• 门徒娱乐_门徒娱乐平台-(官方平台注册登录入口)

    Solution Background
    Solution Overview
    Information2 provides three ransomware protection solutions based on data replication technology: the basic CDP ransomware protection solution, the basic CDM ransomware protection solution, and the advanced black box ransomware protection solution (divided into file-level and database-level)
    Ransomware Protection: CDP, CDM, and black box technologies provide different levels of protection for data. In particular, the TEE confidential environment and WORM (Write Once Read Many) file system of the black box allow data to be written but not modified, effectively preventing ransomware intrusion.
    Data Recovery: CDP continuously monitors and captures written data, pushing it to the black box to create historical, recoverable microseconds-level time points. After a client failure, the required data can be quickly restored from this time point, complementing scheduled backups. Scheduled backups protect data security for the previous day, while CDP protects data security within the protection period, completing a closed loop of data protection.
    CDP Ransomware Protection Basic Solution
    Continuously captures data changes through data replication technology and stores them in a backup system in the form of logs. When data is compromised by ransomware or corrupted, it can be restored using CDP data.
    RPO: Microsecond-level
    RTO: Hour-level
    CDM Ransomware Protection Basic Solution
    Obtains data changes through data replication technology and saves the entire system in its original format as a replica. When the production system fails, it can be quickly mounted and restored without restoring the original system.
    RPO: Second-level
    RTO: Minute-level
    Black Box Ransomware Protection Advanced Solution - File Level
    Full data is packaged into black boxes daily, and incremental data is written into black boxes in real-time. During recovery, historical files can be retrieved and restored at microsecond-level granularity.
    RPO: Second-level
    RTO: Depends on the amount of data
    Black Box Ransomware Protection Advanced Solution - Database Level
    The database adopts quasi-real-time synchronization technology to pull online logs in real-time and write them into the black box.
    RPO: Approximately 0 (second-level)
    RTO: Minute-level; the target database can provide services immediately after applying logs.
    CDP Basic Solution
    CDP Overview
    i2CDP continuously replicates continuously changing data to the target server while recording data changes in the form of logs. In the event of a system failure, it quickly locates the required recovery point in time based on the data change logs and restores the data to a point before the anomaly with one click, ensuring data security and business continuity. For instance, after being infected by ransomware, the system can be restored to any point in time before the infection with one click. This software is suitable for critical information systems across various industries, such as trading systems in banks and securities companies, enterprise ERP systems, campus one-card systems, hospital HIS systems, etc., providing continuous protection for files and databases within these systems.
    CDP Protection and Recovery Process
    CDP Protection Process
    1.Configure CDP rules, specifying the directories or files to be protected, CDP data retention policies, etc.
    2.After submitting the CDP rules, the client initiates an initial full synchronization for the initial data synchronization.
    3.After the initial full data synchronization is completed, it automatically transitions to an incremental state, capturing incremental data in real-time and forming incremental time points for each incremental IO operation on the backup server.
    CDP Recovery Process
    1.Configure the CDP recovery task, selecting the desired recovery point in time, target server, and path.
    2.The backup software automatically merges data based on the selected recovery point in time.
    3.The backup server transfers the recovery data to the specified path on the target server.
    CDP Data Tamper-resistance
    The backup server provides an immutable storage solution at the kernel level, preventing ransomware from damaging CDP data and meeting data security and compliance requirements.
    It supports tamper-resistant drivers that cannot be uninstalled casually; configurable security policies to restrict non-backup processes from accessing storage read/write; alerts when untrusted processes attempt to operate on backup directories and are denied; and configurable threat perception policies to record tampering and access processes and frequencies.
    Solution Advantages
    Byte-level Replication and Efficient Transmission
    With bytes serving as the smallest unit for data capture, the volume of data that needs to be replicated is greatly reduced. The serialized transmission method is far more efficient than traditional backup transmission in scenarios with narrow bandwidth and remote transmission, and network speed limits can be set to ensure that bandwidth priority is given to production systems and business applications.
    Flexible Protection Strategies
    Flexibly set the time range and storage space required for data protection; automatically merge and delete historical data copies to strike a balance between continuous data protection duration and disk storage.
    Data Protection for Various Applications and Databases
    Apart from supporting real-time protection for unstructured data, it also supports real-time protection for databases such as Oracle, SQL Server, DB2, and ensures data consistency through byte-level replication technology.
    True Point-in-Time Recovery (True CDP)
    With precision down to one millionth of a second, data changes (including changes to actual data, owners, permissions, and other attributes) are recorded in log form, analyzed, and the changed portions are calculated and saved in the CDP data protection area. During recovery, specify the point in time and target location for rapid recovery, maintaining business continuity.
    Unified Management with Graphical Interface
    Intelligent installation wizards, flexible backup strategies; rich statistical information for easy viewing of backup results; supports custom alert settings with email notifications for abnormalities; supports automatic verification to check the recoverability and integrity of backup data; supports user permission management functions. Only one console is needed for centralized management of different databases.
    CDM Standard Solution
