(844) 627-8267 | Info@NationalCyberSecurity
(844) 627-8267 | Info@NationalCyberSecurity
0

VMware builds vSAN Max, consolidates multicloud and online deployment | #ransomware | #cybercrime


VMware’s vSphere 8 has mutated into vSphere “8+”, which brings three new storage-related options: disaggregated storage in vSAN Max; NSX+ to support multicloud deployments; and Ransomware Recovery extended to an online service.

“vSAN Max is a product that you can buy and deploy in your datacentre,” said CEO Raghu Raghuram at VMware Explore 2023 last week in Las Vegas. “The other two are services uniquely available online via a subscription as is already the case with our other VMware Cloud products.

“But if these services are not available in the cloud, that’s because of their intrinsic way of functioning: Ransomware Recovery works as emergency infrastructure in the cloud, NSX+ works as a central point from where you can push network configuration to all your sites. Don’t imagine that we plan to transform all the licences for our products into cloud subscriptions.”

Here the CEO was responding to a question from ComputerWeekly.com France-based sister site LeMagIT about whether VMware has the intention common among infrastructure suppliers of selling subscriptions rather than products. Here’s we’re thinking of Dell Apex, HPE GreenLake etc. Theses programmes allow for subscription models of infrastructure purchase, with all the latest functionality available at no extra cost. Pure Storage, via its Evergreen programme, for example, proactively prompts customers to upgrade to the latest arrays and controllers.

The possible downside to these programmes is that customers can be tied hand-and-foot to vendors, when traditionally a commercial contract consisted of a once-and-for-all sale for all products and to add a support contract for several years.

“Dell and HPE will re-sell you VMware vSphere installed on their servers via subscription, via Apex at GreenLake. But we, we don’t work like that,” said the CEO.

Sumit Dhawan, VMware president, welcomed a 31% growth in licence sales for VMware in the cloud, and said these saved customers 66% on their investments. In such cases, this involves subscription to licences usable across on-site vSphere locations and use of infrastructure on AWS, Azure, GCP or other public cloud that can potentially provide all the VMware Cloud offer.

vSAN Max SDS extends storage independently of VMs

Compared to vSAN software-defined storage, which is integrated with server clusters that run VMs, vSAN Max provides a cluster dedicated to storage. A key benefit is financial, because vSAN Max allows customer to extend the number of disks from less powerful servers – so, less costly – when vSAN requires additional servers with the same CPU performance.

vSAN was developed to allow easy extension to projects by adding identical nodes as required, as in the hyper-converged principle. For its part, vSAN Max is better adapted to scenarios in which applications consume more data over time. vSAN Max can handle capacity up to 8.6PB with NVMe flash supported and 3.6 million IOPS per dedicated storage cluster.

Commercially speaking, vSAN Max isn’t an extension of vSAN but a separate product. So, vSAN is invoiced on the number of processors in the cluster while vSAN Max is charged according to storage capacity managed. In the two cases the systems simulate a storage array separate from servers in a cluster.

You can say that vSAN in its Max version is a storage array like our partners offer,” said John Gilmartin, VMware director. “But the aim of vSAN is always to facilitate storage utilisation, via our vCenter admin console, which also manages VMs and which will also be the case with Max.”

“We offer an admin environment that resolves the problems of storage for you, taking into account the same priorities for each volume as the volumes on the VMs they’re associated with,” said Gilmartin.

“The other point, above all, is that we claim excellent performance that compares to other SAN solutions,” he added. “And that is made possible by a total re-working as part of the vSAN 8 update.”

Quick cloud restores in case of an attack

The key new feature of Ransomware Recovery is to put into production several restored copies at once instead of one after the other. That simple improvement will be critical in the sense that it potentially drastically reduces the time taken to restore enterprise activity after a ransomware attack.

Ransomware Recovery, launched last year, determines the health of backup copies before restoration. It is an extended function of Disaster Recovery, which is a long-established VMware service that carries out regular snapshots of a cluster and that can in case of a problem automatically restore its contents in a virtual cluster on AWS.

“The relevance of the snapshot system is that, unlike a backup system, you don’t have to extract data to put it into useable form again,” said Gilmartin. “With snapshots, you access just the blocks that contain the copies of your data in blocks that are directly useable. It’s instantaneous. You just have to restart restored VMs, and Ransomware Recovery handles it.”

In practice, to access Ransomware Recovery an enterprise has to have a VMware Cloud on the online portal, then subscribe to the VMware Disaster Recovery service, then buy the Ransomware Recovery option.

Originally, only production VMs on-site or run via VMware Cloud in AWS can be protected and restored like this. Currently, this functionality can be applied to VMs that run in the GCP VMware Cloud service. VMware didn’t say when this functionality will work with VMs in the Azure service. In all cases, however, restores are to AWS.

From here to the end of the year, Ransomware Recovery will benefit from a new file system that will completely partition restored VMs from the network infected by cyber-attack.

“In future, we will adapt our file system so that restores are possible to clouds other than AWS,” said Gilmartin. “Our other technology direction is to make on-demand restores from backups more productive, such as during VPN roll-outs to allow different categories of user to work.”

NSX+ to unify the network across different sites

The aim of the online network engine NSX+ is to automatically apply network rules from a source cluster to all its replicas, whether deployed on a distant site or in a cloud, on VMs or using containers.

“We evolved our virtual network offer, NSX, towards NSX+ to simplify our customer journey towards multicloud,” said Kit Colbert, technical director at VMware.

NSX+ will eventually be equipped with a supervision console, NSX+ Intelligence, which is intended to map vSphere cluster deployments across multiple sites in a visual manner, highlight faults, bottlenecks and other potential problems. NSX+ Intelligence will offer means to resolve issues without always the work instead of the network admins.  

For now, NSX+ aims to unify routing rules, rights of access and ID attribution for VMs and containers. Colbert suggested that VMware is planning a further evolution of NSX+ that will take charge of mesh networks on Kubernetes clusters and managing the API presented by the containers.



Source link

National Cyber Security

FREE
VIEW