softwarecloudlink
cloudlink 时间:2021-01-08 阅读:()
SOLUTIONOVERVIEWVMwarevSANSecurityZoneDeploymentVMwarevSphereClustersinSecurityZonesAsecurityzone,alsoreferredtoasa"DMZ,"isasub-networkthatisdesignedtoprovidetightlycontrolledconnectivitytoanorganization'sinternalITinfrastructureandapplications.
Asecurityzonetypicallycontainsexternal-facingservicesthatareaccessiblefromuntrustednetworkssuchastheInternet.
Othercommonusecasesforsecurityzonesareinternalisolationforclassiedenvironmentsordevelopmentinfrastructures.
Theprimarypurposeofthisarchitectureisaddinganotherlayerofsecuritytofurtherreducetheriskofunauthorizedaccesstoanorganization'sinternalnetwork,applications,anddata.
Oneofthemostsignicantthreatstosecurityinanyenvironmentismisconguration.
Complexityincreasesthepossibilityofmisconguration,whichcouldleadtopotentialsecurityincidents.
VMwarevSphereuses"bare-metal"virtualization,sothehypervisorinterfacesdirectlywithserverhardwarewithouttheneedforamorecomplex,generaloperatingsystem.
ThisapproachreducestheattacksurfaceandhelpssafeguardfromOS-relatedvulnerabilitiesmakingitthemostrobustandsecurevirtualizationplatformintheindustry—anexcellentplatformforrunningworkloadsinsecurityzones.
Examplesofworkloadstypicallyfoundinsecurityzonesincludewebservers,emailgateways,andproxyservices.
Itisverycommonfortheseworkloadstohavehighavailabilityrequirements.
FeaturessuchasvSphereHighAvailability,vSphereFaultTolerance,andvSphereDistributedResourceSchedulerhelpprotectvirtualizedapplicationsandservicesfromdowntimeassociatedwithhardwarefailuresandresourcecontention.
Thesefeaturesrequiresharedstorage,whichmeansaccesstointernallyhostedstoragenetworks(SANandNAS)arecommonlyextendedtosecurityzones.
Thispotentiallyopensupadditionaloptionsforhackerstogainaccesstointernalresourcesandleadstomorecomplexrewallcongurations.
Anotheroptionisadedicatedstorageappliancecontainedwithinthesecurityzone,butthissolutioncanbeexpensiveandaddmanagementoverhead.
Computeandstorageresourcesforasecurityzoneareideallyverysecure,simpletoimplement,cost-effective,andprovidetheperformanceandavailabilitylevelsnecessarytorunandprotectcritical,external-facingworkloads.
vSphereandVMwarevSANprovidethehyper-convergedinfrastructure(HCI)bestsuitedtomeettheserequirements.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentWhyvSANforaSecurityZonevSANisVMware'ssoftware-denedstoragesolutionforHCI.
vSANandvSphereprovideacomplete,nativelyintegratedplatformconsistingofcompute,network,andstorageresourcesthataresecureandisolatedfromtherestoftheinfrastructure.
SincedisksinternaltothevSpherehostsareusedtocreateavSANdatastore,thereisnodependencyonexternalsharedstorageappliances.
Virtualmachinescanbeassignedspecicstoragepoliciesbasedontheavailabilityandperformanceneedsoftheapplication.
External-facingworkloadsbenetfromdependablestorageandpredictableperformancecharacteristicswhileminimizingrisk.
vSANisbuiltonanoptimizedI/OdatapathinthevSpherehypervisor.
ItismanagedasacorecomponentofavSphereenvironmentmeaningseparateadministrationtoolsandconnectionsarenotrequired.
Thisminimizestheattacksurfaceandcomplexityofthecomputeandstorageinfrastructure.
Lowercomplexityreducesthechancesofamiscongurationthatcouldleadtovulnerability.
Virtualmachine-centricstoragepoliciesarecreatedandassignedforvariousworkloadtypes.
PoliciesarebasedupontheavailabilityandperformanceservicesprovidedbyvSAN.