    CDM Overview
    i2CDM realizes real-time or scheduled backup of production environment operating systems, file systems, and database data to a backup server. Users can quickly generate multiple data copies from the backup data, which can be used for disaster recovery drills, development testing, and other purposes without affecting the operation of the production center. The data copies can be directly cleaned up after use without affecting the integrity of the backup data. Additionally, i2CDM supports using the cloud environment as the target platform for copy management, combining the elastic scalability of the cloud platform to provide more independent, fast, and economical data copy management services.
    CDM Appliance Solution
    i2CDM offers an all-in-one solution where the entire machine and application data of the production server are backed up to the target all-in-one machine through block replication technology, with multiple snapshot points retained according to the backup strategy. When restoration is needed, multiple copies can be cloned from snapshots on the target platform for data use. The copies barely occupy storage space, enabling disaster recovery drills and development testing without affecting the operation of the production center. The copies can be deleted after use. The CDM all-in-one machine is equipped with virtualization platform software, which can realize business emergency takeover and regular disaster recovery drills.
    When business systems and data are tampered with by ransomware, i2CDM can quickly build virtual machines on the virtual platform inside the all-in-one machine through historical snapshot points to achieve business emergency takeover.
    Without affecting the production system, users can conduct drills and validations on the copy data within the isolated network of the virtual platform to ensure the validity and correctness of the backup data. Additionally, the copy data can be used for development testing, data analysis, and other scenarios.
    CDM Cloud Solution
    The i2CloudCDM product provides cloud-based data copy management on cloud vendors' infrastructure, backing up production system data to cloud hosts and cloud storage through block replication technology. Through the API interfaces provided by the cloud platform, it can realize cloud-based emergency takeover and disaster recovery drills in an isolated VPC, and achieve minimal resource utilization in the cloud.
    When business systems and data are tampered with by ransomware, i2CloudCDM can quickly build cloud hosts through historical snapshot points in the cloud to achieve business emergency takeover.
    Without affecting the production system, users can conduct drills and validations on the copy data within the isolated VPC to ensure the validity and correctness of the backup data. Additionally, the copy data can be used for development testing, data analysis, and other scenarios.
    Solution Advantages
    Minimal Impact on Production Environment
    Traditional backup products require obtaining data changes since the last backup, resulting in significant disk IO usage during the backup period. However, Information2 is always based on continuous real-time data replication technology, eliminating the need for backup time windows and therefore avoiding IO peaks, ensuring uninterrupted business operations in the production environment.
    Excellent Network Transmission Performance
    Whether in a LAN or WAN, the network transmission performance for replicated data is excellent among similar products, with good adaptability to different environments and requirements in terms of stability and transmission efficiency.
    Strong Scalability and Protection of Existing Investments
    It offers convenient scalability, providing not only real-time backup protection for databases or important files but also disaster recovery switchover protection for virtual machines, significantly reducing the need for additional investments. Moreover, when switching databases, there is no need to purchase additional database modules, saving future investments. When new nodes are added, there is no need to modify the existing structure; only the disaster recovery software needs to be installed on the new nodes.
    Minute-level Business Recovery
    The copy data is saved in snapshot form on the backup storage. When recovery is needed, copies can be quickly generated from historical snapshot points, and data services can be provided through the virtual platform or cloud platform.
    Effective Storage Space Savings
    Helps users effectively manage data copies, reducing storage space requirements by 80% to 90% and procurement costs by over 75%. Based on snapshot technology, production data copies are obtained through permanent incremental backup, improving data copy acquisition efficiency by 70% compared to traditional backup or data pump export methods. It provides efficient data copy storage management services, integrates multiple technologies, resolves the drawbacks of traditional solutions, significantly improves the speed of user development and testing data circulation, and reduces the workload of DBAs.
    Application Scenarios
    Data Agile Services & Ransomware Protection
    Provide data copy support for development and testing environments: For massive data resources, generate test data within minutes and quickly deploy it into the test environment. Test data is based on virtual snapshot technology, significantly reducing the storage space occupied by test data. Snapshot cloning technology ensures that test data is readable and writable without altering the data source. It can also be used for ransomware protection.
    Business Emergency Takeover
    System downtime can result in lost customer revenue and reduced employee productivity. Use CDM to provide disaster recovery protection for the entire machine system's copy data. When the system fails, instead of restoring the original system, create a virtual machine using the copy data and restore the system to its latest state for external access.
    Hybrid Cloud Disaster Recovery
    Applications running in the local data center environment may face various unexpected situations. These situations can lead to extended downtime for critical applications, causing significant losses to your business. When applications within the private IDC cannot be restored in a short time, hybrid cloud disaster recovery services can help customers quickly launch applications on the remote disaster recovery cloud.
    Customer Case Study
    Case Name: Indonesia PAMA's Cloud-based CloudCDM Data Protection
    Customer Pain Points

