softwarecloudlink
cloudlink 时间:2021-01-08 阅读:()
SOLUTIONOVERVIEWVMwarevSANSecurityZoneDeploymentVMwarevSphereClustersinSecurityZonesAsecurityzone,alsoreferredtoasa"DMZ,"isasub-networkthatisdesignedtoprovidetightlycontrolledconnectivitytoanorganization'sinternalITinfrastructureandapplications.
Asecurityzonetypicallycontainsexternal-facingservicesthatareaccessiblefromuntrustednetworkssuchastheInternet.
Othercommonusecasesforsecurityzonesareinternalisolationforclassiedenvironmentsordevelopmentinfrastructures.
Theprimarypurposeofthisarchitectureisaddinganotherlayerofsecuritytofurtherreducetheriskofunauthorizedaccesstoanorganization'sinternalnetwork,applications,anddata.
Oneofthemostsignicantthreatstosecurityinanyenvironmentismisconguration.
Complexityincreasesthepossibilityofmisconguration,whichcouldleadtopotentialsecurityincidents.
VMwarevSphereuses"bare-metal"virtualization,sothehypervisorinterfacesdirectlywithserverhardwarewithouttheneedforamorecomplex,generaloperatingsystem.
ThisapproachreducestheattacksurfaceandhelpssafeguardfromOS-relatedvulnerabilitiesmakingitthemostrobustandsecurevirtualizationplatformintheindustry—anexcellentplatformforrunningworkloadsinsecurityzones.
Examplesofworkloadstypicallyfoundinsecurityzonesincludewebservers,emailgateways,andproxyservices.
Itisverycommonfortheseworkloadstohavehighavailabilityrequirements.
FeaturessuchasvSphereHighAvailability,vSphereFaultTolerance,andvSphereDistributedResourceSchedulerhelpprotectvirtualizedapplicationsandservicesfromdowntimeassociatedwithhardwarefailuresandresourcecontention.
Thesefeaturesrequiresharedstorage,whichmeansaccesstointernallyhostedstoragenetworks(SANandNAS)arecommonlyextendedtosecurityzones.
Thispotentiallyopensupadditionaloptionsforhackerstogainaccesstointernalresourcesandleadstomorecomplexrewallcongurations.
Anotheroptionisadedicatedstorageappliancecontainedwithinthesecurityzone,butthissolutioncanbeexpensiveandaddmanagementoverhead.
Computeandstorageresourcesforasecurityzoneareideallyverysecure,simpletoimplement,cost-effective,andprovidetheperformanceandavailabilitylevelsnecessarytorunandprotectcritical,external-facingworkloads.
vSphereandVMwarevSANprovidethehyper-convergedinfrastructure(HCI)bestsuitedtomeettheserequirements.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentWhyvSANforaSecurityZonevSANisVMware'ssoftware-denedstoragesolutionforHCI.
vSANandvSphereprovideacomplete,nativelyintegratedplatformconsistingofcompute,network,andstorageresourcesthataresecureandisolatedfromtherestoftheinfrastructure.
SincedisksinternaltothevSpherehostsareusedtocreateavSANdatastore,thereisnodependencyonexternalsharedstorageappliances.
Virtualmachinescanbeassignedspecicstoragepoliciesbasedontheavailabilityandperformanceneedsoftheapplication.
External-facingworkloadsbenetfromdependablestorageandpredictableperformancecharacteristicswhileminimizingrisk.
vSANisbuiltonanoptimizedI/OdatapathinthevSpherehypervisor.
ItismanagedasacorecomponentofavSphereenvironmentmeaningseparateadministrationtoolsandconnectionsarenotrequired.
Thisminimizestheattacksurfaceandcomplexityofthecomputeandstorageinfrastructure.
Lowercomplexityreducesthechancesofamiscongurationthatcouldleadtovulnerability.
Virtualmachine-centricstoragepoliciesarecreatedandassignedforvariousworkloadtypes.
PoliciesarebasedupontheavailabilityandperformanceservicesprovidedbyvSAN.
