SlideShare ist ein Scribd-Unternehmen logo

Deploying secure backup on to the Cloud

Lahav Savir
Lahav Savir
Technologie
1 von 17
Downloaden Sie, um offline zu lesen
How do we Deploy a secure backup to the Cloud Lahav Savir, lahavs@emind.co
Lahav Savir • 15 years in on-line industry • Architect and CEO @ Emind Systems (est. 2006) • AWS solution provider • Over 30 AWS customers Hobbies (that’s the . . .) • MTB cycling • Mountain hiking
Backup scenarios On premises to off-site On the cloud to other site • File servers • File servers • Backup files • Large data volumes • Data base dumps • Data base dumps archiving • Large S3 buckets • Disaster recovery
Storage scenarios Storage appliances Disks & Servers • NFS • Windows shares • CIFS • Linux exports • Linux servers • Sun exports
Requirements Backup • Keep a replica of the data off-site • Keep history of the data for X previous months • Secure transfer • Encryption of data sets • Large files • Delta transfer Deployment • Don’t impact existing setup • Don’t install any SW on servers • No additional hardware
Few more . . . • Control bandwidth throughput • Visibility and monitoring • Simplicity • Keep the costs down – License – Traffic – Storage
Alternatives • Windows • Storage built-in – Virtual drive to S3 integration tos3 – Sync application – No monitoring – Cygwin / delta copy – No visibility to status – No bandwidth control • Linux – No feedback – s3fs (fuse) – s3cmd
Simple solution • Sync Manager – Linux appliance – cifs-utils – rsync – s3cmd – tc (traffic controller) – net-snmp – curl
Sync Configuration • rsync (filer to filer) rsync;/filer/data1/; sync@192.168.61.130:/data1/{A} rsync;/filer/data2/; sync@porticor_vpd:/data2 • s3 (filer to s3 with / without VPD) s3;/var/www/wordpress/;s3://bucket1/wordpress-{d}/;- -no-delete-removed s3;/mnt/srv1/;s3://bucket2/
Bandwidth control • Tag user traffic iptables -t mangle -A OUTPUT -m owner --uid-owner $SYNCMGR_UID -j MARK --set-mark 0x1 • Create root qdisc for eth0 $TC qdisc add dev $IF root handle 1: htb default 30 • Add a class (bucket) with bandwidth restrictions $TC class add dev $IF parent 1: classid 1:2 htb rate $MAXRATE • Then add a filter to force packets through the class $TC filter add dev $IF protocol ip parent 1:0 prio 1 handle 1 fw classid 1:2 Tip: use iftop to see it in action
Monitoring ## SNMP params SNMPTRAP=true SNMPTRAP_HOST=nms_server SNMPTRAP_PORT=162 SNMPTRAP_COMMUNITY=public SNMPTRAP_OID=.1.3.6.1.4.1.39731.2101 ## support_router SUPPRTR_NOTIF=true SUPPRTR_PROJECT="SupportDispatcher“ SUPPRTR_SYNCMGR_CLIENT=Emind SUPPRTR_BASEURL=https://support.emind.co/support_router/public/api.php ## snmpd.conf rocommunity public # send all Emind Enterprise ID requests to the subagent pass .1.3.6.1.4.1.39731 /usr/local/emind/snmp_subagent
Cloud backup hosts • ec2 instance (Linux server) – EBS volumes • s3 buckets • Porticor VPB – EBS volumes – S3 proxy
Hosting on the cloud • Public cloud – Instance behind security groups with SSH keys • VPC – Instance behind VPN • AWS VPN Gateway • IPSec with CheckPoint in the VPC • IPSec with Swan in the VPC • SSL VPN with OpenVPN in the VPC
Restoring • rsync back from storage rsync ; sync@192.168.61.130:/data1/{A} ; /filer/data1/ • 3scmd s3cmd get s3://bucket2/file /path/to/restore/file
Summary • Simple and open solution • No impact on customer infrastructure • No additional HW required • Control with full visibility • Fully integrated with NMS • Reliable • Secure
AWS Tips • Don’t forget to set AWS console to MFA • Setup a VPN to your AWS server • No public SSH • Monitor traffic coming into your servers • Multi-region / AZ for high availability • Use ec2 tools • Backup backup backup . . .
Questions ??? Thank you, Mail me: lahavs@emind.co Lahav Savir LinkedIn / Twitter / Facebook