Thesepoliciescanbemodiedandreassigned,asneeded,withnodowntime.
AccesstothevSANdatastoreisconnedtothehostsinthesamevSANcluster.
AdedicatedHCIwithvSphereandvSANhelpensurecontrolledaccess,predictableperformance,andavailabilityofapplicationsandservicesinasecurityzonewithoutincreasingrisk.
Runningworkloadsonaseparatecomputeandstorageplatformfacilitatesmoreexibilitywithmaintenanceschedules.
vSANincludesahealthdashboard,whichautomaticallymonitorsandalertsonitemssuchasoveralldiskhealth,hardwarecompatibilitylist(HCL)compliance,networkconnectivityissues,andhighutilization.
Ifanalertisraised,administratorscaneasilyandquicklystartassessingtheissuebyclickingtheAskVMwarebuttoninthevSANHealthuserinterface,whichtakesthemdirectlytotherelevantVMwareknowledgebasearticle.
TimelyalertsandissueresolutionisonemorewayvSANenablesasecureandstableplatformforbusinesscriticalapplications.
NativeDataatRestEncryptionvSANencryptionisanoptionforvSANdatastorestofurtherimprovesecurityandprovidecompliancewithincreasinglystringentregulatoryrequirements.
SincevSANencryptionisnativetovSAN,iteliminatestheextracost,limitations,andcomplexityassociatedwithprocuringandmaintainingself-encryptingdrives.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAKeyManagementServer(KMS)isrequiredtoenableandusevSANencryption.
MultipleKMSvendorsarecompatibleincludingHyTrust,Gemalto(SafeNet),Thalese-Security,CloudLink,andVormetric.
AfteratrustrelationshiphasbeensetupbetweenVMwarevCenterServerandtheKMScluster,vSANencryptionisenabledwithjustafewmouseclicks.
vSANdatastoreencryptionisenabledandconguredatthedatastorelevel.
Inotherwords,everyobjectonthevSANdatastoreisencryptedwhenthisfeatureisenabled.
DataisencryptedusinganAES256cipherwhenitiswrittentopersistentmediainthecacheandcapacitytiersofavSANdatastore.
EncryptionoccursjustabovethedevicedriverlayerofthevSpherestoragestack,whichmeansitiscompatiblewithallvSANfeaturessuchasdeduplication,compression,andRAID-5/6erasurecoding.
vSANwithvSphereAvailabilityTheuseoflocaldiskdatastoreswithoutvSANintroducesrisktoapplicationuptime.
Forexample,onlyonecopyofavirtualmachine'slesisstoredonalocaldisk.
Ifthatdiskfails,thevirtualmachinelesmustberestoredfrombackupmedia,whichistimeconsumingandunreliable.
Itispossibletocreateasecondcopyofvirtualmachinelesonanotherdisk,buttheprocessisnotautomaticandmustbeperformedfrequently.
Therecoveryfromthissecondcopywouldalsobeamanualprocessincreasingriskandrecoverytime.
vSANaddressesthesechallengesbyaggregatinglocaldisksintoashareddatastoredistributedacrosshostsinthecluster.
vSANfeaturesastoragepolicyrulecalled"Primaryleveloffailurestotolerate"or"PFTT,"whichdenesthenumberofreplicasofavirtualmachine'slestodistributeacrossphysicalnodesinthevSANcluster.
Forexample,whenPFTT=1,vSANwillcreateandmaintaintwomirroredreplicasofthevirtualmachine'slesandplacethemonseparatehosts.
Ifadiskorhostcontainingoneofthosereplicasisoffline,thedataisstillaccessiblefromtheotherreplica.
vSphereHArequiressharedstorageandvSANistightlyintegratedwithvSphereHA.
Ifahostfails,virtualmachinesthatwererunningonthefailedhostareautomaticallyrebootedbyvSphereHAonotherhostsintheclustertominimizedowntime.
vSphereHAcanalsomonitorguestoperatingsystemsandautomaticallyrebootavirtualmachineintheeventofanoperatingsystemfailuresuchasaWindowsbluescreen.
vSphereFaultToleranceisalsocompatiblewithvSANandprovidescontinuousavailabilityforapplicationswithuptofourvirtualCPUsintheeventofahostfailure.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAvarietyofdataprotectionsolutionsareavailabletobackupandrecovervirtualmachinesandapplicationsinavSANcluster.