Thesepoliciescanbemodiedandreassigned,asneeded,withnodowntime.
AccesstothevSANdatastoreisconnedtothehostsinthesamevSANcluster.
AdedicatedHCIwithvSphereandvSANhelpensurecontrolledaccess,predictableperformance,andavailabilityofapplicationsandservicesinasecurityzonewithoutincreasingrisk.
Runningworkloadsonaseparatecomputeandstorageplatformfacilitatesmoreexibilitywithmaintenanceschedules.
vSANincludesahealthdashboard,whichautomaticallymonitorsandalertsonitemssuchasoveralldiskhealth,hardwarecompatibilitylist(HCL)compliance,networkconnectivityissues,andhighutilization.
Ifanalertisraised,administratorscaneasilyandquicklystartassessingtheissuebyclickingtheAskVMwarebuttoninthevSANHealthuserinterface,whichtakesthemdirectlytotherelevantVMwareknowledgebasearticle.
TimelyalertsandissueresolutionisonemorewayvSANenablesasecureandstableplatformforbusinesscriticalapplications.
NativeDataatRestEncryptionvSANencryptionisanoptionforvSANdatastorestofurtherimprovesecurityandprovidecompliancewithincreasinglystringentregulatoryrequirements.
SincevSANencryptionisnativetovSAN,iteliminatestheextracost,limitations,andcomplexityassociatedwithprocuringandmaintainingself-encryptingdrives.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAKeyManagementServer(KMS)isrequiredtoenableandusevSANencryption.
MultipleKMSvendorsarecompatibleincludingHyTrust,Gemalto(SafeNet),Thalese-Security,CloudLink,andVormetric.
AfteratrustrelationshiphasbeensetupbetweenVMwarevCenterServerandtheKMScluster,vSANencryptionisenabledwithjustafewmouseclicks.
vSANdatastoreencryptionisenabledandconguredatthedatastorelevel.
Inotherwords,everyobjectonthevSANdatastoreisencryptedwhenthisfeatureisenabled.
DataisencryptedusinganAES256cipherwhenitiswrittentopersistentmediainthecacheandcapacitytiersofavSANdatastore.
EncryptionoccursjustabovethedevicedriverlayerofthevSpherestoragestack,whichmeansitiscompatiblewithallvSANfeaturessuchasdeduplication,compression,andRAID-5/6erasurecoding.
vSANwithvSphereAvailabilityTheuseoflocaldiskdatastoreswithoutvSANintroducesrisktoapplicationuptime.
Forexample,onlyonecopyofavirtualmachine'slesisstoredonalocaldisk.
Ifthatdiskfails,thevirtualmachinelesmustberestoredfrombackupmedia,whichistimeconsumingandunreliable.
Itispossibletocreateasecondcopyofvirtualmachinelesonanotherdisk,buttheprocessisnotautomaticandmustbeperformedfrequently.
Therecoveryfromthissecondcopywouldalsobeamanualprocessincreasingriskandrecoverytime.
vSANaddressesthesechallengesbyaggregatinglocaldisksintoashareddatastoredistributedacrosshostsinthecluster.
vSANfeaturesastoragepolicyrulecalled"Primaryleveloffailurestotolerate"or"PFTT,"whichdenesthenumberofreplicasofavirtualmachine'slestodistributeacrossphysicalnodesinthevSANcluster.
Forexample,whenPFTT=1,vSANwillcreateandmaintaintwomirroredreplicasofthevirtualmachine'slesandplacethemonseparatehosts.
Ifadiskorhostcontainingoneofthosereplicasisoffline,thedataisstillaccessiblefromtheotherreplica.
vSphereHArequiressharedstorageandvSANistightlyintegratedwithvSphereHA.
