Laurent Ninni, Synerway: Appliances are the future of virtualisation
May 2011 by Marc Jacob
Synerway has chosen to commercialize its Appliances to respond to client needs in terms of ease-of-operations but also the separation of backed up data and their IT infrastructure. The Appliance is also adapted to virtualisation and Cloud Computing. For Laurent Ninni – Synerway CTO, the Appliance represents the future of virtualisation.
Global Security Mag : Synerway made the decision as far back as 2002 to commercialize the backup Appliance in a move away from traditional software vendors. Can you tell us what exactly is a backup Appliance?
Laurent Ninni : Synerway’s main concern has always been to provide solutions adapted to client needs and help them avoid having to dedicate specialists to handle daily backup and administrative tasks.
This is the key reason behind our Appliance-based solutions.
An appliance is an all-in-one system dedicated to a specific application. The best-known appliances are network devices. When you connect a network switch, you typically connect up the cables and start using the equipment.
This is the same concept we apply to our backup Appliances.
Our clients do not have to manage a dedicated backup server: no operating system, hardware drivers or backup catalogue… Everything is handled automatically by the Appliance. The user simply keeps an eye on their backups or performs restorations when required.
A major advantage of the Appliance is to separate backed up data from the client IT infrastructure. An autonomous solution is simply placed alongside existing systems. We do not install backup software on a client machine.
A major benefit of our Appliance is the automation of many administration tasks
GS Mag : On a functional level, what do your Appliances offer?
Laurent Ninni : The Synerway Appliance protects many systems and applications. We back up data but also systems for a Disaster Recovery restoration. Our Universal Bare Metal Restore module for example, enables you to restore a complete Windows system, either to its original hardware, new hardware or to a virtual machine.
Our Appliances perform a first-level backup to disks which can then be externalised to media, LTO tape, removable RDX disks, over the network to another Synerway Appliance or to a third-party network location.
But the number one advantage of the Synerway Appliance is the automation of a great number of administrative tasks.
Our Appliances work according to constraints: you define your constraints, and the Appliance takes care of handling your backups, restorations and all other operating tasks.
You simply identify the machines to back up, the backup schedule, priority preferences and the Appliance automatically handles their order. This is known as the “Mission mode” and is exclusive to Synerway.
If some machines are disconnected from the network, the Appliance simply postpones backups to a time when the machines are back online. If a new machine is added, simply add it to the list of machines with the same constraints, and the Appliance reorganises all the backup schedule. If you want to back up your laptops, you need to associate them with a corresponding profile and priorities.
You can of course choose a selection of backed up data: particularly interesting when this data has to go over the network to a centralised location. Some of our partners also use this technology to send their clients’ critical data to their data Cloud or to an infrastructure hosted on a Data Center.
Backup Data replication between Appliances is also possible. Our NExt (Network Externalisation) module can transform a Synerway Appliance into VTL Synerway (Virtual Tape Library). This Appliance can replace a tape library and receive externalised data from other Appliances.
Appliances are the future of virtualisation
GS Mag: You describe the Synerway Appliance as a complete system which serves a singular function without the worry of third-party constraints. The virtualisation revolution which enables us to share server and application resources on the same physical machine – surely this is incompatible with your take on the concept of the Appliance ?
Laurent Ninni : On the contrary, virtualisation is extended proof of the pertinence of the concept of the Appliance.
What is the goal of virtualisation? Sharing hardware and reducing maintenance costs. Sure. But the number one aim is to dedicate one machine per application, and to partition each application so it does not affect others: precisely the principal of the Appliance.
Appliances are in physical or virtual boxes which run alongside each other. If one goes down, the others are unaffected and continue to run unhindered. Maintenance and operational tasks are simplified.
If your backup server goes down, you need to spend a lot of time analysing the backup software, its catalogue and its OS in order to avoid a total reinstall and all the potential errors this entails particularly if you have other applications on the same machine.
With an Appliance, you do not handle a system but software; it is a single entity which fulfils a single role. You can reinstall everything in a single operation, without the help of a specialist, and without impacting other applications.
For us, it was logical to propose our Appliance in a virtual format. Remember that these Appliances are real Appliances, not virtual machines in which we have installed an operating system with backup software on top.
