softwarecloudlink
cloudlink 时间:2021-01-08 阅读:()
SOLUTIONOVERVIEWVMwarevSANSecurityZoneDeploymentVMwarevSphereClustersinSecurityZonesAsecurityzone,alsoreferredtoasa"DMZ,"isasub-networkthatisdesignedtoprovidetightlycontrolledconnectivitytoanorganization'sinternalITinfrastructureandapplications.
Asecurityzonetypicallycontainsexternal-facingservicesthatareaccessiblefromuntrustednetworkssuchastheInternet.
Othercommonusecasesforsecurityzonesareinternalisolationforclassiedenvironmentsordevelopmentinfrastructures.
Theprimarypurposeofthisarchitectureisaddinganotherlayerofsecuritytofurtherreducetheriskofunauthorizedaccesstoanorganization'sinternalnetwork,applications,anddata.
Oneofthemostsignicantthreatstosecurityinanyenvironmentismisconguration.
Complexityincreasesthepossibilityofmisconguration,whichcouldleadtopotentialsecurityincidents.
VMwarevSphereuses"bare-metal"virtualization,sothehypervisorinterfacesdirectlywithserverhardwarewithouttheneedforamorecomplex,generaloperatingsystem.
ThisapproachreducestheattacksurfaceandhelpssafeguardfromOS-relatedvulnerabilitiesmakingitthemostrobustandsecurevirtualizationplatformintheindustry—anexcellentplatformforrunningworkloadsinsecurityzones.
Examplesofworkloadstypicallyfoundinsecurityzonesincludewebservers,emailgateways,andproxyservices.
Itisverycommonfortheseworkloadstohavehighavailabilityrequirements.
FeaturessuchasvSphereHighAvailability,vSphereFaultTolerance,andvSphereDistributedResourceSchedulerhelpprotectvirtualizedapplicationsandservicesfromdowntimeassociatedwithhardwarefailuresandresourcecontention.
Thesefeaturesrequiresharedstorage,whichmeansaccesstointernallyhostedstoragenetworks(SANandNAS)arecommonlyextendedtosecurityzones.
Thispotentiallyopensupadditionaloptionsforhackerstogainaccesstointernalresourcesandleadstomorecomplexrewallcongurations.
Anotheroptionisadedicatedstorageappliancecontainedwithinthesecurityzone,butthissolutioncanbeexpensiveandaddmanagementoverhead.
Computeandstorageresourcesforasecurityzoneareideallyverysecure,simpletoimplement,cost-effective,andprovidetheperformanceandavailabilitylevelsnecessarytorunandprotectcritical,external-facingworkloads.
vSphereandVMwarevSANprovidethehyper-convergedinfrastructure(HCI)bestsuitedtomeettheserequirements.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentWhyvSANforaSecurityZonevSANisVMware'ssoftware-denedstoragesolutionforHCI.
vSANandvSphereprovideacomplete,nativelyintegratedplatformconsistingofcompute,network,andstorageresourcesthataresecureandisolatedfromtherestoftheinfrastructure.
SincedisksinternaltothevSpherehostsareusedtocreateavSANdatastore,thereisnodependencyonexternalsharedstorageappliances.
Virtualmachinescanbeassignedspecicstoragepoliciesbasedontheavailabilityandperformanceneedsoftheapplication.
External-facingworkloadsbenetfromdependablestorageandpredictableperformancecharacteristicswhileminimizingrisk.
vSANisbuiltonanoptimizedI/OdatapathinthevSpherehypervisor.
ItismanagedasacorecomponentofavSphereenvironmentmeaningseparateadministrationtoolsandconnectionsarenotrequired.
Thisminimizestheattacksurfaceandcomplexityofthecomputeandstorageinfrastructure.
Lowercomplexityreducesthechancesofamiscongurationthatcouldleadtovulnerability.
Virtualmachine-centricstoragepoliciesarecreatedandassignedforvariousworkloadtypes.
PoliciesarebasedupontheavailabilityandperformanceservicesprovidedbyvSAN.