Ifahostfails,virtualmachinesthatwererunningonthefailedhostareautomaticallyrebootedbyvSphereHAonotherhostsintheclustertominimizedowntime.
vSphereHAcanalsomonitorguestoperatingsystemsandautomaticallyrebootavirtualmachineintheeventofanoperatingsystemfailuresuchasaWindowsbluescreen.
vSphereFaultToleranceisalsocompatiblewithvSANandprovidescontinuousavailabilityforapplicationswithuptofourvirtualCPUsintheeventofahostfailure.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAvarietyofdataprotectionsolutionsareavailabletobackupandrecovervirtualmachinesandapplicationsinavSANcluster.
Checkwithyourdataprotectionvendortoverifysupportandlookforthe"VMwareReadyforvSAN"logo.
VirtualmachinereplicationsolutionssuchasDellEMCRecoverPointforVirtualMachinesandVMwarevSphereReplicationworksseamlesslywithvSANtoenablerapid,reliableper-virtualmachinerecovery.
vSANPerformancevSANisuniquelyembeddedinthevSpherehypervisorkernelandsitsdirectlyintheI/Odatapath.
ItcandeliverthehighestlevelsofperformancewithouttaxingtheCPUorconsuminghighamountsofmemoryresources,ascomparedtoothervirtualstorageappliancesthatrunseparatelyontopofthehypervisor.
All-ashvSANcongurationsprovideexcellentperformancewithpredictable,lowlatencies.
Acombinationofmagneticandsolidstatedrivescanbeusedtoenableash-acceleratedhybridcongurations.
Specicrulessuchas"Numberofdiskstripesperobject"and"Flashreadcachereservation(%)"canbeusedtoaccelerateread-intensiveworkloads—especiallyinhybridvSANcongurations.
WithvSAN,itispossibletoapplypolicieswithprecision.
Forexample,databaseserversarecommonlydeployedwiththeguestOSononevirtualdiskanddatabasesonothervirtualdisks.
Astoragepolicythatreservesahigherpercentageofashreadcachecouldbeassignedspecicallytothevirtualdiskscontainingdatabasestohelpguaranteeperformance.
VisibilityandProactiveNoticationswithvRealizeOperationsvSANincludesahealthcheckfeaturetomonitoritemssuchasnetworkconnectivity,diskcapacity,componentmetadata,andcompliancewiththehardwarecompatibilitylist(HCL).
Whilethismightbesufficientinmanycases,enhancedvisibilityandmanagementcapabilitiesacrossvSANclustersatmultiplelocationsareavailablewithVMwarevRealizeOperations.
vRealizeOperationsManagerincludesdashboardsforvSANsuchasCapacityOverview,OptimizevSANDeployments,andOperationsOverview.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentvRealizeOperationsfeaturespredictiveanalyticsandsmartalertstohelpensureoptimumperformanceandavailabilityofapplicationsandinfrastructures.
vRealizeOperationsManagerenablesadministratorstomonitorseveralfactorssuchasreadandwriteIOPS,throughput,latency,cachehits,writebufferutilization,andcapacity.
Capacityutilizationandtimeremainingmetricsarealsoincluded.
vRealizeOperationsanalyzesconsumptiontrendsandprovidesestimatesontheamountoftimeremainingbeforeresourcesareexhausted.
Thismakesiteasierforadministratorstoprocureadditionalcapacityinatimelymannertoavoidprojectdelaysandmoreseriousissuessuchasapplicationdowntimeduetolackoffreespace.
EasilyAddCapacitywithoutDowntimevSANisadistributedarchitecturethatallowsforelastic,non-disruptivescaling.
Computeandstoragecapacityisscaledoutsimplybybringinganewhostintothecluster.
Storagecapacityandperformancecanbescaledupindependentlybyaddingnewdrivestoexistinghosts.
This"grow-as-you-go"modelprovidespredictable,linearscalingforremoteofficeenvironmentswithaffordableinvestmentsspreadoutovertime.
SummaryvSANandvSphereprovidethebestHCIplatformforrunningvirtualmachineworkloadsrequiringpredictableperformanceandavailabilityinsecureenvironments.
vSpherehasachievedmultiplesecuritycerticationsandhasaproventrackrecord.
vSphereandvSANistherstandonlyHCIsolutionthatispartofaDISASTIG.