Empfohlen

Topologies of OpenStack
Topologies of OpenStackTopologies of OpenStack
Topologies of OpenStackharibabu kasturi
 
OpenStack HA
OpenStack HAOpenStack HA
OpenStack HAtcp cloud
 
OpenStack HA
OpenStack HAOpenStack HA
OpenStack HAKenneth Hui
 
Deep dive into highly available open stack architecture openstack summit va...
Deep dive into highly available open stack architecture openstack summit va...Deep dive into highly available open stack architecture openstack summit va...
Deep dive into highly available open stack architecture openstack summit va...Arthur Berezin
 
Networking in the cloud
Networking in the cloudNetworking in the cloud
Networking in the cloudCliff Chao-kuan Lu
 
Opening of Cloud Native Taiwan User Group Meetup#2
Opening of Cloud Native Taiwan User Group Meetup#2Opening of Cloud Native Taiwan User Group Meetup#2
Opening of Cloud Native Taiwan User Group Meetup#2HungWei Chiu
 
Introducing OpenStack for Beginners
Introducing OpenStack for Beginners Introducing OpenStack for Beginners
Introducing OpenStack for Beginners openstackindia
 
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking ShapeBlue
 

Empfohlen

Topologies of OpenStack
Topologies of OpenStackTopologies of OpenStack
Topologies of OpenStackharibabu kasturi
 
OpenStack HA
OpenStack HAOpenStack HA
OpenStack HAtcp cloud
 
OpenStack HA
OpenStack HAOpenStack HA
OpenStack HAKenneth Hui
 
Deep dive into highly available open stack architecture openstack summit va...
Deep dive into highly available open stack architecture openstack summit va...Deep dive into highly available open stack architecture openstack summit va...
Deep dive into highly available open stack architecture openstack summit va...Arthur Berezin
 
Networking in the cloud
Networking in the cloudNetworking in the cloud
Networking in the cloudCliff Chao-kuan Lu
 
Opening of Cloud Native Taiwan User Group Meetup#2
Opening of Cloud Native Taiwan User Group Meetup#2Opening of Cloud Native Taiwan User Group Meetup#2
Opening of Cloud Native Taiwan User Group Meetup#2HungWei Chiu
 
Introducing OpenStack for Beginners
Introducing OpenStack for Beginners Introducing OpenStack for Beginners
Introducing OpenStack for Beginners openstackindia
 
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking Deploying CloudStack and Ceph with flexible VXLAN and BGP networking
Deploying CloudStack and Ceph with flexible VXLAN and BGP networking ShapeBlue
 
Ansible and CloudStack
Ansible and CloudStackAnsible and CloudStack
Ansible and CloudStackShapeBlue
 
DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...
DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...
DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...ClusterHQ
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestrationdfilppi
 
Apache Cassandra Lunch #52: Airflow and Cassandra for Cluster Management
Apache Cassandra Lunch #52: Airflow and Cassandra for Cluster ManagementApache Cassandra Lunch #52: Airflow and Cassandra for Cluster Management
Apache Cassandra Lunch #52: Airflow and Cassandra for Cluster ManagementAnant Corporation
 
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016Cloud Native Day Tel Aviv
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack CinderSean McGinnis
 
10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk
10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk
10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfskJuraj Hantak
 
OpenStack Control Plane High Availability
OpenStack Control Plane High AvailabilityOpenStack Control Plane High Availability
OpenStack Control Plane High AvailabilityMichael Solberg
 