Thesepoliciescanbemodiedandreassigned,asneeded,withnodowntime.
AccesstothevSANdatastoreisconnedtothehostsinthesamevSANcluster.
AdedicatedHCIwithvSphereandvSANhelpensurecontrolledaccess,predictableperformance,andavailabilityofapplicationsandservicesinasecurityzonewithoutincreasingrisk.
Runningworkloadsonaseparatecomputeandstorageplatformfacilitatesmoreexibilitywithmaintenanceschedules.
vSANincludesahealthdashboard,whichautomaticallymonitorsandalertsonitemssuchasoveralldiskhealth,hardwarecompatibilitylist(HCL)compliance,networkconnectivityissues,andhighutilization.
Ifanalertisraised,administratorscaneasilyandquicklystartassessingtheissuebyclickingtheAskVMwarebuttoninthevSANHealthuserinterface,whichtakesthemdirectlytotherelevantVMwareknowledgebasearticle.
TimelyalertsandissueresolutionisonemorewayvSANenablesasecureandstableplatformforbusinesscriticalapplications.
NativeDataatRestEncryptionvSANencryptionisanoptionforvSANdatastorestofurtherimprovesecurityandprovidecompliancewithincreasinglystringentregulatoryrequirements.
SincevSANencryptionisnativetovSAN,iteliminatestheextracost,limitations,andcomplexityassociatedwithprocuringandmaintainingself-encryptingdrives.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAKeyManagementServer(KMS)isrequiredtoenableandusevSANencryption.
MultipleKMSvendorsarecompatibleincludingHyTrust,Gemalto(SafeNet),Thalese-Security,CloudLink,andVormetric.
AfteratrustrelationshiphasbeensetupbetweenVMwarevCenterServerandtheKMScluster,vSANencryptionisenabledwithjustafewmouseclicks.
vSANdatastoreencryptionisenabledandconguredatthedatastorelevel.
Inotherwords,everyobjectonthevSANdatastoreisencryptedwhenthisfeatureisenabled.
DataisencryptedusinganAES256cipherwhenitiswrittentopersistentmediainthecacheandcapacitytiersofavSANdatastore.
EncryptionoccursjustabovethedevicedriverlayerofthevSpherestoragestack,whichmeansitiscompatiblewithallvSANfeaturessuchasdeduplication,compression,andRAID-5/6erasurecoding.
vSANwithvSphereAvailabilityTheuseoflocaldiskdatastoreswithoutvSANintroducesrisktoapplicationuptime.
Forexample,onlyonecopyofavirtualmachine'slesisstoredonalocaldisk.
Ifthatdiskfails,thevirtualmachinelesmustberestoredfrombackupmedia,whichistimeconsumingandunreliable.
Itispossibletocreateasecondcopyofvirtualmachinelesonanotherdisk,buttheprocessisnotautomaticandmustbeperformedfrequently.
Therecoveryfromthissecondcopywouldalsobeamanualprocessincreasingriskandrecoverytime.
vSANaddressesthesechallengesbyaggregatinglocaldisksintoashareddatastoredistributedacrosshostsinthecluster.
vSANfeaturesastoragepolicyrulecalled"Primaryleveloffailurestotolerate"or"PFTT,"whichdenesthenumberofreplicasofavirtualmachine'slestodistributeacrossphysicalnodesinthevSANcluster.
Forexample,whenPFTT=1,vSANwillcreateandmaintaintwomirroredreplicasofthevirtualmachine'slesandplacethemonseparatehosts.
Ifadiskorhostcontainingoneofthosereplicasisoffline,thedataisstillaccessiblefromtheotherreplica.
vSphereHArequiressharedstorageandvSANistightlyintegratedwithvSphereHA.