TheintegrationofvSANwithvSpherereducesriskthroughpolicy-basedmanagementandrole-basedaccesscontrol.
Importantservicessuchasexternal-facingwebsites,email,andemployeeremoteaccesscanbenetfromsharedstoragewithoutthecostandcomplexityofdedicatedstoragehardware.
Virtualmachine-centricstoragepoliciesarecreated,assigned,andmodied,asneedschangeintheenvironment.
MaintenancewindowsareeasiertoscheduleandtherearefeaturessuchasvSphereHAandvSphereReplicationtoenablerapidrecoveryfromunplanneddowntime.
vSANhealthmonitoringisincludedand,optionally,vRealizeOperationsManagementPackforStorageDevicesprovidesmultiplevSANdashboardsforproactivealerting,heatmaps,deviceandclusterinsights,andstreamlinedissueresolution.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
Asecurityzonetypicallycontainsexternal-facingservicesthatareaccessiblefromuntrustednetworkssuchastheInternet.
Othercommonusecasesforsecurityzonesareinternalisolationforclassiedenvironmentsordevelopmentinfrastructures.
Theprimarypurposeofthisarchitectureisaddinganotherlayerofsecuritytofurtherreducetheriskofunauthorizedaccesstoanorganization'sinternalnetwork,applications,anddata.
Oneofthemostsignicantthreatstosecurityinanyenvironmentismisconguration.
Complexityincreasesthepossibilityofmisconguration,whichcouldleadtopotentialsecurityincidents.
VMwarevSphereuses"bare-metal"virtualization,sothehypervisorinterfacesdirectlywithserverhardwarewithouttheneedforamorecomplex,generaloperatingsystem.
ThisapproachreducestheattacksurfaceandhelpssafeguardfromOS-relatedvulnerabilitiesmakingitthemostrobustandsecurevirtualizationplatformintheindustry—anexcellentplatformforrunningworkloadsinsecurityzones.
Examplesofworkloadstypicallyfoundinsecurityzonesincludewebservers,emailgateways,andproxyservices.
Itisverycommonfortheseworkloadstohavehighavailabilityrequirements.
FeaturessuchasvSphereHighAvailability,vSphereFaultTolerance,andvSphereDistributedResourceSchedulerhelpprotectvirtualizedapplicationsandservicesfromdowntimeassociatedwithhardwarefailuresandresourcecontention.
Thesefeaturesrequiresharedstorage,whichmeansaccesstointernallyhostedstoragenetworks(SANandNAS)arecommonlyextendedtosecurityzones.
Thispotentiallyopensupadditionaloptionsforhackerstogainaccesstointernalresourcesandleadstomorecomplexrewallcongurations.
Anotheroptionisadedicatedstorageappliancecontainedwithinthesecurityzone,butthissolutioncanbeexpensiveandaddmanagementoverhead.
Computeandstorageresourcesforasecurityzoneareideallyverysecure,simpletoimplement,cost-effective,andprovidetheperformanceandavailabilitylevelsnecessarytorunandprotectcritical,external-facingworkloads.
vSphereandVMwarevSANprovidethehyper-convergedinfrastructure(HCI)bestsuitedtomeettheserequirements.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentWhyvSANforaSecurityZonevSANisVMware'ssoftware-denedstoragesolutionforHCI.
vSANandvSphereprovideacomplete,nativelyintegratedplatformconsistingofcompute,network,andstorageresourcesthataresecureandisolatedfromtherestoftheinfrastructure.
SincedisksinternaltothevSpherehostsareusedtocreateavSANdatastore,thereisnodependencyonexternalsharedstorageappliances.
Virtualmachinescanbeassignedspecicstoragepoliciesbasedontheavailabilityandperformanceneedsoftheapplication.
External-facingworkloadsbenetfromdependablestorageandpredictableperformancecharacteristicswhileminimizingrisk.
vSANisbuiltonanoptimizedI/OdatapathinthevSpherehypervisor.