Checkwithyourdataprotectionvendortoverifysupportandlookforthe"VMwareReadyforvSAN"logo.
VirtualmachinereplicationsolutionssuchasDellEMCRecoverPointforVirtualMachinesandVMwarevSphereReplicationworksseamlesslywithvSANtoenablerapid,reliableper-virtualmachinerecovery.
vSANPerformancevSANisuniquelyembeddedinthevSpherehypervisorkernelandsitsdirectlyintheI/Odatapath.
ItcandeliverthehighestlevelsofperformancewithouttaxingtheCPUorconsuminghighamountsofmemoryresources,ascomparedtoothervirtualstorageappliancesthatrunseparatelyontopofthehypervisor.
All-ashvSANcongurationsprovideexcellentperformancewithpredictable,lowlatencies.
Acombinationofmagneticandsolidstatedrivescanbeusedtoenableash-acceleratedhybridcongurations.
Specicrulessuchas"Numberofdiskstripesperobject"and"Flashreadcachereservation(%)"canbeusedtoaccelerateread-intensiveworkloads—especiallyinhybridvSANcongurations.
WithvSAN,itispossibletoapplypolicieswithprecision.
Forexample,databaseserversarecommonlydeployedwiththeguestOSononevirtualdiskanddatabasesonothervirtualdisks.
Astoragepolicythatreservesahigherpercentageofashreadcachecouldbeassignedspecicallytothevirtualdiskscontainingdatabasestohelpguaranteeperformance.
VisibilityandProactiveNoticationswithvRealizeOperationsvSANincludesahealthcheckfeaturetomonitoritemssuchasnetworkconnectivity,diskcapacity,componentmetadata,andcompliancewiththehardwarecompatibilitylist(HCL).
Whilethismightbesufficientinmanycases,enhancedvisibilityandmanagementcapabilitiesacrossvSANclustersatmultiplelocationsareavailablewithVMwarevRealizeOperations.
vRealizeOperationsManagerincludesdashboardsforvSANsuchasCapacityOverview,OptimizevSANDeployments,andOperationsOverview.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentvRealizeOperationsfeaturespredictiveanalyticsandsmartalertstohelpensureoptimumperformanceandavailabilityofapplicationsandinfrastructures.
vRealizeOperationsManagerenablesadministratorstomonitorseveralfactorssuchasreadandwriteIOPS,throughput,latency,cachehits,writebufferutilization,andcapacity.
Capacityutilizationandtimeremainingmetricsarealsoincluded.
vRealizeOperationsanalyzesconsumptiontrendsandprovidesestimatesontheamountoftimeremainingbeforeresourcesareexhausted.
Thismakesiteasierforadministratorstoprocureadditionalcapacityinatimelymannertoavoidprojectdelaysandmoreseriousissuessuchasapplicationdowntimeduetolackoffreespace.
EasilyAddCapacitywithoutDowntimevSANisadistributedarchitecturethatallowsforelastic,non-disruptivescaling.
Computeandstoragecapacityisscaledoutsimplybybringinganewhostintothecluster.
Storagecapacityandperformancecanbescaledupindependentlybyaddingnewdrivestoexistinghosts.
This"grow-as-you-go"modelprovidespredictable,linearscalingforremoteofficeenvironmentswithaffordableinvestmentsspreadoutovertime.
SummaryvSANandvSphereprovidethebestHCIplatformforrunningvirtualmachineworkloadsrequiringpredictableperformanceandavailabilityinsecureenvironments.
vSpherehasachievedmultiplesecuritycerticationsandhasaproventrackrecord.
vSphereandvSANistherstandonlyHCIsolutionthatispartofaDISASTIG.
TheintegrationofvSANwithvSpherereducesriskthroughpolicy-basedmanagementandrole-basedaccesscontrol.