To understand the difference, it’s very simple: take the example of Smartphones. What makes this object so powerful and simple to use? It’s because they allow you to download Applications which can be used immediately without having to install an operating system beforehand or managing compatibility between components or upgrading drivers etc…
This is where the real revolution lies: the future of virtualisation is the Appliance, and in this sector, we are ahead of the competition.
Virtual or physical Appliances: each need has its solution
GS Mag : Does this mean your virtual Appliances are different or better than your physical Appliances?
Laurent Ninni : I’d say they respond to different needs.
Both types of Appliance provide exactly the same backup features. What’s more, the software is the same, the updates are the same, they can be supervised and configured by the same Administration Appliance. This means our clients manage their IT infrastructures in total simplicity.
From a market perspective, the sales packages differ because we propose some options which are more adapted to client objectives. With the virtual Appliance (the SVA), the default storage capacity for backed up data is 1 TB with no limits regarding the number of backup agents per protected machine. When you need more storage capacity, it is better to install additional SVAs rather than increase the storage capacity of existing SVAs. As we also provide a virtual centralised Administration Appliance (called RBM for Remote Backup Management), it is very easy to multiply instances.
We target two types of client: the client who already has a virtual infrastructure in which the virtual Appliance (SVA) is installed; and the client who prefers a physical Appliance to maintain total independence between their backup solution and IT infrastructure. This client is therefore able to restore data independently from the virtual environment in the event of an incident.
The SVA allows you to take a snapshot of the entire Appliance which includes its total configuration and backed up data. A simple click on a menu allows you to revert to a previous operational snapshot from a chosen date.
The physical Appliance integrates directly an in-built media drive (LTO or RDX), or even a media library which frees you from integration questions; the SVA will typically use the network for data externalisations.
Deduplication is not the magical solution to all our problems
GS Mag : You often mention network externalisation. Compared to the latest technologies in this area, including deduplication, can your Appliances compete?
Laurent Ninni : Deduplication is a real buzz word right now. And this is typically where we stand out from the competition; we’re not looking to latch on to a technology for technology’s sake and much less from a marketing standpoint.
I often use the adjective « pertinent » to describe what we offer our clients. Our aim is not to claim our solution fits all but to propose different solutions which are well suited to specific needs.
Concerning deduplication, what is the specific need? Saving storage and network bandwidth.
Let’s scratch under the surface. A backup process, like any IT process, will use different types of resources: processing power, memory, storage space and network bandwidth.
In terms of backup, there is no magic wand: to save on one of these resources, you need to increase the use of the others.
To be able to deduplicate, the system compares data with other backed up data (a complex checksum). This uses a lot of processing power and memory (as data is stored temporarily to ensure performance levels are maintained).
If you perform source-level deduplication, the protected machine is strongly impacted because deduplication will perform the same operations as standard backups plus additionally an enormous amount of calculations to reduce data to send and this impacts the work station or server which is already impacted by other key processes.
If you perform target-level deduplication, you use the advantages of deduplication concerning network traffic reduction because data will all be sent to your backup server and this server will be impacted in finding identical data.
Of course, you do save on storage space but your bandwidth, processor and memory requirements will rise. If you compare the cost of a disk versus the cost of bandwidth, processor and memory, (even before purchasing the deduplication software), you’ll typically find there’s no match.
If you use deduplication at block level, your data is broken into tiny pieces and spread throughout your storage space.
There are three major consequences:
because data is no longer stored in its original file structure, your backup catalogue or your signature index database is absolutely essential for any restoration, and it becomes a highly critical element and a major potential weak point.
because the loss of a single byte of a specific file format may make it impossible to restore any files of the same type. Take the example of .doc files: they have the same format, defined by blocks of bytes. Once deduplication is performed, these blocks are only stored once. If you lose only one of these blocks, because they can be shared by all your .doc files, you have another major potential weak point.
finally, the processing time required during backup will be the same for restoration –the time required to reassemble the tiny pieces of deduplicated files spread over your storage space. Major restorations in deduplication mode can be very long.
Our main aim is to ensure restoration at all times.
Our approach is to start by defining the adequate response for each client and each situation: the solution for protecting a critical server will not be the same for a group of workstations on geographically remote sites.
We pay close attention to the RTO and RPO: rapid restorations with the minimum amount of data loss GS Mag : What is your solution for an efficient protection of critical servers?