ItismanagedasacorecomponentofavSphereenvironmentmeaningseparateadministrationtoolsandconnectionsarenotrequired.
Thisminimizestheattacksurfaceandcomplexityofthecomputeandstorageinfrastructure.
Lowercomplexityreducesthechancesofamiscongurationthatcouldleadtovulnerability.
Virtualmachine-centricstoragepoliciesarecreatedandassignedforvariousworkloadtypes.
PoliciesarebasedupontheavailabilityandperformanceservicesprovidedbyvSAN.
Thesepoliciescanbemodiedandreassigned,asneeded,withnodowntime.
AccesstothevSANdatastoreisconnedtothehostsinthesamevSANcluster.
AdedicatedHCIwithvSphereandvSANhelpensurecontrolledaccess,predictableperformance,andavailabilityofapplicationsandservicesinasecurityzonewithoutincreasingrisk.
Runningworkloadsonaseparatecomputeandstorageplatformfacilitatesmoreexibilitywithmaintenanceschedules.
vSANincludesahealthdashboard,whichautomaticallymonitorsandalertsonitemssuchasoveralldiskhealth,hardwarecompatibilitylist(HCL)compliance,networkconnectivityissues,andhighutilization.
Ifanalertisraised,administratorscaneasilyandquicklystartassessingtheissuebyclickingtheAskVMwarebuttoninthevSANHealthuserinterface,whichtakesthemdirectlytotherelevantVMwareknowledgebasearticle.
TimelyalertsandissueresolutionisonemorewayvSANenablesasecureandstableplatformforbusinesscriticalapplications.
NativeDataatRestEncryptionvSANencryptionisanoptionforvSANdatastorestofurtherimprovesecurityandprovidecompliancewithincreasinglystringentregulatoryrequirements.
SincevSANencryptionisnativetovSAN,iteliminatestheextracost,limitations,andcomplexityassociatedwithprocuringandmaintainingself-encryptingdrives.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAKeyManagementServer(KMS)isrequiredtoenableandusevSANencryption.
MultipleKMSvendorsarecompatibleincludingHyTrust,Gemalto(SafeNet),Thalese-Security,CloudLink,andVormetric.
AfteratrustrelationshiphasbeensetupbetweenVMwarevCenterServerandtheKMScluster,vSANencryptionisenabledwithjustafewmouseclicks.
vSANdatastoreencryptionisenabledandconguredatthedatastorelevel.
Inotherwords,everyobjectonthevSANdatastoreisencryptedwhenthisfeatureisenabled.
DataisencryptedusinganAES256cipherwhenitiswrittentopersistentmediainthecacheandcapacitytiersofavSANdatastore.
EncryptionoccursjustabovethedevicedriverlayerofthevSpherestoragestack,whichmeansitiscompatiblewithallvSANfeaturessuchasdeduplication,compression,andRAID-5/6erasurecoding.
vSANwithvSphereAvailabilityTheuseoflocaldiskdatastoreswithoutvSANintroducesrisktoapplicationuptime.
Forexample,onlyonecopyofavirtualmachine'slesisstoredonalocaldisk.
Ifthatdiskfails,thevirtualmachinelesmustberestoredfrombackupmedia,whichistimeconsumingandunreliable.
Itispossibletocreateasecondcopyofvirtualmachinelesonanotherdisk,buttheprocessisnotautomaticandmustbeperformedfrequently.
Therecoveryfromthissecondcopywouldalsobeamanualprocessincreasingriskandrecoverytime.
vSANaddressesthesechallengesbyaggregatinglocaldisksintoashareddatastoredistributedacrosshostsinthecluster.
vSANfeaturesastoragepolicyrulecalled"Primaryleveloffailurestotolerate"or"PFTT,"whichdenesthenumberofreplicasofavirtualmachine'slestodistributeacrossphysicalnodesinthevSANcluster.
Forexample,whenPFTT=1,vSANwillcreateandmaintaintwomirroredreplicasofthevirtualmachine'slesandplacethemonseparatehosts.
