Amazon primes S3 as backup facility

 

Cloud-attached storage backup.

Amazon Web Services has launched a new offsite backup service that replicates in-house application data to the Simple Storage Service (S3) cloud. 

The AWS Storage Gateway, currently in beta, involves installing a virtual appliance -- initially VMware ESXi 4.1 with wider support planned later -- between business applications and in-house storage.

The gateway takes snapshots and replicates it to S3. Data is transferred to S3 over a Secure Sockets Layer connection and from there it is encrypted using Advanced Encryption Standard 256 bit keys, according to Amazon. 

After installing the gateway, administrators would create "gateway storage volumes" which are attached to on-premise application servers as iSCSI devices.

There's also an option to mirror data, either as a disaster recovery strategy or to offload capacity to Amazon's Elastic Cloud 2 (EC2), achieved by uploading applications to S3 in the form of Amazon Elastic Block Storage (EBS) snapshots, then attaching the blocks to a compute instance through the management console or EC2 APIs.

Pricing for the service in Singapore's S3 starts at $US125 a gateway a month.

While Amazon's infrastructure may be more robust than many in-house systems, last year's extended outage in Western Europe highlighted it is far from impervious to the same types of issues that enterprises face, such as human error and power failures.

In Amazon's case, engineers spent days moving massive amounts of data to S3 before attempting to rebuild storage blocks that were mistakenly deleted during a botched de-duplication run.  

One criticism of the security set-up is that Amazon holds the encryption keys, offering "checkbox compliance", commented Dan Griffin, former Microsoft security executive and founder of JW Secure

"Commendably, during replication, the data traverses an encrypted tunnel (SSL). As well, when the data is received by Amazon’s storage gateway proxy in the cloud, it’s encrypted before it’s written to permanent storage.

"However, since Amazon has access to the encryption keys, that protection buys you checkbox compliance, but not much more. After all, whoever has access to the keys can decrypt the data, and that includes rogue system administrators, or even Amazon itself if under duress (subpoena, national security, etc.)."

Amazon's new backup service comes a week after its launch of another enterprise service, the NoSQL-based 'big data' offering for the enterprise, DynamoDB. 

Copyright © iTnews.com.au . All rights reserved.


Amazon primes S3 as backup facility
 
 
 
Top Stories
Don’t mention digital disruption to David Whiteing
Buzzwords don’t curry favour with CBA's new CIO - it’s all just innovation to him.
 
Content, cost & constant innovation: How Foxtel plans to take on Netflix
Nell Payne inhabits the “brave new world of blue strings and networking”. Just don't ask her to put a TV screen on your microwave.
 
Westpac fires starting pistol on core banking upgrade
St George readies itself for move to Celeriti.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Should Optus make a bid for iiNet?

   |   View results
Yes
  43%
 
No
  57%
TOTAL VOTES: 614

Vote