Importantservicessuchasexternal-facingwebsites,email,andemployeeremoteaccesscanbenetfromsharedstoragewithoutthecostandcomplexityofdedicatedstoragehardware.
Virtualmachine-centricstoragepoliciesarecreated,assigned,andmodied,asneedschangeintheenvironment.
MaintenancewindowsareeasiertoscheduleandtherearefeaturessuchasvSphereHAandvSphereReplicationtoenablerapidrecoveryfromunplanneddowntime.
vSANhealthmonitoringisincludedand,optionally,vRealizeOperationsManagementPackforStorageDevicesprovidesmultiplevSANdashboardsforproactivealerting,heatmaps,deviceandclusterinsights,andstreamlinedissueresolution.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
Asecurityzonetypicallycontainsexternal-facingservicesthatareaccessiblefromuntrustednetworkssuchastheInternet.
Othercommonusecasesforsecurityzonesareinternalisolationforclassiedenvironmentsordevelopmentinfrastructures.
Theprimarypurposeofthisarchitectureisaddinganotherlayerofsecuritytofurtherreducetheriskofunauthorizedaccesstoanorganization'sinternalnetwork,applications,anddata.
Oneofthemostsignicantthreatstosecurityinanyenvironmentismisconguration.
Complexityincreasesthepossibilityofmisconguration,whichcouldleadtopotentialsecurityincidents.
VMwarevSphereuses"bare-metal"virtualization,sothehypervisorinterfacesdirectlywithserverhardwarewithouttheneedforamorecomplex,generaloperatingsystem.
ThisapproachreducestheattacksurfaceandhelpssafeguardfromOS-relatedvulnerabilitiesmakingitthemostrobustandsecurevirtualizationplatformintheindustry—anexcellentplatformforrunningworkloadsinsecurityzones.
Examplesofworkloadstypicallyfoundinsecurityzonesincludewebservers,emailgateways,andproxyservices.
Itisverycommonfortheseworkloadstohavehighavailabilityrequirements.
FeaturessuchasvSphereHighAvailability,vSphereFaultTolerance,andvSphereDistributedResourceSchedulerhelpprotectvirtualizedapplicationsandservicesfromdowntimeassociatedwithhardwarefailuresandresourcecontention.
Thesefeaturesrequiresharedstorage,whichmeansaccesstointernallyhostedstoragenetworks(SANandNAS)arecommonlyextendedtosecurityzones.
Thispotentiallyopensupadditionaloptionsforhackerstogainaccesstointernalresourcesandleadstomorecomplexrewallcongurations.
Anotheroptionisadedicatedstorageappliancecontainedwithinthesecurityzone,butthissolutioncanbeexpensiveandaddmanagementoverhead.
Computeandstorageresourcesforasecurityzoneareideallyverysecure,simpletoimplement,cost-effective,andprovidetheperformanceandavailabilitylevelsnecessarytorunandprotectcritical,external-facingworkloads.
vSphereandVMwarevSANprovidethehyper-convergedinfrastructure(HCI)bestsuitedtomeettheserequirements.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentWhyvSANforaSecurityZonevSANisVMware'ssoftware-denedstoragesolutionforHCI.
vSANandvSphereprovideacomplete,nativelyintegratedplatformconsistingofcompute,network,andstorageresourcesthataresecureandisolatedfromtherestoftheinfrastructure.
SincedisksinternaltothevSpherehostsareusedtocreateavSANdatastore,thereisnodependencyonexternalsharedstorageappliances.
Virtualmachinescanbeassignedspecicstoragepoliciesbasedontheavailabilityandperformanceneedsoftheapplication.
External-facingworkloadsbenetfromdependablestorageandpredictableperformancecharacteristicswhileminimizingrisk.
vSANisbuiltonanoptimizedI/OdatapathinthevSpherehypervisor.
ItismanagedasacorecomponentofavSphereenvironmentmeaningseparateadministrationtoolsandconnectionsarenotrequired.
Thisminimizestheattacksurfaceandcomplexityofthecomputeandstorageinfrastructure.