Ifahostfails,virtualmachinesthatwererunningonthefailedhostareautomaticallyrebootedbyvSphereHAonotherhostsintheclustertominimizedowntime.
vSphereHAcanalsomonitorguestoperatingsystemsandautomaticallyrebootavirtualmachineintheeventofanoperatingsystemfailuresuchasaWindowsbluescreen.
vSphereFaultToleranceisalsocompatiblewithvSANandprovidescontinuousavailabilityforapplicationswithuptofourvirtualCPUsintheeventofahostfailure.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAvarietyofdataprotectionsolutionsareavailabletobackupandrecovervirtualmachinesandapplicationsinavSANcluster.
Checkwithyourdataprotectionvendortoverifysupportandlookforthe"VMwareReadyforvSAN"logo.
VirtualmachinereplicationsolutionssuchasDellEMCRecoverPointforVirtualMachinesandVMwarevSphereReplicationworksseamlesslywithvSANtoenablerapid,reliableper-virtualmachinerecovery.
vSANPerformancevSANisuniquelyembeddedinthevSpherehypervisorkernelandsitsdirectlyintheI/Odatapath.
ItcandeliverthehighestlevelsofperformancewithouttaxingtheCPUorconsuminghighamountsofmemoryresources,ascomparedtoothervirtualstorageappliancesthatrunseparatelyontopofthehypervisor.
All-ashvSANcongurationsprovideexcellentperformancewithpredictable,lowlatencies.
Acombinationofmagneticandsolidstatedrivescanbeusedtoenableash-acceleratedhybridcongurations.
Specicrulessuchas"Numberofdiskstripesperobject"and"Flashreadcachereservation(%)"canbeusedtoaccelerateread-intensiveworkloads—especiallyinhybridvSANcongurations.
WithvSAN,itispossibletoapplypolicieswithprecision.
Forexample,databaseserversarecommonlydeployedwiththeguestOSononevirtualdiskanddatabasesonothervirtualdisks.
Astoragepolicythatreservesahigherpercentageofashreadcachecouldbeassignedspecicallytothevirtualdiskscontainingdatabasestohelpguaranteeperformance.
VisibilityandProactiveNoticationswithvRealizeOperationsvSANincludesahealthcheckfeaturetomonitoritemssuchasnetworkconnectivity,diskcapacity,componentmetadata,andcompliancewiththehardwarecompatibilitylist(HCL).
Whilethismightbesufficientinmanycases,enhancedvisibilityandmanagementcapabilitiesacrossvSANclustersatmultiplelocationsareavailablewithVMwarevRealizeOperations.
vRealizeOperationsManagerincludesdashboardsforvSANsuchasCapacityOverview,OptimizevSANDeployments,andOperationsOverview.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentvRealizeOperationsfeaturespredictiveanalyticsandsmartalertstohelpensureoptimumperformanceandavailabilityofapplicationsandinfrastructures.
vRealizeOperationsManagerenablesadministratorstomonitorseveralfactorssuchasreadandwriteIOPS,throughput,latency,cachehits,writebufferutilization,andcapacity.
Capacityutilizationandtimeremainingmetricsarealsoincluded.
vRealizeOperationsanalyzesconsumptiontrendsandprovidesestimatesontheamountoftimeremainingbeforeresourcesareexhausted.
Thismakesiteasierforadministratorstoprocureadditionalcapacityinatimelymannertoavoidprojectdelaysandmoreseriousissuessuchasapplicationdowntimeduetolackoffreespace.
EasilyAddCapacitywithoutDowntimevSANisadistributedarchitecturethatallowsforelastic,non-disruptivescaling.
Computeandstoragecapacityisscaledoutsimplybybringinganewhostintothecluster.
Storagecapacityandperformancecanbescaledupindependentlybyaddingnewdrivestoexistinghosts.
This"grow-as-you-go"modelprovidespredictable,linearscalingforremoteofficeenvironmentswithaffordableinvestmentsspreadoutovertime.
SummaryvSANandvSphereprovidethebestHCIplatformforrunningvirtualmachineworkloadsrequiringpredictableperformanceandavailabilityinsecureenvironments.
vSpherehasachievedmultiplesecuritycerticationsandhasaproventrackrecord.
vSphereandvSANistherstandonlyHCIsolutionthatispartofaDISASTIG.
