, but if you find macOS behaviour baffling at times, Howard likely has an article that can explain why you’re seeing what you’re seeing.
  • Zerto recently announced Zerto In-Cloud for AWS – you read more about that here. Zerto is really starting to put together a comprehensive suite of DR solutions. Worth checking out.
  • Still on press releases, Datadobi has announced new enhancements to DobiMigrate with 5.13. The company also recently validated Google Cloud Storage as an endpoint for its DobiProtect solution.
  • Leaseweb Global is also doing stuff with Google Cloud – you can read more about that here.
  • Finally, this article over at Blocks and Files on what constitutes a startup made for some interesting reading. Some companies truly are Peter Pans at this point, whilst others are holding on to the idea that they’re still in startup mode.

Datadobi, DobiProtect, and Forward Progress

I recently had the opportunity to speak Carl D’Halluin from Datadobi about DobiProtect, and thought I’d share some thoughts here. I wrote about DobiProtect in the past, particularly in relation to disaster recovery and air gaps. Things have progressed since then, as they invariably do, and there’s a bit more to the DobiProtect story now.

 

Ransomware Bad, Data Protection Good

If you’re paying attention to any data protection solution vendors at the moment, you’re no doubt hearing about ransomware attacks. These are considered to be Very Bad Things (™).

What Happens

  • Ransomware comes in through zero-day exploit or email attachments
  • Local drive content encrypted
  • Network shares encrypted – might be fast, might be slow
  • Encrypted file accessed and ransom message appears

How It Happens

Ransomware attacks are executed via many means, including social engineering, software exploits, and “malvertising” (my second favourite non-word next to performant). The timing of these attacks is important to note as well, as some ransomware will lay dormant and launch during a specific time period (a public holiday, for example). Sometimes ransomware will slowly and periodically encrypt content , but generally speaking it will begin encrypting files as quickly as possible. It might not encrypt everything either, but you can bet that it will be a pain regardless.

Defense In Depth

Ransomware protection isn’t just about data protection though. There are many layers you need to consider (and protect), including:

  • Human – hard to control, not very good at doing what they’re told.
  • Physical – securing the locations where data is stored is important.
  • End Points – BYOD can be a pain to manage effectively, and keeping stuff up to date seems to be challenging for the most mature organisations.
  • Networks – there’s a lot of work that needs to go into making sure workloads are both secure and accessible.
  • Application – sometimes they’re just slapped in there and we’re happy they run.
  • Data – It’s everything, but super exposed if you don’t get the rest of this right.

 

DobiProtect Then?

The folks at Datadobi tell me DobiProtect is the ideal solution for protecting the data layer as part of your defence in depth strategy as it is:

  • Software defined
  • Designed for the scale and complexity of file and / or object datasets
  • A solution that compliments existing capabilities such as storage system snapshots
  • Easy to deploy and does not impact existing configurations
  • A solution that is cost effective and flexible

 

Where Does It Fit?

DobiProtect plays to the strength of Datadobi – file and object storage. As such, it’s not designed to handle your traditional VM and DB protection, this remains the domain of the usual suspects.

[image courtesy of Datadobi]

Simple Deployment

The software-only nature of the solution, and the flexibility of going between file and object, means that it’s pretty easy to deploy as well.

[image courtesy of Datadobi]

Architecture

From an architecture perspective, it’s pretty straight forward as well, with the Core handling the orchestration and monitoring, and software proxies used for data movement.

[image courtesy of Datadobi]

 

Thoughts

I’ve been involved in the data protection business in some form or another for over two decades now. As you can imagine, I’ve seen a whole bunch of different ways to solve problems. In my day job I generally promote modern approaches to solving the challenge of protecting data in an efficient and cost-effective fashion. It can be hard to do this well, at scale, across the variety of workloads that you find in the modern enterprise nowadays. It’s not just some home directories, a file server, and one database that you have to protect. Now there’s SaaS workloads, 5000 different database options, containers, endpoints, and all kinds of other crazy stuff. The thing linking that all together is data, and the requirement to protect that data in order for the business to do its business – whether that’s selling widgets or providing services to the general public.