Lowercomplexityreducesthechancesofamiscongurationthatcouldleadtovulnerability.
Virtualmachine-centricstoragepoliciesarecreatedandassignedforvariousworkloadtypes.
PoliciesarebasedupontheavailabilityandperformanceservicesprovidedbyvSAN.
Thesepoliciescanbemodiedandreassigned,asneeded,withnodowntime.
AccesstothevSANdatastoreisconnedtothehostsinthesamevSANcluster.
AdedicatedHCIwithvSphereandvSANhelpensurecontrolledaccess,predictableperformance,andavailabilityofapplicationsandservicesinasecurityzonewithoutincreasingrisk.
Runningworkloadsonaseparatecomputeandstorageplatformfacilitatesmoreexibilitywithmaintenanceschedules.
vSANincludesahealthdashboard,whichautomaticallymonitorsandalertsonitemssuchasoveralldiskhealth,hardwarecompatibilitylist(HCL)compliance,networkconnectivityissues,andhighutilization.
Ifanalertisraised,administratorscaneasilyandquicklystartassessingtheissuebyclickingtheAskVMwarebuttoninthevSANHealthuserinterface,whichtakesthemdirectlytotherelevantVMwareknowledgebasearticle.
TimelyalertsandissueresolutionisonemorewayvSANenablesasecureandstableplatformforbusinesscriticalapplications.
NativeDataatRestEncryptionvSANencryptionisanoptionforvSANdatastorestofurtherimprovesecurityandprovidecompliancewithincreasinglystringentregulatoryrequirements.
SincevSANencryptionisnativetovSAN,iteliminatestheextracost,limitations,andcomplexityassociatedwithprocuringandmaintainingself-encryptingdrives.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAKeyManagementServer(KMS)isrequiredtoenableandusevSANencryption.
MultipleKMSvendorsarecompatibleincludingHyTrust,Gemalto(SafeNet),Thalese-Security,CloudLink,andVormetric.
AfteratrustrelationshiphasbeensetupbetweenVMwarevCenterServerandtheKMScluster,vSANencryptionisenabledwithjustafewmouseclicks.
vSANdatastoreencryptionisenabledandconguredatthedatastorelevel.
Inotherwords,everyobjectonthevSANdatastoreisencryptedwhenthisfeatureisenabled.
DataisencryptedusinganAES256cipherwhenitiswrittentopersistentmediainthecacheandcapacitytiersofavSANdatastore.
EncryptionoccursjustabovethedevicedriverlayerofthevSpherestoragestack,whichmeansitiscompatiblewithallvSANfeaturessuchasdeduplication,compression,andRAID-5/6erasurecoding.
vSANwithvSphereAvailabilityTheuseoflocaldiskdatastoreswithoutvSANintroducesrisktoapplicationuptime.
Forexample,onlyonecopyofavirtualmachine'slesisstoredonalocaldisk.
Ifthatdiskfails,thevirtualmachinelesmustberestoredfrombackupmedia,whichistimeconsumingandunreliable.
Itispossibletocreateasecondcopyofvirtualmachinelesonanotherdisk,buttheprocessisnotautomaticandmustbeperformedfrequently.
Therecoveryfromthissecondcopywouldalsobeamanualprocessincreasingriskandrecoverytime.
vSANaddressesthesechallengesbyaggregatinglocaldisksintoashareddatastoredistributedacrosshostsinthecluster.
vSANfeaturesastoragepolicyrulecalled"Primaryleveloffailurestotolerate"or"PFTT,"whichdenesthenumberofreplicasofavirtualmachine'slestodistributeacrossphysicalnodesinthevSANcluster.
Forexample,whenPFTT=1,vSANwillcreateandmaintaintwomirroredreplicasofthevirtualmachine'slesandplacethemonseparatehosts.
Ifadiskorhostcontainingoneofthosereplicasisoffline,thedataisstillaccessiblefromtheotherreplica.
vSphereHArequiressharedstorageandvSANistightlyintegratedwithvSphereHA.