TheintegrationofvSANwithvSpherereducesriskthroughpolicy-basedmanagementandrole-basedaccesscontrol.
Importantservicessuchasexternal-facingwebsites,email,andemployeeremoteaccesscanbenetfromsharedstoragewithoutthecostandcomplexityofdedicatedstoragehardware.
Virtualmachine-centricstoragepoliciesarecreated,assigned,andmodied,asneedschangeintheenvironment.
MaintenancewindowsareeasiertoscheduleandtherearefeaturessuchasvSphereHAandvSphereReplicationtoenablerapidrecoveryfromunplanneddowntime.
vSANhealthmonitoringisincludedand,optionally,vRealizeOperationsManagementPackforStorageDevicesprovidesmultiplevSANdashboardsforproactivealerting,heatmaps,deviceandclusterinsights,andstreamlinedissueresolution.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
Asecurityzonetypicallycontainsexternal-facingservicesthatareaccessiblefromuntrustednetworkssuchastheInternet.
Othercommonusecasesforsecurityzonesareinternalisolationforclassiedenvironmentsordevelopmentinfrastructures.
Theprimarypurposeofthisarchitectureisaddinganotherlayerofsecuritytofurtherreducetheriskofunauthorizedaccesstoanorganization'sinternalnetwork,applications,anddata.
Oneofthemostsignicantthreatstosecurityinanyenvironmentismisconguration.
Complexityincreasesthepossibilityofmisconguration,whichcouldleadtopotentialsecurityincidents.
VMwarevSphereuses"bare-metal"virtualization,sothehypervisorinterfacesdirectlywithserverhardwarewithouttheneedforamorecomplex,generaloperatingsystem.
ThisapproachreducestheattacksurfaceandhelpssafeguardfromOS-relatedvulnerabilitiesmakingitthemostrobustandsecurevirtualizationplatformintheindustry—anexcellentplatformforrunningworkloadsinsecurityzones.
Examplesofworkloadstypicallyfoundinsecurityzonesincludewebservers,emailgateways,andproxyservices.
Itisverycommonfortheseworkloadstohavehighavailabilityrequirements.
FeaturessuchasvSphereHighAvailability,vSphereFaultTolerance,andvSphereDistributedResourceSchedulerhelpprotectvirtualizedapplicationsandservicesfromdowntimeassociatedwithhardwarefailuresandresourcecontention.
Thesefeaturesrequiresharedstorage,whichmeansaccesstointernallyhostedstoragenetworks(SANandNAS)arecommonlyextendedtosecurityzones.
Thispotentiallyopensupadditionaloptionsforhackerstogainaccesstointernalresourcesandleadstomorecomplexrewallcongurations.
Anotheroptionisadedicatedstorageappliancecontainedwithinthesecurityzone,butthissolutioncanbeexpensiveandaddmanagementoverhead.
Computeandstorageresourcesforasecurityzoneareideallyverysecure,simpletoimplement,cost-effective,andprovidetheperformanceandavailabilitylevelsnecessarytorunandprotectcritical,external-facingworkloads.
vSphereandVMwarevSANprovidethehyper-convergedinfrastructure(HCI)bestsuitedtomeettheserequirements.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentWhyvSANforaSecurityZonevSANisVMware'ssoftware-denedstoragesolutionforHCI.
vSANandvSphereprovideacomplete,nativelyintegratedplatformconsistingofcompute,network,andstorageresourcesthataresecureandisolatedfromtherestoftheinfrastructure.
SincedisksinternaltothevSpherehostsareusedtocreateavSANdatastore,thereisnodependencyonexternalsharedstorageappliances.
Virtualmachinescanbeassignedspecicstoragepoliciesbasedontheavailabilityandperformanceneedsoftheapplication.
External-facingworkloadsbenetfromdependablestorageandpredictableperformancecharacteristicswhileminimizingrisk.
vSANisbuiltonanoptimizedI/OdatapathinthevSpherehypervisor.
