Delphix Toolkits (dxToolkit and dxmToolkit)

 View Only

Protecting Data in AWS

By Jaclyn Schoof posted 02-15-2017 07:46:21 PM


Delphix's Viral Shah, Technical Manager Customer Services, took an in depth look at protecting your data in AWS using Delphix. 

Data is the one of the most critical assets for any Organization. Over the last few years, we all have seen exponential data growth across all Industries; and more data means more management, storage, movement and protection cost.  To meet rapidly changing Business demands, every company is planning to deploy their environments in Cloud – Public, Private or Hybrid.  Deployment in Cloud does indeed provide flexibility of provisioning On-demand environments, but without populating those environments with the freshest dataset, they cannot be efficiently utilized. Populating and Refreshing Data on demand in an efficient manner is an important piece of puzzle to solve before planning Cloud strategy.  When data is refreshed more often and more efficiently for development, research has shown projects are more successful, allowing more resources to work towards the goal of the cloud.

For Cloud implementation there are 2 critical components: Efficient data movement from On-prem to Cloud servers as well as data protection, both while transferring it over the Public network as well as at rest. We all have heard the famous saying, “No Lunch is free”, so encryption does come with a price, but it’s worth paying for successful Cloud deployment.

Let’s talk about how Delphix can help you in your Cloud journey. Delphix is delivered as a Software appliance so can be deployed – On-prem, Remote Data center or Cloud. Delphix supports major Hypervisor platforms – VMWare, AWS EC2 including GovCloud, and Azure in near future.

At the core, Delphix unique Virtualization capability not only helps you to capture your On-prem Source data in a compressed format (typically 3:1 ratio), but also continuously collect the changes in an efficient manner without impacting shared network bandwidth and overloading Source systems. Once Delphix has the data, you have the flexibility to provide the freshest data for your downstream applications in Cloud in matter of minutes irrespective of data set size. Delphix can help the Organizations to solve this data availability conundrum in most efficient way.

Let’s talk about how to move data efficiently into Cloud.

Delphix Replication has the out of the box capability to move your data in a Compressed, Encrypted and Network bandwidth controlled approach from your local Source systems to Cloud environments. Add’l, it provides the flexibility to pick-n-choose which application dataset you want to migrate and even set the replication frequency ranging as low as every 15 minutes to once per day/week. Replication has builtin Resume-ability so it would automatically resume in event of Network disruption or Environment restart.

Screen Shot 2016-03-09 at 52043 PM copypng

What is the price for enabling Encryption?

Recently at one of our premier financial customer implementation, we measured the impact of enabling Network encryption for their AWS deployment and observed around 30-40% impact on data transfer rate. Yes, we saw drop on Network transfer rate, but good news is that with Delphix once the initial base copy is replicated, subsequently it only transfers uniquely changed data; thus overall impact of encryption was not significant and also satisfied the InfoSec concerns of protecting the data over WAN transfer.

In case of AWS, it does offer native Data Encryption capability for EBS volumes. Per Amazon documentation, encryption has minimal impact on performance. Before enabling encryption, we wanted to understand the impact on Delphix performance and measured both Storage throughput and latency at varying workload of 3k, 10k and 30k Throughput IOPS. In addition, we measured the end-user impact by mimicking synthetic user workload on Delphix Virtualized database (VDB). If you are interested in details, you can find the results in our Amazon EBS Data Encryption Impact. Overall, impact of data encryption for medium workload (<10k IOPS) was negligible, but we observed around 10-15% decline for higher workload (30k IOPS).

Additional Delphix capabilities

Since we are discussing about protecting business sensitive data, Delphix also offers Selective Data Distribution (SDD) to mask data before Replicating to Cloud environments. For SDD, Delphix leverages its integrated Masking capability which can not only help to first identify sensitive data (e.g. PII, PHI), but can also mask it, and even certify it later to meet Auditor’s requirements.  Since Delphix has this unique capability to identify sensitive data, it masks the identified data before Replicating to remote environments to ensure sensitive data is always protected before sending across to downstream Cloud environments or Remote Data centers.

Overall, Delphix offers comprehensive toolkit for delivering your data on demand efficiently as well as protecting it in your Cloud journey. Using this unique capability of delivering right data to right team and right time helps Customers to cut their their application project delivery by almost 50%. Irrespective whether data resides on-prem or in Private/Public cloud, leveraging Delphix can accelerate data delivery process and to ensure secured Data Protection and Cloud Migration, one can even leverage Delphix Replication, Masking or SDD. Depending on the Customer needs, Delphix has various tools and capabilities to provision, transfer and protect selective or entire dataset. Add’l, Delphix works seamlessly with majority of Cloud providers and combination of their capabilities can prove to be a win-win situation for the Customers.