© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Tommy Johnston, Sr. Cloud Administrator, Aptean
Kevin Wilmot, Senior Manager, Solution Architecture
November 30, 2016
STG217
Backups with CPMHow Aptean Uses N2W's Cloud Protection Manager to Back
Up Sizable AWS Environments Leveraging Native Snapshots
Storage Solutions on AWS
aws.amazon.com/mp/storage
Amazon EBS EC2 Block Storage Volumes
AWS Import/Export SnowballLarge Scale Data Transport
Amazon S3Scalable Storage in the Cloud
Amazon Elastic File SystemFully Managed File System for EC2
AWS Storage GetawayHybrid Storage Integration
Amazon CloudFrontGlobal Content Delivery Network
Amazon GlacierLow-Cost Archive Storage in the Cloud
Storage & Content Delivery
File Transfer Primary Storage ArchiveBCDRBackup
Find and deploy the solution you need in minutes
Save money with pay-as-you-go pricing
Scale globally with our pre-configured, public managed catalog
About Me
Tommy Johnston, Sr. Cloud Administrator, Aptean
AWS Certified SysOps Administrator – Associate - 2015
VCP 5 Certified -- 2012
10+ Years experience in Enterprise IT, Virtualization/Cloud
BS Clemson University, 2004
The Industries Aptean Serves
Financial &
Commercial Services
Process
Manufacturing
Discrete
ManufacturingRetail & Distribution
Technology Providers Healthcare Public Sector Life Sciences
Aptean Cloud Hosting Services
• Aptean CHS hosts a variety Aptean
software products in dedicated and
SaaS Environments
• CHS is responsible for Infrastructure
management, including Disaster
Recovery
• Hosting in AWS since 2010
• Currently over 400 Instances in 5
Regions in 79 Distinct AWS Accounts
Aptean SaaS Architecture on AWS
Customer 1 Customer 2 Customer n
Elastic Load Balancing
Customer 2
Elastic Load Balancing
Customer n
conceptual architecture
VPC 1 subnet AZ 1 VPC 1 subnet AZ 2
VPC 2 subnet AZ 1
web server 001 … web server n
Scalable
SQL111
database 001
SQL11n
database 00n
app 111
app 112
web server 002 …
Scalable
web server n
Elastic Load Balancing
Customer 1
Why Do I Need Backups in AWS?
Myth - I don’t need to backup EBS. It’s so redundant I’ll
never lose data.
• Application Requests (Incorrect Deletes)
• Crypto Attacks (Ransomware)
• EBS Failures (Rare)
• Single AZ Outages (Rarer)
• Compliance Requirements
Backup Terms
• RTO – Recovery Time Objective
• RPO – Recovery Point Objective
• Crash Consistent Backup – General backup of Instances, to restore as if the power
cord had been pulled.
• Application Consistent Backup – Backup where the Application has insured it’s ready
to be backed up, not in the middle of any transactions, etc.
• Offsite Backup – Backups that are stored in a physically distinct location to the
production environment.
RPO
RTO
Restore Complete
Physical
VM
AWS
RPO
RPO
RTO
RPO/RTO
RTO
Restore Complete
Restore Complete
Backup
Backup Backup
Backups
Traditional Backup Architecture
Amazon S3 StorageNetwork Connectivity
Corporate Data Center
Removable Media Backup
Offsite Backup Storage
Servers
Virtual Backup Architecture
Amazon S3 StorageNetwork Connectivity
Corporate Data Center
Removable Media Backup
Offsite Backup Storage
Servers
VMs VMs VMs
storage network
US East
Availability Zone A
Availability Zone B Availability Zone C Availability Zone D Availability Zone E
AWS Backup Architecture
Aptean Basic DR Strategy
• Use AWS Snapshots
• Nightly Snapshots for Crash Consistent Backup
• DB Backups placed on dedicated EBS Backup
Volume
• Snapshots on Backup Vol scheduled every 4
hours
• Application Consistent Backup from DB backups
on Backup volume
Backups Prior to N2W Cloud Protection
Manager
• In-House developed code
• Automated Snapshots created via SOAP Requests
using x509 Certs for authentication
• Scheduled using Cron jobs configured by Tags on EBS
Volumes for schedule and retention
Network Connectivity
SOAP Requests
Pains of Prior Solution
• Root Account – Poor Security
• SOAP Request deprecated December 1, 2015
• Inflexible Policy Management; 90 Day retention means 90 nightly
snaps.
• Manual Restores
• Single Threaded Scheduling
N2W Cloud Protection Manager Advantages
Support for IAM accounts with least privilege access.
Individual File Level Restore.
Cross-Account DR Available
Cross-Region DR Available
Agent Available for Application Aware Backups.
AMI only policies with retention for maintenance
events.
Reporting to confirm backups completed successfully
or report any errors.
Management interface to assist with restores.
Support for multiple policies per instance, volume, etc.
AWS API Calls, fully supported, no deprecation issues.
CHS Improvements with CPM
Confidence. Scalable, no scheduling issues. Nightly
email confirms no errors. Any errors encountered are
emailed immediately so they can be addressed.
In some accounts, reduced Snapshots due to inefficient
policies. 20% snapshot cost reduction in some cases.
Maintenance Window AMIs reduced from 2-3 Hours to
15-30 minutes.
Next Steps
• Snapshots are the best way to perform backup in an AWS
environment
• Production environment need a reliable, flexible and automated
solution to manage snapshots
• N2W Cloud Protection Manager provides an easy, scalable and
efficient way to manage snapshot-based backup in AWS
Visit N2W Software at Booth #902 and get $100 infrastructure
credit. CPM Available for 30-day free trial on the Marketplace. Just
choose the Trial & BYOL Edition.