Laurent Ninni : In this case, we’ll reduce the RPO and RTO rather than trying to save money on one or two storage disks.
Our clients prefer, in the event of an incident, to be able to restore their mail server or database with data backed up just before the crash.
In this case, we propose a continuous data protection solution (CDP) via our Advanced Pack agents. These agents run in block mode, but, contrary to our competitors, these are low-level blocks which means there is no signature calculation to perform (and therefore no significant machine load): we simply use a disk mirroring procedure between the Appliance disk and the protected disk (physical or virtual).
The major advantage is that the mirror between both disks is tried and tested technology, both rapid and without the need to locate and identify the blocks to back up (because they are simply copied to the disk). This technique can be applied to critical servers with almost no impact opening the door to real-time or near real-time protection.
Our Advanced Packs also enable you to take regular block-mode snapshots of the mirror disks on the Appliance with applicative data coherence. This gives you a version history without impacting your protected system (the snapshots are taken directly on the Appliance). The snapshots take up little disk space because only the modified blocks are duplicated.
Our tests also show, and with no ambiguity, that the reduction in required storage space when linked to block mode is very close to that obtained by deduplication. This means that with our new 48-TB Appliances, we can also protect very high data volumes with the Advanced Packs.
One Appliance per site is ideal for rapid backups and restorations
GS Mag : And for machines on geographically remote sites?
For this type of architecture, there are several possibilities. As a general rule, we try to deploy one Appliance per site. This makes for rapid local backups and restorations. Data is then externalised and consolidated from this Appliance to a regional or central site.
As part of our solution range, we have a new trump card: the SVA Pack (Synerway Virtual Appliance Pack). It comprises a virtual Appliance which is installed on a work station alongside an open-source virtual environment which means this solution is possible – even if you do not have a virtual infrastructure. You can take advantage of the entire Appliance feature range and isolate the Appliance from the existing local environment. This means simplified installation, simplified maintenance and reduced costs.
Some systems can also be backed up directly from a central location over the network using a synthetic backup: data is backed up incrementally and full backups are created artificially on the central site. This consolidates data, reduces bandwidth usage and speeds up restorations.
For laptops which are often outside the LAN, we typically recommend a block mode solution. Block mode has a twin advantage: limit bandwidth usage (enabling, for example a backup to a central location even on low bandwidth connections), and perform additional backups to the laptop’s internal disk. The user is protected at all times and is totally autonomous.
Block mode is also applicable to servers, which can be protected remotely from the central site.
Depending on constraints, our Professional Services team will help clients make the right choice for them.
Our solutions can be adapted to all the phases of the life cycle of a major deployment
GS Mag : Christian Maillard mentioned a few weeks ago your success with multi-site organisations. How does your technology fulfil their requirements and constraints specifically?
Our major force in this area is as follows: we have the right products and many successful deployments behind us. Some of our multi-site deployments run to several thousand Appliances.
Over and above these deployments, we are successful in installing and operating on sites where there is absolutely no local IT expertise.
Initially, we offer to help clients define their data protection mission based on their infrastructure and constraints. We can then create a factory master installed in the Appliance which integrates automated site configuration procedures.
In this case, all that you have to do is plug the Appliance into the power supply and network and away you go. The Appliance automatically recognizes its environment and defines network parameters. The rest of the configuration is defined in the master. Of course, in this case, our clients have generic licences which avoid a lot of hassle after installation.
Concerning the day-to-day operations, our centralised supervision and administration solutions (the RBM Appliance) allow many tasks to be handled centrally: display and manage alarms, restart backups, check storage space statuses and deploy new backup programmes and software updates. You can also integrate client supervision tools using SNMP traps or the Synerway SNMP MIB.
A dedicated extranet is available to our clients. They can find all product documentation, software masters and updates, backup agents and also a complete status concerning licences and maintenance contracts.
There are many more features and add-ons but it’s hard to mention them all here. Cloud Computing is one of our natural openings
GS Mag : What role will the Synerway Appliance play in the world of Cloud Computing ?
Laurent Ninni : As I mentioned earlier, we already have partners who have integrated our solutions by backing up their client data locally then externalising them into the partner’s cloud.
Technically, our solutions are also compatible with this type of architecture. Cloud Computing is a natural opening for us and we are open to partnership proposals.