    As a traditional energy and manufacturing enterprise, PAMA has been expanding its business scope and deepening its digital transformation. Consequently, it faces increasing security challenges such as cyberattacks, system scaling and upgrades, operational vulnerabilities, and natural disasters. The evolving hybrid IT architecture has exacerbated the difficulties of data backup and disaster recovery in heterogeneous environments. The nature of its industry demands high standards for business system and data security, as any unplanned business downtime or data damage can result in economic losses and reputational harm.
    Case Description

    PAMA adopted the CloudCDM software to transmit the application host images from its local data center to Huawei Cloud's Jakarta data center through encrypted transmission, enabling data backup on EVS hard disks in the cloud.
    In the event of a failure in the local production environment, the CloudCDM platform can quickly restore and launch business hosts in the cloud, ensuring a swift switch of core businesses to Huawei Cloud for continuity.
    Additionally, for its core ERP system, the Ellipse database cluster employs SQL semantic-level real-time replication technology to establish disaster recovery on Huawei Cloud, ensuring the integrity of the entire business system's cloud takeover and meeting the requirement for as short an RTO as possible.
    Case Value

    By utilizing a software-defined solution, the customer's challenges with data backup and disaster recovery from the local center to the cloud center were resolved, significantly enhancing the overall security of its digital systems.
    Through CloudCDM's advantages in data extraction, backup strategies, and drill testing, the customer achieved a more agile cloud-based disaster recovery mechanism, greatly improving the TCO of backup and recovery system construction.
    CloudCDM leverages Huawei Cloud's elastic cloud infrastructure resources and its ability to manage copies of massive data, facilitating easy elastic scaling of disaster recovery resources to safeguard more systems and data in the future.
    The visual Oracle RAC disaster recovery tool greatly simplifies management and operational costs while ensuring synchronization efficiency and disaster recovery effectiveness.
    Advanced Data Black Box Solution
    Introduction to Data Black Box
    The Data Black Box GaussStore provides a data black box protocol, utilizing parallel streaming replication algorithms, featuring high-security physical storage with one-time write, read-only data, and immutability, along with automatic elimination. Combined with the TEE (Trusted Execution Environment) confidential computing, it constructs a "secure environment."
    GaussStore: It employs mutual authentication between the database and GaussStore based on pre-configured credentials. Without credentials, no network connection can be established for communication, preventing hackers from impersonating the database or GaussStore to infiltrate the link and tamper with or steal data.
    TEE: It achieves hardware isolation based on the server hardware's resource security isolation capabilities, enabling isolation of buses, registers, and memory between the TEE and the HostOS. Only the TEE can access secure resources, and unauthorized software cannot access memory and data within the TEE environment.
    PCIPC and PCIe devices (such as network cards) securely pass through to the TEE environment without interaction or forwarding at the host layer, enabling direct connection between data preservation and storage within the TEE, invisible to the host and without the need for secondary encryption to affect performance.
    In terms of storage security, it provides WORM (Write Once Read Many) capabilities for data isolation protection, combined with the black box solution to achieve hardware-level data isolation. The network exposure surface is minimized, and process operations use a vault mode with a global WORM clock that users cannot modify.
    WORM File System
    Supports file access policy control and prevents command injection attacks.
    Addresses security risks: Hacker intrusion into WORM configuration and command injection attacks.
    Protective effects: Provides stronger access control than operating system privileges, ensures that files cannot be tampered with after writing, prevents command injection and other illegal intrusions, and allows for traceable auditing of all accesses/operations.