ItismanagedasacorecomponentofavSphereenvironmentmeaningseparateadministrationtoolsandconnectionsarenotrequired.
Thisminimizestheattacksurfaceandcomplexityofthecomputeandstorageinfrastructure.
Lowercomplexityreducesthechancesofamiscongurationthatcouldleadtovulnerability.
Virtualmachine-centricstoragepoliciesarecreatedandassignedforvariousworkloadtypes.
PoliciesarebasedupontheavailabilityandperformanceservicesprovidedbyvSAN.
Thesepoliciescanbemodiedandreassigned,asneeded,withnodowntime.
AccesstothevSANdatastoreisconnedtothehostsinthesamevSANcluster.
AdedicatedHCIwithvSphereandvSANhelpensurecontrolledaccess,predictableperformance,andavailabilityofapplicationsandservicesinasecurityzonewithoutincreasingrisk.
Runningworkloadsonaseparatecomputeandstorageplatformfacilitatesmoreexibilitywithmaintenanceschedules.
vSANincludesahealthdashboard,whichautomaticallymonitorsandalertsonitemssuchasoveralldiskhealth,hardwarecompatibilitylist(HCL)compliance,networkconnectivityissues,andhighutilization.
Ifanalertisraised,administratorscaneasilyandquicklystartassessingtheissuebyclickingtheAskVMwarebuttoninthevSANHealthuserinterface,whichtakesthemdirectlytotherelevantVMwareknowledgebasearticle.
TimelyalertsandissueresolutionisonemorewayvSANenablesasecureandstableplatformforbusinesscriticalapplications.
NativeDataatRestEncryptionvSANencryptionisanoptionforvSANdatastorestofurtherimprovesecurityandprovidecompliancewithincreasinglystringentregulatoryrequirements.
SincevSANencryptionisnativetovSAN,iteliminatestheextracost,limitations,andcomplexityassociatedwithprocuringandmaintainingself-encryptingdrives.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAKeyManagementServer(KMS)isrequiredtoenableandusevSANencryption.
MultipleKMSvendorsarecompatibleincludingHyTrust,Gemalto(SafeNet),Thalese-Security,CloudLink,andVormetric.
AfteratrustrelationshiphasbeensetupbetweenVMwarevCenterServerandtheKMScluster,vSANencryptionisenabledwithjustafewmouseclicks.
vSANdatastoreencryptionisenabledandconguredatthedatastorelevel.
Inotherwords,everyobjectonthevSANdatastoreisencryptedwhenthisfeatureisenabled.
DataisencryptedusinganAES256cipherwhenitiswrittentopersistentmediainthecacheandcapacitytiersofavSANdatastore.
EncryptionoccursjustabovethedevicedriverlayerofthevSpherestoragestack,whichmeansitiscompatiblewithallvSANfeaturessuchasdeduplication,compression,andRAID-5/6erasurecoding.
vSANwithvSphereAvailabilityTheuseoflocaldiskdatastoreswithoutvSANintroducesrisktoapplicationuptime.
Forexample,onlyonecopyofavirtualmachine'slesisstoredonalocaldisk.
Ifthatdiskfails,thevirtualmachinelesmustberestoredfrombackupmedia,whichistimeconsumingandunreliable.
Itispossibletocreateasecondcopyofvirtualmachinelesonanotherdisk,buttheprocessisnotautomaticandmustbeperformedfrequently.
Therecoveryfromthissecondcopywouldalsobeamanualprocessincreasingriskandrecoverytime.
vSANaddressesthesechallengesbyaggregatinglocaldisksintoashareddatastoredistributedacrosshostsinthecluster.
vSANfeaturesastoragepolicyrulecalled"Primaryleveloffailurestotolerate"or"PFTT,"whichdenesthenumberofreplicasofavirtualmachine'slestodistributeacrossphysicalnodesinthevSANcluster.
Forexample,whenPFTT=1,vSANwillcreateandmaintaintwomirroredreplicasofthevirtualmachine'slesandplacethemonseparatehosts.