Ifadiskorhostcontainingoneofthosereplicasisoffline,thedataisstillaccessiblefromtheotherreplica.
vSphereHArequiressharedstorageandvSANistightlyintegratedwithvSphereHA.
Ifahostfails,virtualmachinesthatwererunningonthefailedhostareautomaticallyrebootedbyvSphereHAonotherhostsintheclustertominimizedowntime.
vSphereHAcanalsomonitorguestoperatingsystemsandautomaticallyrebootavirtualmachineintheeventofanoperatingsystemfailuresuchasaWindowsbluescreen.
vSphereFaultToleranceisalsocompatiblewithvSANandprovidescontinuousavailabilityforapplicationswithuptofourvirtualCPUsintheeventofahostfailure.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAvarietyofdataprotectionsolutionsareavailabletobackupandrecovervirtualmachinesandapplicationsinavSANcluster.
Checkwithyourdataprotectionvendortoverifysupportandlookforthe"VMwareReadyforvSAN"logo.
VirtualmachinereplicationsolutionssuchasDellEMCRecoverPointforVirtualMachinesandVMwarevSphereReplicationworksseamlesslywithvSANtoenablerapid,reliableper-virtualmachinerecovery.
vSANPerformancevSANisuniquelyembeddedinthevSpherehypervisorkernelandsitsdirectlyintheI/Odatapath.
ItcandeliverthehighestlevelsofperformancewithouttaxingtheCPUorconsuminghighamountsofmemoryresources,ascomparedtoothervirtualstorageappliancesthatrunseparatelyontopofthehypervisor.
All-ashvSANcongurationsprovideexcellentperformancewithpredictable,lowlatencies.
Acombinationofmagneticandsolidstatedrivescanbeusedtoenableash-acceleratedhybridcongurations.
Specicrulessuchas"Numberofdiskstripesperobject"and"Flashreadcachereservation(%)"canbeusedtoaccelerateread-intensiveworkloads—especiallyinhybridvSANcongurations.
WithvSAN,itispossibletoapplypolicieswithprecision.
Forexample,databaseserversarecommonlydeployedwiththeguestOSononevirtualdiskanddatabasesonothervirtualdisks.
Astoragepolicythatreservesahigherpercentageofashreadcachecouldbeassignedspecicallytothevirtualdiskscontainingdatabasestohelpguaranteeperformance.
VisibilityandProactiveNoticationswithvRealizeOperationsvSANincludesahealthcheckfeaturetomonitoritemssuchasnetworkconnectivity,diskcapacity,componentmetadata,andcompliancewiththehardwarecompatibilitylist(HCL).
Whilethismightbesufficientinmanycases,enhancedvisibilityandmanagementcapabilitiesacrossvSANclustersatmultiplelocationsareavailablewithVMwarevRealizeOperations.
vRealizeOperationsManagerincludesdashboardsforvSANsuchasCapacityOverview,OptimizevSANDeployments,andOperationsOverview.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentvRealizeOperationsfeaturespredictiveanalyticsandsmartalertstohelpensureoptimumperformanceandavailabilityofapplicationsandinfrastructures.
vRealizeOperationsManagerenablesadministratorstomonitorseveralfactorssuchasreadandwriteIOPS,throughput,latency,cachehits,writebufferutilization,andcapacity.
Capacityutilizationandtimeremainingmetricsarealsoincluded.
vRealizeOperationsanalyzesconsumptiontrendsandprovidesestimatesontheamountoftimeremainingbeforeresourcesareexhausted.
Thismakesiteasierforadministratorstoprocureadditionalcapacityinatimelymannertoavoidprojectdelaysandmoreseriousissuessuchasapplicationdowntimeduetolackoffreespace.
EasilyAddCapacitywithoutDowntimevSANisadistributedarchitecturethatallowsforelastic,non-disruptivescaling.
Computeandstoragecapacityisscaledoutsimplybybringinganewhostintothecluster.