Nodeless scaling with Karpenter
Nodeless scaling with KarpenterNodeless scaling with Karpenter
Nodeless scaling with KarpenterMarko Bevc
 
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeMi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeOpenNebula Project
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalDocker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalMichelle Antebi
 
High availability and fault tolerance of openstack
High availability and fault tolerance of openstackHigh availability and fault tolerance of openstack
High availability and fault tolerance of openstackDeepak Mane
 
Data Engineer's Lunch #46: Node.js and API calls
Data Engineer's Lunch #46: Node.js and API callsData Engineer's Lunch #46: Node.js and API calls
Data Engineer's Lunch #46: Node.js and API callsAnant Corporation
 
High Availability in OpenStack Cloud
High Availability in OpenStack CloudHigh Availability in OpenStack Cloud
High Availability in OpenStack CloudQiming Teng
 
Serverless
ServerlessServerless
ServerlessDaniel Cottone
 
KubeCon NA 2019 Keynote | NATS - Past, Present, and the Future
KubeCon NA 2019 Keynote | NATS - Past, Present, and the FutureKubeCon NA 2019 Keynote | NATS - Past, Present, and the Future
KubeCon NA 2019 Keynote | NATS - Past, Present, and the FutureNATS
 
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebula Project
 
High Availability in Neutron
High Availability in NeutronHigh Availability in Neutron
High Availability in NeutronRossella Sblendido
 
TechDay - Cambridge 2016 - OpenNebula Corona
TechDay - Cambridge 2016 - OpenNebula CoronaTechDay - Cambridge 2016 - OpenNebula Corona
TechDay - Cambridge 2016 - OpenNebula CoronaOpenNebula Project
 
KubeCon + CloudNative Con NA 2021 | A New Generation of NATS
KubeCon + CloudNative Con NA 2021 | A New Generation of NATSKubeCon + CloudNative Con NA 2021 | A New Generation of NATS
KubeCon + CloudNative Con NA 2021 | A New Generation of NATSNATS
 
iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...
iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...
iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...DataStax Academy
 
Leveraging Cassandra for real-time multi-datacenter public cloud analytics
Leveraging Cassandra for real-time multi-datacenter public cloud analyticsLeveraging Cassandra for real-time multi-datacenter public cloud analytics
Leveraging Cassandra for real-time multi-datacenter public cloud analyticsJulien Anguenot
 

Weitere ähnliche Inhalte

Was ist angesagt?

Ansible and CloudStack
Ansible and CloudStackAnsible and CloudStack
Ansible and CloudStackShapeBlue
 
DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...
DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...
DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...ClusterHQ
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestrationdfilppi
 
Apache Cassandra Lunch #52: Airflow and Cassandra for Cluster Management
Apache Cassandra Lunch #52: Airflow and Cassandra for Cluster ManagementApache Cassandra Lunch #52: Airflow and Cassandra for Cluster Management
Apache Cassandra Lunch #52: Airflow and Cassandra for Cluster ManagementAnant Corporation
 
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016Cloud Native Day Tel Aviv
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack CinderSean McGinnis
 
10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk
10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk
10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfskJuraj Hantak
 
OpenStack Control Plane High Availability
OpenStack Control Plane High AvailabilityOpenStack Control Plane High Availability
OpenStack Control Plane High AvailabilityMichael Solberg
 
Nodeless scaling with Karpenter
Nodeless scaling with KarpenterNodeless scaling with Karpenter
Nodeless scaling with KarpenterMarko Bevc
 
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeMi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeOpenNebula Project
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalDocker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalMichelle Antebi
 
High availability and fault tolerance of openstack
High availability and fault tolerance of openstackHigh availability and fault tolerance of openstack
High availability and fault tolerance of openstackDeepak Mane
 
Data Engineer's Lunch #46: Node.js and API calls
Data Engineer's Lunch #46: Node.js and API callsData Engineer's Lunch #46: Node.js and API calls
Data Engineer's Lunch #46: Node.js and API callsAnant Corporation
 
