News
10/28/2009
10:24 AM
George Crump
George Crump
Commentary
50%
50%

File Virtualization, The Ultimate Cloud Gateway?

In our last entry we talked about the use of cloud storage as a backup target, but another ideal use case for cloud storage is to use it as an archive area. Almost every IT organization has old data that they want or must keep, but are struggling with where to keep it. Its ability to identify, automatically move and transparently recall data could make file virtualization the ultimate cloud gateway.

In our last entry we talked about the use of cloud storage as a backup target, but another ideal use case for cloud storage is to use it as an archive area. Almost every IT organization has old data that they want or must keep, but are struggling with where to keep it. Its ability to identify, automatically move and transparently recall data could make file virtualization the ultimate cloud gateway.As we discussed in our white paper "Using Cloud Archive", moving data to a cloud archive is going to method a way to analyze that data for qualification for movement and a vehicle to get that data to the cloud. Many cloud providers like Iron Mountain and Nirvanix have established a mixed model cloud service where a gateway is placed in your data center. This gateway acts as a NAS to cloud translator and allows you to move data to the cloud as simply as moving data to a network mount point. This is where file virtualization systems from companies like F5 and AutoVirt come into play.

File virtualization, also known as a global file system, allows multiple network shares to be addressed singularly. Your users typically see only a single mount point. The file virtualization software manages the physical aspects of the storage infrastructure behind the scenes. Think of it as a DNS server for files. Most of us don't get to a web site via its IP address, we use the URL. In similar fashion file virtualization abstracts the actual location of a file from a user. Once in place this enables a multitude of capabilities and one of the largest is transparent movement of data.

The transparent movement of data is typically used to move inactive data off of primary storage and onto second or third tier forms of storage. For example you could clear out your expensive tier 1 NAS storage of inactive data and put it on a system that had power managed storage like Nexsan's AutoMaid or on to capacity optimized storage like Permabit or Data Domain. Depending on your needs, all of these devices are viable secondary tiers. Cloud storage can potentially be one of those tiers or even an additional tier for even longer term retention. File virtualization software would manage the network share that the cloud gateway presents as it would any other share.

Going further, the file virtualization server or appliance could also act as the cloud gateway. Combining these into one solution eliminates the need for a device in your data center and it provides you with some flexibility. For example you could send data to two different cloud providers for redundancy. You could also send different data types to different cloud suppliers based on their expertise. For example some cloud providers may specialize in the retention of medical images and offer retention and compliance management as part of their value add.

Cloud storage's biggest role may not be in backup but in archive. Unstructured data is an ever-growing problem and file virtualization may be the best way to get there.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-4403
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.ph...

CVE-2012-2930
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user via an adduser action to admin/index.php or (2) conduct static PHP code injection attacks in .htusers...

CVE-2012-2932
Published: 2015-04-24
Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to inject arbitrary web script or HTML via the (1) selitems[] parameter in a copy, (2) chmod, or (3) arch action to admin/index.php or (4) searchitem parameter in a search action to admin/...

CVE-2012-5451
Published: 2015-04-24
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.

CVE-2015-0297
Published: 2015-04-24
Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methos via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.