Ifahostfails,virtualmachinesthatwererunningonthefailedhostareautomaticallyrebootedbyvSphereHAonotherhostsintheclustertominimizedowntime.
vSphereHAcanalsomonitorguestoperatingsystemsandautomaticallyrebootavirtualmachineintheeventofanoperatingsystemfailuresuchasaWindowsbluescreen.
vSphereFaultToleranceisalsocompatiblewithvSANandprovidescontinuousavailabilityforapplicationswithuptofourvirtualCPUsintheeventofahostfailure.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentAvarietyofdataprotectionsolutionsareavailabletobackupandrecovervirtualmachinesandapplicationsinavSANcluster.
Checkwithyourdataprotectionvendortoverifysupportandlookforthe"VMwareReadyforvSAN"logo.
VirtualmachinereplicationsolutionssuchasDellEMCRecoverPointforVirtualMachinesandVMwarevSphereReplicationworksseamlesslywithvSANtoenablerapid,reliableper-virtualmachinerecovery.
vSANPerformancevSANisuniquelyembeddedinthevSpherehypervisorkernelandsitsdirectlyintheI/Odatapath.
ItcandeliverthehighestlevelsofperformancewithouttaxingtheCPUorconsuminghighamountsofmemoryresources,ascomparedtoothervirtualstorageappliancesthatrunseparatelyontopofthehypervisor.
All-ashvSANcongurationsprovideexcellentperformancewithpredictable,lowlatencies.
Acombinationofmagneticandsolidstatedrivescanbeusedtoenableash-acceleratedhybridcongurations.
Specicrulessuchas"Numberofdiskstripesperobject"and"Flashreadcachereservation(%)"canbeusedtoaccelerateread-intensiveworkloads—especiallyinhybridvSANcongurations.
WithvSAN,itispossibletoapplypolicieswithprecision.
Forexample,databaseserversarecommonlydeployedwiththeguestOSononevirtualdiskanddatabasesonothervirtualdisks.
Astoragepolicythatreservesahigherpercentageofashreadcachecouldbeassignedspecicallytothevirtualdiskscontainingdatabasestohelpguaranteeperformance.
VisibilityandProactiveNoticationswithvRealizeOperationsvSANincludesahealthcheckfeaturetomonitoritemssuchasnetworkconnectivity,diskcapacity,componentmetadata,andcompliancewiththehardwarecompatibilitylist(HCL).
Whilethismightbesufficientinmanycases,enhancedvisibilityandmanagementcapabilitiesacrossvSANclustersatmultiplelocationsareavailablewithVMwarevRealizeOperations.
vRealizeOperationsManagerincludesdashboardsforvSANsuchasCapacityOverview,OptimizevSANDeployments,andOperationsOverview.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMwarevSANSecurityZoneDeploymentvRealizeOperationsfeaturespredictiveanalyticsandsmartalertstohelpensureoptimumperformanceandavailabilityofapplicationsandinfrastructures.
vRealizeOperationsManagerenablesadministratorstomonitorseveralfactorssuchasreadandwriteIOPS,throughput,latency,cachehits,writebufferutilization,andcapacity.
Capacityutilizationandtimeremainingmetricsarealsoincluded.
vRealizeOperationsanalyzesconsumptiontrendsandprovidesestimatesontheamountoftimeremainingbeforeresourcesareexhausted.
Thismakesiteasierforadministratorstoprocureadditionalcapacityinatimelymannertoavoidprojectdelaysandmoreseriousissuessuchasapplicationdowntimeduetolackoffreespace.
EasilyAddCapacitywithoutDowntimevSANisadistributedarchitecturethatallowsforelastic,non-disruptivescaling.
Computeandstoragecapacityisscaledoutsimplybybringinganewhostintothecluster.
Storagecapacityandperformancecanbescaledupindependentlybyaddingnewdrivestoexistinghosts.
This"grow-as-you-go"modelprovidespredictable,linearscalingforremoteofficeenvironmentswithaffordableinvestmentsspreadoutovertime.