Ifadiskorhostcontainingoneofthosereplicasisoffline,thedataisstillaccessiblefromtheotherreplica.
vSphereHArequiressharedstorageandvSANistightlyintegratedwithvSphereHA.
Ifahostfails,virtualmachinesthatwererunningonthefailedhostareautomaticallyrebootedbyvSphereHAonotherhostsintheclustertominimizedowntime.
vSphereHAcanalsomonitorguestoperatingsystemsandautomaticallyrebootavirtualmachineintheeventofanoperatingsystemfailuresuchasaWindowsbluescreen.
vSphereFaultToleranceisalsocompatiblewithvSANandprovidescontinuousavailabilityforapplicationswithuptofourvirtualCPUsintheeventofahostfailure.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAvarietyofdataprotectionsolutionsareavailabletobackupandrecovervirtualmachinesandapplicationsinavSANcluster.
Checkwithyourdataprotectionvendortoverifysupportandlookforthe"VMwareReadyforvSAN"logo.
VirtualmachinereplicationsolutionssuchasDellEMCRecoverPointforVirtualMachinesandVMwarevSphereReplicationworksseamlesslywithvSANtoenablerapid,reliableper-virtualmachinerecovery.
vSANPerformancevSANisuniquelyembeddedinthevSpherehypervisorkernelandsitsdirectlyintheI/Odatapath.
ItcandeliverthehighestlevelsofperformancewithouttaxingtheCPUorconsuminghighamountsofmemoryresources,ascomparedtoothervirtualstorageappliancesthatrunseparatelyontopofthehypervisor.
All-ashvSANcongurationsprovideexcellentperformancewithpredictable,lowlatencies.
Acombinationofmagneticandsolidstatedrivescanbeusedtoenableash-acceleratedhybridcongurations.
Specicrulessuchas"Numberofdiskstripesperobject"and"Flashreadcachereservation(%)"canbeusedtoaccelerateread-intensiveworkloads—especiallyinhybridvSANcongurations.
WithvSAN,itispossibletoapplypolicieswithprecision.
Forexample,databaseserversarecommonlydeployedwiththeguestOSononevirtualdiskanddatabasesonothervirtualdisks.
Astoragepolicythatreservesahigherpercentageofashreadcachecouldbeassignedspecicallytothevirtualdiskscontainingdatabasestohelpguaranteeperformance.
VisibilityandProactiveNoticationswithvRealizeOperationsvSANincludesahealthcheckfeaturetomonitoritemssuchasnetworkconnectivity,diskcapacity,componentmetadata,andcompliancewiththehardwarecompatibilitylist(HCL).
Whilethismightbesufficientinmanycases,enhancedvisibilityandmanagementcapabilitiesacrossvSANclustersatmultiplelocationsareavailablewithVMwarevRealizeOperations.
vRealizeOperationsManagerincludesdashboardsforvSANsuchasCapacityOverview,OptimizevSANDeployments,andOperationsOverview.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentvRealizeOperationsfeaturespredictiveanalyticsandsmartalertstohelpensureoptimumperformanceandavailabilityofapplicationsandinfrastructures.
vRealizeOperationsManagerenablesadministratorstomonitorseveralfactorssuchasreadandwriteIOPS,throughput,latency,cachehits,writebufferutilization,andcapacity.
Capacityutilizationandtimeremainingmetricsarealsoincluded.
vRealizeOperationsanalyzesconsumptiontrendsandprovidesestimatesontheamountoftimeremainingbeforeresourcesareexhausted.
Thismakesiteasierforadministratorstoprocureadditionalcapacityinatimelymannertoavoidprojectdelaysandmoreseriousissuessuchasapplicationdowntimeduetolackoffreespace.
EasilyAddCapacitywithoutDowntimevSANisadistributedarchitecturethatallowsforelastic,non-disruptivescaling.
Computeandstoragecapacityisscaledoutsimplybybringinganewhostintothecluster.
Storagecapacityandperformancecanbescaledupindependentlybyaddingnewdrivestoexistinghosts.
