Virtual benefits
We know that if business continuity is a key objective of an organisation, it means that operations are up and running 24x7. Best practices suggest using geographic redundancy to establish multiple data centres or sites located in different geographic regions, each with replicated applications and data. Do you need to replicate everything? No, not necessarily, just those things that are deemed mission critical. Some organisations will feel that the bulk of their applications and data are mission critical, whereas others will have a smaller subset. You can implement geographic redundancy in a number of ways. You could choose to deploy multiple sites and use a commercial application to duplicate applications and data; which will be a significant investment. Today, most IT managers still build redundant sites as a backup and manually manage data replication and failover to the secondary site when needed. So they have their site sitting there inert as an insurance policy, but also as a non-performing asset. By virtualizing data centre resources at both sites, you can turn non-performing assets (with the exception of a disaster) into ongoing available assets that will function in a distributed scenario to achieve maximum reliability and performance regardless of location. For example, in an active-active data centre configuration, you could do data replication, upgrades, and maintenance on a more-frequent basis, increasing your overall uptime and time-to-market for services. And there are other benefits to virtualization when you look at the data centre itself. Let’s say you need maximum availability and high performance for your applications and data. You can deploy one very reliable midrange server with RAID and redundant power supplies that cost you half a million dollars. However, you’re still going to have a single point of failure because it’s a single system. You could also try to achieve those business objectives by throwing very expensive hardware at it, trusting that all the components will keep running. A better practice is to virtualize your server and application resources, which is much more cost effective and a better overall architecture. Instead of deploying that very expensive mid-range system, virtualize multiple, low-cost, high performance servers with applications and data, so when one server goes down, you’re not impacted. This gives you the opportunity to achieve high availability and performance without breaking the bank. What to consider when virtualizing your data centre Also, can the underlying applications be replicated in real time between redundant sites so that they can resolve requests at any site at any time, ensuring that the data is current? If you can’t replicate the data in real time, there might still be an opportunity to virtualize redundant sites if the data being served doesn’t require up-to-the-minute freshness. There are a lot of scenarios where that does makes sense. What day-old data is acceptable? Ultimately, you have to look at the underlying application infrastructure to determine what you can virtualize. The same is true for virtualizing connectivity and links. You also have to consider the amount of data and performance during the replication process. In this case, the primary challenge is not about the bandwidth or link capacity. The challenge is how much of that data can be concurrently transferred or put into the pipe while eliminating the protocol communication overhead. We’ve seen customers with OC-3 connectivity between data centres, but their replication process only uses a fraction of that pipe. They have a lot of data to transfer and it just trickles into the pipe, so replication literally takes days to complete – it’s just not efficient. Fortunately, there are solutions out there that use symmetrical WAN acceleration to mitigate this situation. So replication processes that took days to finish now get completed in hours. That’s a better model and a better use of the underlying infrastructure, which includes available bandwidth. The benefits of data centre virtualization With virtualization, there’s efficiency in the underlying hardware requirements. In essence, you need less hardware or less expensive hardware to do the same work. You can get five times the performance for a third of the cost when you compare a midrange system to a modest server farm. If I can put 10 of those low-cost servers in a virtualized resource pool, I’ve got five to 10 times the power of the most powerful midrange system at a third of the cost. By virtualizing my servers, I not only realize a tremendous cost savings, but I have a much better architecture for availability and ongoing maintenance. If I need to bring one server down it doesn’t impact the others, and I can gracefully add in and take out systems to support my underlying architecture. For things like ongoing maintenance and management, there are significant efficiencies to be realized. For redundant active-active data centres that are managed by an intelligent DNS system, I can very easily bring down one data centre for maintenance without affecting the other data centres or impacting users. The benefits of virtualization really run the gamut—ongoing maintenance and management, reduction of hardware acquisition costs, and better architecture for availability, security, and performance. This is why virtualization is really becoming the standard for how you design your IT resources for the future. Virtualization really isn’t a new concept, though. What is new is thinking about all the points in the WAN and LAN infrastructure where you can realize virtualization benefits regardless of where you started out. Consider this: you want your worldwide employees to securely access your network and applications at any time from any device and from any location. Sometimes sites go down for maintenance, connectivity reasons, and disasters. If you provide worldwide access, but it’s only available 95 percent of the time and it’s under performing 98 percent of the time, you’re not really achieving your goal of worldwide access 24x7. This is where virtualization integrated with access technologies like SSL VPN comes into play. Virtualization of distributed access devices that route users to the best possible site, which hosts your SSL VPN access control, gives them access to applications and network resources without any interruption of service. Routing users to the best available site is completely transparent and doesn’t require updating client software or reconfiguring clients, which we know is fraught with problems. Again, virtualization is a better model. So think about virtualization from a holistic architectural approach to fully realize its benefits. Conclusion All are key questions to ask first if you wish to experience the benefits of virtualizing your resources later. F5 Networks is exhibiting at Infosecurity Europe 2007. Now in its 12th year, the show continues to provide an education programme, new products and services, and over 300 exhibitors from every segment of the industry. Held on the 24th – 26th April 2007 in the Grand Hall, Olympia, this is a must attend event for all professionals involved in information security. www.infosec.co.uk
•Date: 16th March 2007• Region: UK/World •Type: Article •Topic: IT continuity |