High Availability in OpenStack Cloud
High Availability in OpenStack CloudHigh Availability in OpenStack Cloud
High Availability in OpenStack CloudQiming Teng
 
KubeCon NA 2019 Keynote | NATS - Past, Present, and the Future
KubeCon NA 2019 Keynote | NATS - Past, Present, and the FutureKubeCon NA 2019 Keynote | NATS - Past, Present, and the Future
KubeCon NA 2019 Keynote | NATS - Past, Present, and the FutureNATS
 
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebula Project
 
TechDay - Cambridge 2016 - OpenNebula Corona
TechDay - Cambridge 2016 - OpenNebula CoronaTechDay - Cambridge 2016 - OpenNebula Corona
TechDay - Cambridge 2016 - OpenNebula CoronaOpenNebula Project
 
KubeCon + CloudNative Con NA 2021 | A New Generation of NATS
KubeCon + CloudNative Con NA 2021 | A New Generation of NATSKubeCon + CloudNative Con NA 2021 | A New Generation of NATS
KubeCon + CloudNative Con NA 2021 | A New Generation of NATSNATS
 

Was ist angesagt? (20)

Ansible and CloudStack
Ansible and CloudStackAnsible and CloudStack
Ansible and CloudStack
 
DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...
DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...
DockerCon 2016 Ecosystem - Everything You Need to Know About Docker and Stora...
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestration
 
Apache Cassandra Lunch #52: Airflow and Cassandra for Cluster Management
Apache Cassandra Lunch #52: Airflow and Cassandra for Cluster ManagementApache Cassandra Lunch #52: Airflow and Cassandra for Cluster Management
Apache Cassandra Lunch #52: Airflow and Cassandra for Cluster Management
 
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
Containerizing Network Services - Alon Harel - OpenStack Day Israel 2016
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack Cinder
 
10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk
10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk
10. th cncf meetup - Routing microservice-architectures-with-traefik-cncfsk
 
OpenStack Control Plane High Availability
OpenStack Control Plane High AvailabilityOpenStack Control Plane High Availability
OpenStack Control Plane High Availability
 
Nodeless scaling with Karpenter
Nodeless scaling with KarpenterNodeless scaling with Karpenter
Nodeless scaling with Karpenter
 
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin WijeeMi-Cloud Deployment Scenarios - Nazarudin Wijee
Mi-Cloud Deployment Scenarios - Nazarudin Wijee
 
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalDocker Meetup: Docker Networking 1.11, by Madhu Venugopal
Docker Meetup: Docker Networking 1.11, by Madhu Venugopal
 
High availability and fault tolerance of openstack
High availability and fault tolerance of openstackHigh availability and fault tolerance of openstack
High availability and fault tolerance of openstack
 
Data Engineer's Lunch #46: Node.js and API calls
Data Engineer's Lunch #46: Node.js and API callsData Engineer's Lunch #46: Node.js and API calls
Data Engineer's Lunch #46: Node.js and API calls
 
High Availability in OpenStack Cloud
High Availability in OpenStack CloudHigh Availability in OpenStack Cloud
High Availability in OpenStack Cloud
 
Serverless
ServerlessServerless
Serverless
 
KubeCon NA 2019 Keynote | NATS - Past, Present, and the Future
KubeCon NA 2019 Keynote | NATS - Past, Present, and the FutureKubeCon NA 2019 Keynote | NATS - Past, Present, and the Future
KubeCon NA 2019 Keynote | NATS - Past, Present, and the Future
 
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
OpenNebulaConf 2016 - OpenNebula 5.0 Highlights and Beyond by Ruben S. Monter...
 