Protecting file and object workloads can be a pain. But why not just use a vendor that can roughly do the job rather than using a very specific solution like DobiProtect? I asked D’Halluin the same question, and his response was along the following lines. The kind of customers Datadobi is working with on a regular basis have petabytes of unstructured data they need to protect, and they absolutely need to be sure that it’s being protected properly. Not just from a quality of recovered data perspective, but also from a defensible compliance position. It’s not just about pointing out to the auditors that the data protection solution “should” be working. There’s a lot of legislation and stuff in place to ensure that it needs to be more than that. So it’s oftentimes worth investing in a solution that can reliably deliver against that compliance requirement.

Ransomware attacks can be the stuff of nightmares, particularly if you aren’t prepared. Any solution that is helping you to protect yourself (and, more importantly, recover) from attacks is a Very Good Thing™. Just be sure to check that the solution you’re looking at does what you think it will do. And then check again, because it’s not a matter of if, but when.

Random Short Take #62

Welcome to Random Short take #62. It’s Friday afternoon, so I’ll try and keep this one brief.

  • Tony was doing some stuff in his lab and needed to clean up a bunch of ports in his NSX-T segment. Read more about what happened next here.
  • Speaking of people I think of when I think automation, Chris Wahl wrote a thought-provoking article on deep work that is well worth checking out.
  • While we’re talking about work, Nitro has published its 2022 Productivity Report. You can read more here.
  • This article from Backblaze on machine learning and predicting hard drive failure rates was interesting. Speaking of Backblaze, if you’re thinking about signing up with them, use my code and we’ll both get some free time.
  • Had a security problem? Need to recover? How do you know when to hit the big red button? Preston can help.
  • Speaking of doom and gloom (i.e. losing data), Curtis’s recent podcast episode covering ZFS and related technologies made for some great listening.
  • Have you been looking for a “A Unique Technology to Scan and Interrogate Petabyte-Scale Unstructured Data Lakes”? Maybe, maybe not. If you have, Datadobi has you covered with Datadobi Query Language. You can read the press release here.
  • I love when bloggers take the time to do hands-on articles, and this one from Dennis Faucher covering VMware Tanzu Community Edition was fantastic.

Random Short Take #52

Welcome to Random Short Take #52. A few players have worn 52 in the NBA including Victor Alexander (I thought he was getting dunked on by Shawn Kemp but it was Chris Gatling). My pick is Greg Oden though. If only his legs were the same length. Let’s get random.

  • Penguin Computing and Seagate have been doing some cool stuff with the Exos E 5U84 platform. You can read more about that here. I think it’s slightly different to the AP version that StorONE uses, but I’ve been wrong before.
  • I still love Fibre Channel (FC), as unhealthy as that seems. I never really felt the same way about FCoE though, and it does seem to be deader than tape.
  • VMware vSAN 7.0 U2 is out now, and Cormac dives into what’s new here. If you’re in the ANZ timezone, don’t forget that Cormac, Duncan and Frank will be presenting (virtually) at the Sydney VMUG *soon*.
  • This article on data mobility from my preferred Chris Evans was great. We talk a lot about data mobility in this industry, but I don’t know that we’ve all taken the time to understand what it really means.
  • I’m a big fan of Tech Field Day, and it’s nice to see presenting companies take on feedback from delegates and putting out interesting articles. Kit’s a smart fellow, and this article on using VMware Cloud for application modernisation is well worth reading.
  • Preston wrote about some experiences he had recently with almost failing drives in his home environment, and raised some excellent points about resilience, failure, and caution.
  • Speaking of people I worked with briefly, I’ve enjoyed Siobhán’s series of articles on home automation. I would never have the patience to do this, but I’m awfully glad that someone did.
  • Datadobi appears to be enjoying some success, and have appointed Paul Repice to VP of Sales for the Americas. As the clock runs down on the quarter, I’m going two for one, and also letting you know that Zerto has done some work to enhance its channel program.

Random Short Take #48

Welcome to Random Short Take #48. Not a great many players have worn 48 in the NBA (2 as it happens). It gets better soon, I assure you. Let’s get random.