    Independent WORM Clock
    An internal WORM clock that users cannot modify.
    Addresses security risks: Attackers modifying the system clock to disrupt the WORM read-only state.
    Protective effects: Prevents attackers from expiring WORM files by modifying the clock or other methods to delete them.
    FlashLink High-Performance Read-Write Technology
    Technical challenge: Ensuring RPO=0 for the black box without slowing down production operations.
    Key technologies: Intelligent multi-core technology, large block sequential write technology, multi-stream partitioning technology, and end-to-end I/O priority, ensuring stable low latency and high IOPS for the black box.
    Technical effects: Enhances security while minimizing the impact on production performance and ensuring low latency.
    Database Replication Combined with Black Box Solution
    Intended scenario:
    MySQL-like (ISQL, GoldenDB), Oracle without offsite disaster recovery clusters, such as MySQL-like and Oracle databases deployed at domestic and overseas institutions, and other related databases.
    Data protection:
    A new database is established in the primary cluster room as a playback node. After the initial deployment, full data synchronization is performed from the primary cluster to the playback node, followed by continuous synchronization of incremental logs to the black box for asynchronous playback and updating of the database state by the playback node.
    Data protection process:
    Adding a playback node
    Deploy a new database in the primary cluster room as a playback node, perform full data synchronization with the primary cluster for the first time, and then disconnect this link to ensure data security
    Writing incremental logs to the black box
    The data replication platform interfaces with the black box, and incremental logs are asynchronously replicated and pushed to the black box via DRP with an RPO≈0.
    Log playback
    The playback node continuously pulls incremental logs from the black box for playback. Logs that have been pulled are deleted from the black box.
    Data recovery process:
    Log recovery
    When the primary cluster is unavailable, the playback cluster pulls incremental logs from the black box for recovery (complementing missing logs) and forcibly switches to the primary database, achieving an RTO≤5 minutes.
    Primary cluster restoration
    The playback cluster synchronizes data back to the primary cluster through full synchronization or backup restoration, and a cutover is performed during a scheduled time window for switchover.
    Solution Value
    multi-node data concentration
    Security Value:
    Depth of Defense: Establishes depth of defense against data corruption at the backend of the TEE, enhancing system security capabilities in conjunction with Kunpeng computing to form an end-to-end environment.
    Comprehensive Data Security System: Accumulated over years, it boasts a comprehensive data security capability representing the industry's top level (German BSI, CC, FIPS).
    Separation of Storage and Computing Value:
    High Data Availability: Separating computing nodes and storage nodes improves redundancy by retaining secure, complete, and usable data copies on storage nodes even when computing nodes are compromised.
    High System Availability: Storage features rapid detection and isolation mechanisms for slow/faulty disks and slow I/O, preventing performance risks and business downtime caused by such issues.
    High Architectural Reliability: Storage offers sub-health detection, secure snapshots, consistent snapshot groups, multi-tenancy, and multi-replica disaster recovery for high reliability.
    10-Day Free Trial Disaster recovery is a task. Data management is our mission

    Free Trial

    Please complete the captcha code first

    Captcha:

    Privacy
    When you register with partners on this website, this website will collect your relevant information and keep records. The personal information collected by this website includes but is not limited to: name, address, company, location, telephone number and e-mail address. The more and more accurate information you offer, the better we can provide you with relevant services.

    LinkedIn

    Email

    Share

    友情链接: