Compression and encryption are everywhere. Whether you are uploading videos to Facebook, watching Netflix or doing online shopping or banking, you will be interacting with systems that are (hopefully) employing the best available compression and encryption for your connection. The goals being a fast easy experience that is also secure. For the user, the main point being that they don’t actually configure anything, they just assume clever things are happening. This means these technologies are both ubiquitous and autonomous.
At Actifio, we have the same attitude: you don’t want to spend time setting up compression and encryption, you just want them to be used. But it is a fair question to ask: Are you guys actually doing this? So let’s take a look!
Efficient Data Movement
Since all data movement within Actifio is incremental forever, this means we only ever move (and store) changed data between points in time. In practical terms this means when Actifio creates an image of an application, it creates a full copy for the first snapshot and then uses efficient changed block tracking technologies to limit all future snapshots to changed data only. This means that since future snapshots are incremental, that all other data processing that needs to be done is also incremental forever. Data may be encrypted and compressed at rest depending on selected options. Let’s look at some examples:
Disaster Recovery Replication:
When performing DR Replication with Actifio Streamsnap, the replication from the local Actifio Snapshot Pool to the remote Actifio Snapshot pool is encrypted in flight compressed and incremental forever. As an option you can disable compression, but this is normally not needed. As an alternative for lower bandwidth links the administrator can instead opt for Dedup Async (DAR) which is Encrypted in flight, pre-compressed and pre-deduped (and incremental forever).
Object Storage Replication:
When using object storage, the Actifio Snapshot Pool to object Storage traffic is encrypted in flight, pre-compressed and incremental forever. Source application to object storage (Direct2OnVault) is encrypted in flight, pre-compressed and incremental forever. As an option you can disable compression, but this is normally not needed.
Encryption Methods
Actifio appliances always communicate with each other using SSL, meaning all data is sent using SSL encryption, plus when Actifio communicates with object storage providers we always use HTTPS to communicate, meaning all data is sent and received using SSL encryption. This also applies to API traffic to IAAS providers like AWS and GCE.
Space saving and security technologies
Actifio supports three kinds of storage pool:
- Snapshot Pools: Actifio Sky Appliances compress snapshot pools by default and can optionally encrypt at rest. If the backend storage supports encryption at rest this can also be used as it is ‘invisible’ to Actifio.
- Actifio Dedup pool: Data is compressed and deduplicated. Sky can optionally encrypt at rest.
- Object Storage: Data is pre-compressed by Actifio and encrypted based on whatever technologies are supported by the object storage vendor (pre-compression can be optionally disabled). If object side compression is supported then this could be optionally enabled.
Compression with Actifio OnVault
By default Actifio OnVault will pre-compress all data sent to object storage. This means the data is compressed prior to transmission to object (saving network bandwidth and any related bandwidth costs) and is stored compressed on the object side (saving storage consumption and any related storage costs). The compression method used allows the object storage to be both aware of this pre-compression and uncompress the objects if they are accessed directly, meaning Actifio Sky is not needed to de-compress the objects. It also means that Actifio does not depend on the object storage provider to provide compression (since not all of them do).
There are some limited exceptions to this and the Support Matrix will list those exceptions. So far we have seen some on-prem object storage solutions that do not support the pre-compression of objects, meaning that to get compression efficiencies in object storage, target side compression needs to be enabled. The data will always be sent and received uncompressed, but since these targets are normally onsite this should not be an issue.
Note also that if data is pre-compressed then additional compression used during flight or storage, may not yield additional savings.
What does all this mean to you? It means lower bandwidth costs, lower storage costs and the confidence that when data is shipped, it is done so in a secure and efficient manner. All the things you presume are happening, are actually happening. And thats as it should be.
Want to learn more? See how Actifio works!