SummaryvSANandvSphereprovidethebestHCIplatformforrunningvirtualmachineworkloadsrequiringpredictableperformanceandavailabilityinsecureenvironments.
vSpherehasachievedmultiplesecuritycerticationsandhasaproventrackrecord.
vSphereandvSANistherstandonlyHCIsolutionthatispartofaDISASTIG.
TheintegrationofvSANwithvSpherereducesriskthroughpolicy-basedmanagementandrole-basedaccesscontrol.
Importantservicessuchasexternal-facingwebsites,email,andemployeeremoteaccesscanbenetfromsharedstoragewithoutthecostandcomplexityofdedicatedstoragehardware.
Virtualmachine-centricstoragepoliciesarecreated,assigned,andmodied,asneedschangeintheenvironment.
MaintenancewindowsareeasiertoscheduleandtherearefeaturessuchasvSphereHAandvSphereReplicationtoenablerapidrecoveryfromunplanneddowntime.
vSANhealthmonitoringisincludedand,optionally,vRealizeOperationsManagementPackforStorageDevicesprovidesmultiplevSANdashboardsforproactivealerting,heatmaps,deviceandclusterinsights,andstreamlinedissueresolution.
VMware,Inc.
3401HillviewAvenuePaloAltoCA94304USATel877-486-9273Fax650-427-5001www.
vmware.
comCopyright2017VMware,Inc.
Allrightsreserved.
ThisproductisprotectedbyUSandinternationalcopyrightandintellectualpropertylaws.
VMwareproductsarecoveredbyoneormorepatentslistedathttp://www.
vmware.
com/go/patents.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
- softwarecloudlink相关文档
- 公司cloudlink
- Designcloudlink
- failingcloudlink
- integralcloudlink
- venuecloudlink
- 兰德cloudlink
Digital-vm80美元,1-10Gbps带宽日本/新加坡独立服务器
Digital-vm是一家成立于2019年的国外主机商,商家提供VPS和独立服务器租用业务,其中VPS基于KVM架构,提供1-10Gbps带宽,数据中心可选包括美国洛杉矶、日本、新加坡、挪威、西班牙、丹麦、荷兰、英国等8个地区机房;除了VPS主机外,商家还提供日本、新加坡独立服务器,同样可选1-10Gbps带宽,最低每月仅80美元起。下面列出两款独立服务器配置信息。配置一 $80/月CPU:E3-...
Hosteons:洛杉矶/纽约/达拉斯免费升级10Gbps端口,KVM年付21美元起
今年1月的时候Hosteons开始提供1Gbps端口KVM架构VPS,目前商家在LET发布消息,到本月30日之前,用户下单洛杉矶/纽约/达拉斯三个地区机房KVM主机可以从1Gbps免费升级到10Gbps端口,最低年付仅21美元起。Hosteons是一家成立于2018年的国外VPS主机商,主要提供VPS、Hybrid Dedicated Servers及独立服务器租用等,提供IPv4+IPv6,支持...
wordpress简洁英文主题 wordpress简洁通用型高级外贸主题
wordpress简洁英文主题,wordpress简洁通用大气的网站风格设计 + 更适于欧美国外用户操作体验,完善的外贸企业建站功能模块 + 更好的移动设备特色模块支持,更高效实用的后台自定义设置 + 标准高效的代码程序功能结构,更利于Goolge等国际搜索引擎的SEO搜索优化和站点收录排名。点击进入:wordpress简洁通用型高级外贸主题主题价格:¥3980 特 惠 价:¥1280安装环境:运...
cloudlink为你推荐
-
免备案虚拟空间香港免备案虚拟主机空间怎么样虚拟空间哪个好虚拟空间哪个好深圳网站空间菜鸟问:网站空间如何选择,与空间的基本知识?虚拟主机管理系统急!高分!比较好用的虚拟主机管理系统有哪些?虚拟主机管理系统如何用win虚拟主机管理系统搭建万网虚拟主机万网免费虚拟主机和收费虚拟主机有什么区别虚拟主机排名IDC全国十强是哪几个服务商中文域名中文域名是什么申请域名申请一个域名要多少钱?域名是什么什么是域名?域名是干什么用的?