  • I may or may not have a few bezels in my home office, so I enjoyed this article from Mellor on bezels.
  • Another great article from Preston reflecting on 2020 and data protection. And the reading and listening part is important too.
  • If your business is part of VCPP, this article on what’s new with pricing provides a good summary of what’s changed. If you’re not, it’s probably not going to make as much sense.
  • This is a great article on Apple’s OCSP and how things can go south pretty quickly.
  • Datadobi and Wasabi recently announced a technology alliance partnership – you can read more about that here.
  • The SolarWinds attack and some things you should know.

If you’ve read this far, thanks for reading. You may have noticed that I wrote fewer posts this year. Some of that is due to increased workload at the day job, some of that is related to non-blog writing projects, and some of that has been general mental fatigue. I also couldn’t really get into the big vendor virtual conferences in the way that I’d hoped to, and this had an impact on content output to an extent.

In any case, wherever you are, stay safe, happy holidays, and see you on the line next year.

Random Short Take #45

Welcome to Random Short Take #45. The number 45 has taken a bit of a beating in terms of popularity in recent years, but a few pretty solid players have nonetheless worn 45 in the NBA, including MJ and The Rifleman. My favourite from this list is A.C. Green (“slam so hard, break your TV screen“). So let’s get random.

Random Short Take #43

Welcome to Random Short Take #43. A few players have worn 43 in the NBA, including Frank Brickowski, but my favourite from this list is Red Kerr (more for his commentary chops than his game, I think).  Let’s get random.

  • Mike Wilson has published Part 2 of his VMware VCP 2020 Study Guide and it’s a ripper. Check it out here. I try to duck and weave when it comes to certification exams nowadays, but these kind of resources are invaluable.
  • It’s been a while since I had stick time with Data Domain OS, but Preston’s article on password hardening was very useful.
  • Mr Foskett bought a cloud, of sorts. Read more about that here. Anyone who knows Stephen knows that he’s all about what’s happening in the industry, but I do enjoy reading about these home projects as well.
  • Speaking of clouds, Rancher was named “A Leader” in multi-cloud container development platforms by an independent research firm. You can read the press release here.
  • Datadobi had a good story to share about what it did with UMass Memorial Health Care. You can read the story here.
  • Steve O has done way too much work understanding how to change the default theme in Veeam Enterprise Manager 10 and documenting the process so you don’t need to work it out. Read about the process here.
  • Speaking of data protection, Zerto has noticed Azure adoption increasing at quite a pace, amongst other things.
  • This was a great article on open source storage from Chin-Fah.

Datadobi Announces DobiProtect

Datadobi recently announced DobiProtect. I had the opportunity to speak with Michael Jack and Carl D’Halluin about the announcement, and thought I’d share some thoughts here.

 

The Problem

Disaster Recovery

Modern disaster recovery solutions tend more towards business continuity than DR. The challenge with data replication solutions is that it’s a trivial thing to replicate corruption from your primary storage to your DR storage. Backup systems are vulnerable too, and most instances you need to make some extra effort to ensure you’ve got a replicated catalogue, and that your backup data is not isolated. Invariably, you’ll be looking to restore to like hardware in order to reduce the recovery time. Tape is still a pain to deal with, and invariably you’re also at the mercy of people and processes going wrong.

What Do Customers Need?

To get what you need out of a robust DR system, there are a few criteria that need to be met, including:

  • An easy way to select business-critical data;
  • A simple way to make a golden copy in native format;
  • A bunker site in a DC or cloud;
  • A manual air-gap procedure;
  • A way to restore to anything; and
  • A way to failover if required.

 

Enter DobiProtect

What Does It Do?

The idea is that you have two sites with a manual air-gap between them, usually controlled by a firewall of some type. The first site is where you run your production workload, and there’ll likely be a subset of data that is really quirte important to your business. You can use DobiProtect to get that data from your production site to DR (it might even be in a bunker!). In order to get the data from Production to DR, DobiProtect scans the data before it’s pulled across to DR. Note that the data is pulled, not pushed. This is important as it means that there’s no obvious trace of the bunker’s existence in production.

[image courtesy of Datadobi]

If things go bang, you can recover to any NAS or Object.