Storagecapacityandperformancecanbescaledupindependentlybyaddingnewdrivestoexistinghosts.
This"grow-as-you-go"modelprovidespredictable,linearscalingforremoteofficeenvironmentswithaffordableinvestmentsspreadoutovertime.
SummaryvSANandvSphereprovidethebestHCIplatformforrunningvirtualmachineworkloadsrequiringpredictableperformanceandavailabilityinsecureenvironments.
vSpherehasachievedmultiplesecuritycerticationsandhasaproventrackrecord.
vSphereandvSANistherstandonlyHCIsolutionthatispartofaDISASTIG.
TheintegrationofvSANwithvSpherereducesriskthroughpolicy-basedmanagementandrole-basedaccesscontrol.
Importantservicessuchasexternal-facingwebsites,email,andemployeeremoteaccesscanbenetfromsharedstoragewithoutthecostandcomplexityofdedicatedstoragehardware.
Virtualmachine-centricstoragepoliciesarecreated,assigned,andmodied,asneedschangeintheenvironment.
MaintenancewindowsareeasiertoscheduleandtherearefeaturessuchasvSphereHAandvSphereReplicationtoenablerapidrecoveryfromunplanneddowntime.
vSANhealthmonitoringisincludedand,optionally,vRealizeOperationsManagementPackforStorageDevicesprovidesmultiplevSANdashboardsforproactivealerting,heatmaps,deviceandclusterinsights,andstreamlinedissueresolution.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
- softwarecloudlink相关文档
- 公司cloudlink
- Designcloudlink
- failingcloudlink
- integralcloudlink
- venuecloudlink
- 兰德cloudlink
Boomer.Host(年付3.5美)休斯敦便宜VPS
Boomer.Host是一家比较新的国外主机商,虽然LEB自述 we’re now more than 2 year old,商家提供虚拟主机和VPS,其中VPS主机基于OpenVZ架构,数据中心为美国得克萨斯州休斯敦。目前,商家在LET发了两款特别促销套餐,年付最低3.5美元起,特别提醒:低价低配,且必须年付,请务必自行斟酌确定需求再入手。下面列出几款促销套餐的配置信息。CPU:1core内存:...
数脉科技8月促销,新客减400港币,BGP、CN2+BGP、阿里云线路低至350元
数脉科技(shuhost)8月促销:香港独立服务器,自营BGP、CN2+BGP、阿里云线路,新客立减400港币/月,老用户按照优惠码减免!香港服务器带宽可选10Mbps、30Mbps、50Mbps、100Mbps带宽,支持中文本Windows、Linux等系统。官方网站:https://www.shuhost.com* 更大带宽可在选购时选择同样享受优惠。* 目前仅提供HKBGP、阿里云产品,香港...
piayun(pia云)240元/季起云服务器,香港限时季付活动,cn2线路,4核4G15M
pia云怎么样?pia云是一家2018的开办的国人商家,原名叫哔哔云,目前整合到了魔方云平台上,商家主要销售VPS服务,采用KVM虚拟架构 ,机房有美国洛杉矶、中国香港和深圳地区,洛杉矶为crea机房,三网回程CN2 GIA,带20G防御。目前,Pia云优惠促销,年付全场8折起,香港超极速CN2季付活动,4核4G15M云服务器仅240元/季起,香港CN2、美国三网CN2深圳BGP优质云服务器超高性...
cloudlink为你推荐
-
域名注册公司一般公司注册的都是什么域名?中国域名注册中国十大域名注册商查询ip怎样查别人的ip地址?虚拟主机评测网请问这几个哪个虚拟主机好1g虚拟主机想买个1G虚拟主机,不限流量的,但不知道哪个建站网站靠谱,求推荐!虚拟主机服务商哪个虚拟主机的服务商比较好?西安虚拟主机如何评价虚拟主机的优劣新加坡虚拟主机请问新网的虚拟主机靠谱吗?四川虚拟主机四川java虚拟主机,哪里比较好域名交易域名过户办理流程/怎样办理域名过户?