This"grow-as-you-go"modelprovidespredictable,linearscalingforremoteofficeenvironmentswithaffordableinvestmentsspreadoutovertime.
SummaryvSANandvSphereprovidethebestHCIplatformforrunningvirtualmachineworkloadsrequiringpredictableperformanceandavailabilityinsecureenvironments.
vSpherehasachievedmultiplesecuritycerticationsandhasaproventrackrecord.
vSphereandvSANistherstandonlyHCIsolutionthatispartofaDISASTIG.
TheintegrationofvSANwithvSpherereducesriskthroughpolicy-basedmanagementandrole-basedaccesscontrol.
Importantservicessuchasexternal-facingwebsites,email,andemployeeremoteaccesscanbenetfromsharedstoragewithoutthecostandcomplexityofdedicatedstoragehardware.
Virtualmachine-centricstoragepoliciesarecreated,assigned,andmodied,asneedschangeintheenvironment.
MaintenancewindowsareeasiertoscheduleandtherearefeaturessuchasvSphereHAandvSphereReplicationtoenablerapidrecoveryfromunplanneddowntime.
vSANhealthmonitoringisincludedand,optionally,vRealizeOperationsManagementPackforStorageDevicesprovidesmultiplevSANdashboardsforproactivealerting,heatmaps,deviceandclusterinsights,andstreamlinedissueresolution.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
- softwarecloudlink相关文档
- 公司cloudlink
- Designcloudlink
- failingcloudlink
- integralcloudlink
- venuecloudlink
- 兰德cloudlink
ftlcloud(超云)9元/月,1G内存/1核/20g硬盘/10M带宽不限/10G防御,美国云服务器
ftlcloud怎么样?ftlcloud(超云)目前正在搞暑假促销,美国圣何塞数据中心的云服务器低至9元/月,系统盘与数据盘分离,支持Windows和Linux,免费防御CC攻击,自带10Gbps的DDoS防御。FTL-超云服务器的主要特色:稳定、安全、弹性、高性能的云端计算服务,快速部署,并且可根据业务需要扩展计算能力,按需付费,节约成本,提高资源的有效利用率。点击进入:ftlcloud官方网站...
#消息# contabo:德国老牌机房新增美国“纽约、西雅图”数据中心,免设置费
运作了18年的德国老牌机房contabo在继去年4月开办了第一个美国数据中心(中部城市:圣路易斯)后立马在本月全新上马两个数据中心:纽约、西雅图。当前,为庆祝美国独立日,美国三个数据中心的VPS全部免除设置费,VPS本身的配置很高,价格适中,有较高的性价比!官方网站:https://contabo.com/en/SSD VPSKVM虚拟,纯SSD阵列,不限制流量,自带一个IPv4内存CPUSSD带...
ATCLOUD.NET-OVH海外高防云主机,采用KVM架构,稳定安全且便宜好用,仅3刀起
官方网站:点击访问ATCLOUD.NET官网优惠码:目前提供Cloud VPS与Storage VPS两款产品的六折优惠活动(续费同价,截止至2021年5月31日)优惠码:UMMBPBR20Z活动方案:一、型号CPU内存磁盘流量优惠价格购买链接VPS-1GB0.5×2.6+GHz1GB20GB1TB$3立即购买VPS-2GB1×2.6+GHz2GB50GB2TB$6立即购买VPS-4GB2×2.6...
cloudlink为你推荐
-
网站虚拟主机网站与虚拟主机与域名之间的关系是什么?网站空间租赁如何租用网站空间?怎么查看空间支持那些功能呢? 一般多少钱?美国主机租用租用美国服务器有什么优势?全能虚拟主机免费的虚拟主机不可以修改网站?租服务器租服务器是什么意思?域名注册查询如何查域名注册信息台湾vps虚拟主机,VPS,服务器,其中哪个流量最大?虚拟空间哪个好虚拟空间哪个好网站空间商网站备案为什么是空间商备案?求解虚拟主机系统虚拟主机怎么安装操作系统