  • Browse golden copy
  • Select by directory structure, folder, or object patterns
  • Mounts and shares
  • Specific versions

Bonus Use Case

One of the more popular use cases that Datadobi spoke to me about was heterogeneous edge-to-core protection. Data on the edge is usually more vulnerable, and not every organisation has the funding to put robust protection mechanisms in place at every edge site to protect critical data. With the advent of COVID-19, many organisations have been pushing more data to the edge in order for remote workers to have better access to data. The challenge then becomes keeping that data protected in a reliable fashion. DobiProtect can be used to pull data from the core once data has been pulled back from the edge. Because it’s a software only product, your edge storage can be anything that supports object, SMB, or NFS, and the core could be anything else. This provides a lot of flexibility in terms of the expense traditionally associated with DR at edge sites.

[image courtesy of Datadobi]

 

Thoughts and Further Reading

The idea of an air-gapped site in a bunker somewhere is the sort of thing you might associate with a James Bond story. In Australia these aren’t exactly a common thing (bunkers, not James Bond stories), but Europe and the US is riddled with them. As Jack pointed out in our call, “[t]he first rule of bunker club – you don’t talk about the bunker”. Datadobi couldn’t give me a list of customers using this type of solution because all of the customers didn’t want people to know that they were doing things this way. It seems a bit like security via obscurity, but there’s no point painting a big target on your back or giving clues out for would-be crackers to get into your environment and wreak havoc.

The idea that your RPO is a day, rather than minutes, is also confronting for some folks. But the idea of this solution is that you’ll use it for your absolutely mission critical can’t live without it data, not necessarily your virtual machines that you may be able to recover normally if you’re attacked or the magic black smoke escapes from one of your hosts. If you’ve gone to the trouble of looking into acquiring some rack space in a bunker, limited the people in the know to a handful, and can be bothered messing about with a manual air-gap process, the data you’re looking to protect is clearly pretty important.

Datadobi has a rich heritage in data migration for both file and object storage systems. It makes sense that eventually customer demand would drive them down this route to deliver a migration tool that ostensibly runs all the time as sort of data protection tool. This isn’t designed to protect everything in your environment, but for the stuff that will ruin your business if it goes away, it’s very likely worth the effort and expense. There are some folks out there actively looking for ways to put you over a barrel, so it’s important to think about what it’s worth to your organisation to avoid that if possible.

Random Short Take #42

Welcome to Random Short Take #42. A few players have worn 42 in the NBA, including Vin Baker, but my favourite from this list is Walt Williams.  A big man with a jumpshot and a great tube sock game. Let’s get random.

  • Datadobi has formed a partnership with Melillo Consulting to do more in the healthcare data management space. You can read the release here.
  • It’s that time of the year when Backblaze releases its quarterly hard drive statistics. It makes for some really interesting reading, and I’m a big fan of organisations that are willing to be as transparent as Backblaze is with the experience it’s having in the field. It has over 142000 drives in the field, across a variety of vendors, and the insights it delivers with this report are invaluable. In my opinion this is nothing but a good thing for customers and the industry in general. You can read more about the report here.
  • Was Airplay the reason you littered your house with Airport Express boxes? Same here. Have you been thinking it might be nice to replace the Airport Express with a Raspberry Pi since you’ve moved on to a different wireless access point technology? Same here. This article might just be the thing you’ve been looking for. I’m keen to try this out.
  • I’ve been trying to optimise my weblog, and turned on Cloudflare via my hosting provider. The website ran fine, but I had issues accessing the WordPress admin page after a while. This article got me sorted out.
  • I’ve been a bit loose with the security of my home infrastructure from time to time, but even I don’t use WPS. Check out this article if you’re thinking it might somehow be a good idea.
  • This article on caching versus tiering from Chris Evans made for some interesting reading.
  • This was a thorough review of the QNAP QSW-308-1C Unmanaged Switch, an 11 (!) port unmanaged switch boasting 3 10Gbps ports and 8 1Gbps ports. It’s an intriguing prospect, particularly given the price.
  • DH2i has announced it’s extending free access to DxOdyssey Work From Home (WFH) Software until December 31st. Read more about that here.