By -

Modernizing Branch Disaster Recovery

Hope for the best and plan for the worst: useful wisdom for life and enterprise IT strategy.

We’re not much for life advice here on the CTERA blog, but we are enthusiastic proponents of enterprise file services that make your organizational data accessible and secure. And an important aspect of enterprise file services is ensuring the uptime of users and offices around the world, with proper methods in place to recover from any scenario: fire, hardware failure, or, increasingly, a ransomware attack.

To that end, today we’ve announced a new Zero-Minute Disaster Recovery feature as part of our most recent update to the CTERA Enterprise File Services Platform. (You can read about other platform updates here.) Zero-minute DR means that CTERA cloud storage gateway customers can recover instantly and easily from any productivity-killing office outage and ensure their users are uninterrupted.

And while we’re making a bit of noise about our office disaster recovery chops today, the truth is our gateways have been powering the business continuity agendas of global organizations for some time. The Carlyle Group, the world’s largest private equity firm, uses CTERA Zero-Minute Disaster Recovery to ensure the uptime of dozens of offices and the productivity of thousands of users around the world. You can hear Jeff Pisano, Carlyle’s vice president of IT, tell the story here about how he’s much more confident in IT organization’s ability to ensure business continuity. Similarly, global entertainment leader Live Nation modernized its branch disaster recovery infrastructure with CTERA; you can watch IT Director Matt McQuoid’s presentation from AWS re:invent here.

Depending on how you implement legacy approaches to branch disaster recovery, the process can be complex, slow, costly – or some variation of all three. An outage of an office file server can mean that business halts until perhaps a tape backup is successfully restored (fingers crossed) or a replacement server arrives. But CTERA takes a unique approach that provides file services with integrated rapid and efficient disaster recovery that’s based around our cloud storage gateway.

CTERA gateways are all-in-one office storage appliances with built-in NAS, backup, cross-site collaboration, and, central to our discussion today, zero-minute cloud failover. During normal operation, users can access the local gateway as a file server, and any changes to files stored on the gateway are securely synced to the CTERA Portal, the back-end of the CTERA platform.

When a gateway is unavailable due to a disaster scenario or is experiencing an outage, CTERA technology can redirect network drives to the cloud copy of files instead of the unavailable gateway. File system structures and user file access permissions (ACLs) are enforced in the cloud, just as they were on the gateway (more on this later in the post). With file reads and writes seamlessly redirected to the cloud, users might not even notice the change, and the office doesn’t come to a standstill while you reboot your gateway or otherwise fix the situation.

Let’s explore the benefits for enterprises a bit further here, driven by some unique features of the CTERA platform:

  • Zero office downtime: Offices with traditional file server infrastructure can experience hours, days, or even weeks of downtime as they ship new hardware to an affected office, restore backups, etc. Offices with CTERA gateways resolve these issues instantaneously: global IT admins can instantly redirect users to the cloud, ensuring uninterrupted office operations and user productivity.
  • Significant cost savings and fewer headaches: There’s no need to deploy and manage expensive storage appliances running in parallel on-site or in the cloud. CTERA gateways’ built-in cloud failover enables organizations to save up to 80 percent vs. redundant hardware options. Additionally, CTERA’s file sync and storage is highly efficient, making best use of limited bandwidth and minimizing storage requirements.
  • Business continuity during internet outages: In addition to rapid recovery during gateway outages, CTERA gateways are uniquely architected to ensure complete file services availability and uptime even during internet connection outages. Because our platform keeps a copy of the file system at the edge of the network – on the gateway – organizations can access and collaborate on files in the event of an internet outage. Once the internet connection is restored, any file changes made will be synced between the gateway and the cloud.
  • Seamless failover of file access permissions: CTERA’s unique NT-ACL enforcement on both the local gateway and the cloud ensures users maintain the same permissions in cloud DR scenarios. The ACLs are constantly synced between the office and the cloud so that admins don’t need to maintain or migrate a separate set of permissions for the cloud.

Let’s spend a little more time on ACLs because they are an important aspect of disaster recovery.

For file system newcomers, ACLs (Access Control Lists) are used by operating systems to restrict access permissions (read, read/write, execute, etc.) of a folder or file to certain users or groups. NT-ACLs are ACLs used by the Windows family of operating systems, including server and consumer editions since 2000.

CTERA offers NT-ACL-aware failover to cloud, and NT-ACL enforcement on both the Portal and the gateway. This means users have the exact same file access and file shares in the cloud as they did locally, a benefit enabled by our NT-ACL sync across offices and clouds. Why’s this matter? Other solutions that offer local file access and cloud access don’t also support NT-ACLs on both cloud and file server/gateway, so that means the file permissions for the cloud are managed separately from the Active Directory/NT-ACL permissions. So if you change which groups can access a particular file/folder on a network drive that uses NT ACLs, the other vendors can’t also enforce that change in the cloud because it doesn’t sync those permissions with the network drive.

It also means that you would need to do a migration of NT-ACL permissions into the cloud service, and you would probably need to demonstrate the that the cloud service permission method is compliant with all of your existing processes/permissions that rely on NT-ACLs. With CTERA none of that applies, and you can manage your ACL permissions headache-free.

The CTERA platform also has enterprise-file-sync-and-share (EFSS) agents, which is another approach for accessing the same files. As a consequence users have essentially ubiquitous access to a file server using both traditional methods (like CIFS/SMB) as well as modern methods (like EFSS). And it doesn’t matter which method is used, the existing NT-ACLs will be enforced.

(By the way, because CTERA can replicate NT-ACLs from existing Windows file servers to the cloud, we have a very seamless data migration process for organizations seeking to modernize data infrastructure. But that’s a story for another day.)

Give us a call if you’re looking to modernize how your disaster recovery initiatives and increase the efficiency of your branch storage infrastructure. Meanwhile, I’ll leave you with a few parting links and some bonus wisdom from Ben Franklin that applies to life and IT disaster recovery: Lost time is never found again.

Categories: Product News