High Availability in Neutron
High Availability in NeutronHigh Availability in Neutron
High Availability in Neutron
 
TechDay - Cambridge 2016 - OpenNebula Corona
TechDay - Cambridge 2016 - OpenNebula CoronaTechDay - Cambridge 2016 - OpenNebula Corona
TechDay - Cambridge 2016 - OpenNebula Corona
 
KubeCon + CloudNative Con NA 2021 | A New Generation of NATS
KubeCon + CloudNative Con NA 2021 | A New Generation of NATSKubeCon + CloudNative Con NA 2021 | A New Generation of NATS
KubeCon + CloudNative Con NA 2021 | A New Generation of NATS
 

Ähnlich wie Deploying secure backup on to the Cloud

iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...
iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...
iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...DataStax Academy
 
Leveraging Cassandra for real-time multi-datacenter public cloud analytics
Leveraging Cassandra for real-time multi-datacenter public cloud analyticsLeveraging Cassandra for real-time multi-datacenter public cloud analytics
Leveraging Cassandra for real-time multi-datacenter public cloud analyticsJulien Anguenot
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stackNitin Mehta
 
Amazon RDS for Microsoft SQL: Performance, Security, Best Practices (DAT303) ...
Amazon RDS for Microsoft SQL: Performance, Security, Best Practices (DAT303) ...Amazon RDS for Microsoft SQL: Performance, Security, Best Practices (DAT303) ...
Amazon RDS for Microsoft SQL: Performance, Security, Best Practices (DAT303) ...Amazon Web Services
 
VMUG - NSX Architettura e Design
VMUG - NSX Architettura e DesignVMUG - NSX Architettura e Design
VMUG - NSX Architettura e DesignVMUG IT
 
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld
 
COSCUP 2019 - CDN in an Edge Box
COSCUP 2019 - CDN in an Edge BoxCOSCUP 2019 - CDN in an Edge Box
COSCUP 2019 - CDN in an Edge BoxShihta Kuan
 
Private cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinPrivate cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinChiradeep Vittal
 
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...ShapeBlue
 
Cloud stack overview
Cloud stack overviewCloud stack overview
Cloud stack overviewhowie YU
 
How we scale DroneCi on demand
How we scale DroneCi on demandHow we scale DroneCi on demand
How we scale DroneCi on demandPatrick Jahns
 
Intro to sysdig in 15 minutes
Intro to sysdig in 15 minutesIntro to sysdig in 15 minutes
Intro to sysdig in 15 minutesSysdig
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveMadhu Venugopal
 
Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)
Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)
Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)VMware Tanzu
 
How Netflix’s Tools Can Help Accelerate Your Start-up (SVC202) | AWS re:Inven...
How Netflix’s Tools Can Help Accelerate Your Start-up (SVC202) | AWS re:Inven...How Netflix’s Tools Can Help Accelerate Your Start-up (SVC202) | AWS re:Inven...
How Netflix’s Tools Can Help Accelerate Your Start-up (SVC202) | AWS re:Inven...Amazon Web Services
 
Why Kubernetes as a container orchestrator is a right choice for running spar...
Why Kubernetes as a container orchestrator is a right choice for running spar...Why Kubernetes as a container orchestrator is a right choice for running spar...
Why Kubernetes as a container orchestrator is a right choice for running spar...DataWorks Summit
 
Presentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a servicePresentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a servicexKinAnx
 
Scalable networking in Apache CloudStack
Scalable networking in Apache CloudStackScalable networking in Apache CloudStack
Scalable networking in Apache CloudStackChiradeep Vittal
 

Ähnlich wie Deploying secure backup on to the Cloud (20)

iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...
iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...
iland Internet Solutions: Leveraging Cassandra for real-time multi-datacenter...
 
Leveraging Cassandra for real-time multi-datacenter public cloud analytics
Leveraging Cassandra for real-time multi-datacenter public cloud analyticsLeveraging Cassandra for real-time multi-datacenter public cloud analytics
Leveraging Cassandra for real-time multi-datacenter public cloud analytics
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stack
 
Amazon RDS for Microsoft SQL: Performance, Security, Best Practices (DAT303) ...
Amazon RDS for Microsoft SQL: Performance, Security, Best Practices (DAT303) ...Amazon RDS for Microsoft SQL: Performance, Security, Best Practices (DAT303) ...
Amazon RDS for Microsoft SQL: Performance, Security, Best Practices (DAT303) ...
 
VMUG - NSX Architettura e Design
VMUG - NSX Architettura e DesignVMUG - NSX Architettura e Design
VMUG - NSX Architettura e Design
 
VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX VMworld 2013: Virtualized Network Services Model with VMware NSX
VMworld 2013: Virtualized Network Services Model with VMware NSX
 
COSCUP 2019 - CDN in an Edge Box
COSCUP 2019 - CDN in an Edge BoxCOSCUP 2019 - CDN in an Edge Box
COSCUP 2019 - CDN in an Edge Box
 
Private cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austinPrivate cloud networking_cloudstack_days_austin
Private cloud networking_cloudstack_days_austin
 
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
 
Cloud stack overview
Cloud stack overviewCloud stack overview
Cloud stack overview
 
How we scale DroneCi on demand
How we scale DroneCi on demandHow we scale DroneCi on demand
How we scale DroneCi on demand
 
Intro to sysdig in 15 minutes
Intro to sysdig in 15 minutesIntro to sysdig in 15 minutes
Intro to sysdig in 15 minutes
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep dive
 
Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)
Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)
Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)
 
Virtual Desktops: Why is this So Hot
Virtual Desktops: Why is this So HotVirtual Desktops: Why is this So Hot
Virtual Desktops: Why is this So Hot
 
Svc 202-netflix-open-source
Svc 202-netflix-open-sourceSvc 202-netflix-open-source
Svc 202-netflix-open-source
 
How Netflix’s Tools Can Help Accelerate Your Start-up (SVC202) | AWS re:Inven...
How Netflix’s Tools Can Help Accelerate Your Start-up (SVC202) | AWS re:Inven...How Netflix’s Tools Can Help Accelerate Your Start-up (SVC202) | AWS re:Inven...
How Netflix’s Tools Can Help Accelerate Your Start-up (SVC202) | AWS re:Inven...
 
Why Kubernetes as a container orchestrator is a right choice for running spar...
Why Kubernetes as a container orchestrator is a right choice for running spar...Why Kubernetes as a container orchestrator is a right choice for running spar...
Why Kubernetes as a container orchestrator is a right choice for running spar...
 
Presentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a servicePresentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a service
 
Scalable networking in Apache CloudStack
Scalable networking in Apache CloudStackScalable networking in Apache CloudStack
Scalable networking in Apache CloudStack
 

Mehr von Lahav Savir

How to Secure Your AWS Powered Mobile App End-to-End
How to Secure Your AWS Powered Mobile App End-to-EndHow to Secure Your AWS Powered Mobile App End-to-End
How to Secure Your AWS Powered Mobile App End-to-EndLahav Savir
 
Best of re:Invent 2016 meetup presentation
Best of re:Invent 2016 meetup presentationBest of re:Invent 2016 meetup presentation
Best of re:Invent 2016 meetup presentationLahav Savir
 
How to protect your IoT data on AWS
How to protect your IoT data on AWSHow to protect your IoT data on AWS
How to protect your IoT data on AWSLahav Savir
 
How to Protect your AWS Environment
How to Protect your AWS EnvironmentHow to Protect your AWS Environment
How to Protect your AWS EnvironmentLahav Savir
 
Emind’s Architecture for Enterprise with AWS Integration
Emind’s Architecture for Enterprise with AWS IntegrationEmind’s Architecture for Enterprise with AWS Integration
Emind’s Architecture for Enterprise with AWS IntegrationLahav Savir
 
Real-Time Vote Platform Benchmark
Real-Time Vote Platform BenchmarkReal-Time Vote Platform Benchmark
Real-Time Vote Platform BenchmarkLahav Savir
 
Build Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSBuild Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSLahav Savir
 
Running an erlang based messaging system on AWS
Running an erlang based messaging system on AWSRunning an erlang based messaging system on AWS
Running an erlang based messaging system on AWSLahav Savir
 
DevOps sensors 360° high availability in the cloud
DevOps sensors 360° high availability in the cloudDevOps sensors 360° high availability in the cloud
DevOps sensors 360° high availability in the cloudLahav Savir
 
סע לשלום - הדרכה לרכזים כיתתיים
סע לשלום - הדרכה לרכזים כיתתייםסע לשלום - הדרכה לרכזים כיתתיים
סע לשלום - הדרכה לרכזים כיתתייםLahav Savir
 
Multi Layer Monitoring V1
Multi Layer Monitoring V1Multi Layer Monitoring V1
Multi Layer Monitoring V1Lahav Savir
 
Lahav Savir - Massively Scaleable Mobile Gateways
Lahav Savir - Massively Scaleable Mobile GatewaysLahav Savir - Massively Scaleable Mobile Gateways
Lahav Savir - Massively Scaleable Mobile GatewaysLahav Savir
 

Mehr von Lahav Savir (12)

How to Secure Your AWS Powered Mobile App End-to-End
How to Secure Your AWS Powered Mobile App End-to-EndHow to Secure Your AWS Powered Mobile App End-to-End
How to Secure Your AWS Powered Mobile App End-to-End
 
Best of re:Invent 2016 meetup presentation
Best of re:Invent 2016 meetup presentationBest of re:Invent 2016 meetup presentation
Best of re:Invent 2016 meetup presentation
 
How to protect your IoT data on AWS
How to protect your IoT data on AWSHow to protect your IoT data on AWS
How to protect your IoT data on AWS
 
How to Protect your AWS Environment
How to Protect your AWS EnvironmentHow to Protect your AWS Environment
How to Protect your AWS Environment
 
Emind’s Architecture for Enterprise with AWS Integration
Emind’s Architecture for Enterprise with AWS IntegrationEmind’s Architecture for Enterprise with AWS Integration
Emind’s Architecture for Enterprise with AWS Integration
 
Real-Time Vote Platform Benchmark
Real-Time Vote Platform BenchmarkReal-Time Vote Platform Benchmark
Real-Time Vote Platform Benchmark
 
Build Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSBuild Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWS
 
Running an erlang based messaging system on AWS
Running an erlang based messaging system on AWSRunning an erlang based messaging system on AWS
Running an erlang based messaging system on AWS
 
DevOps sensors 360° high availability in the cloud
DevOps sensors 360° high availability in the cloudDevOps sensors 360° high availability in the cloud
DevOps sensors 360° high availability in the cloud
 
סע לשלום - הדרכה לרכזים כיתתיים
סע לשלום - הדרכה לרכזים כיתתייםסע לשלום - הדרכה לרכזים כיתתיים
סע לשלום - הדרכה לרכזים כיתתיים
 
Multi Layer Monitoring V1
Multi Layer Monitoring V1Multi Layer Monitoring V1
Multi Layer Monitoring V1
 
Lahav Savir - Massively Scaleable Mobile Gateways
Lahav Savir - Massively Scaleable Mobile GatewaysLahav Savir - Massively Scaleable Mobile Gateways
Lahav Savir - Massively Scaleable Mobile Gateways
 

Kürzlich hochgeladen

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Kürzlich hochgeladen (20)

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Deploying secure backup on to the Cloud

  • 1. How do we Deploy a secure backup to the Cloud Lahav Savir, lahavs@emind.co
  • 2. Lahav Savir • 15 years in on-line industry • Architect and CEO @ Emind Systems (est. 2006) • AWS solution provider • Over 30 AWS customers Hobbies (that’s the . . .) • MTB cycling • Mountain hiking
  • 3. Backup scenarios On premises to off-site On the cloud to other site • File servers • File servers • Backup files • Large data volumes • Data base dumps • Data base dumps archiving • Large S3 buckets • Disaster recovery
  • 4. Storage scenarios Storage appliances Disks & Servers • NFS • Windows shares • CIFS • Linux exports • Linux servers • Sun exports
  • 5. Requirements Backup • Keep a replica of the data off-site • Keep history of the data for X previous months • Secure transfer • Encryption of data sets • Large files • Delta transfer Deployment • Don’t impact existing setup • Don’t install any SW on servers • No additional hardware
  • 6. Few more . . . • Control bandwidth throughput • Visibility and monitoring • Simplicity • Keep the costs down – License – Traffic – Storage
  • 7. Alternatives • Windows • Storage built-in – Virtual drive to S3 integration tos3 – Sync application – No monitoring – Cygwin / delta copy – No visibility to status – No bandwidth control • Linux – No feedback – s3fs (fuse) – s3cmd
  • 8. Simple solution • Sync Manager – Linux appliance – cifs-utils – rsync – s3cmd – tc (traffic controller) – net-snmp – curl
  • 9. Sync Configuration • rsync (filer to filer) rsync;/filer/data1/; sync@192.168.61.130:/data1/{A} rsync;/filer/data2/; sync@porticor_vpd:/data2 • s3 (filer to s3 with / without VPD) s3;/var/www/wordpress/;s3://bucket1/wordpress-{d}/;- -no-delete-removed s3;/mnt/srv1/;s3://bucket2/
  • 10. Bandwidth control • Tag user traffic iptables -t mangle -A OUTPUT -m owner --uid-owner $SYNCMGR_UID -j MARK --set-mark 0x1 • Create root qdisc for eth0 $TC qdisc add dev $IF root handle 1: htb default 30 • Add a class (bucket) with bandwidth restrictions $TC class add dev $IF parent 1: classid 1:2 htb rate $MAXRATE • Then add a filter to force packets through the class $TC filter add dev $IF protocol ip parent 1:0 prio 1 handle 1 fw classid 1:2 Tip: use iftop to see it in action
  • 11. Monitoring ## SNMP params SNMPTRAP=true SNMPTRAP_HOST=nms_server SNMPTRAP_PORT=162 SNMPTRAP_COMMUNITY=public SNMPTRAP_OID=.1.3.6.1.4.1.39731.2101 ## support_router SUPPRTR_NOTIF=true SUPPRTR_PROJECT="SupportDispatcher“ SUPPRTR_SYNCMGR_CLIENT=Emind SUPPRTR_BASEURL=https://support.emind.co/support_router/public/api.php ## snmpd.conf rocommunity public # send all Emind Enterprise ID requests to the subagent pass .1.3.6.1.4.1.39731 /usr/local/emind/snmp_subagent
  • 12. Cloud backup hosts • ec2 instance (Linux server) – EBS volumes • s3 buckets • Porticor VPB – EBS volumes – S3 proxy
  • 13. Hosting on the cloud • Public cloud – Instance behind security groups with SSH keys • VPC – Instance behind VPN • AWS VPN Gateway • IPSec with CheckPoint in the VPC • IPSec with Swan in the VPC • SSL VPN with OpenVPN in the VPC
  • 14. Restoring • rsync back from storage rsync ; sync@192.168.61.130:/data1/{A} ; /filer/data1/ • 3scmd s3cmd get s3://bucket2/file /path/to/restore/file
  • 15. Summary • Simple and open solution • No impact on customer infrastructure • No additional HW required • Control with full visibility • Fully integrated with NMS • Reliable • Secure
  • 16. AWS Tips • Don’t forget to set AWS console to MFA • Setup a VPN to your AWS server • No public SSH • Monitor traffic coming into your servers • Multi-region / AZ for high availability • Use ec2 tools • Backup backup backup . . .
  • 17. Questions ??? Thank you, Mail me: lahavs@emind.co Lahav Savir LinkedIn / Twitter / Facebook