Rubrik -  - Kenneth Hui

Kenneth Hui

Ken is a Technical Marketing Engineer at Rubrik who is passionate about helping customers with building great solutions leveraging technologies such as VMware, OpenStack, AWS, Azure and containers. He lives in New York City where he can indulge in his love of great food from all around the world.

13 articles

Rubrik -  - Your Primer to AWS EC2 Protection

General Tech

Your Primer to AWS EC2 Protection

Are you on the cloud-native train? Nowadays, it seems everyone is building new stateless cloud-native applications or refactoring their old “jalopies” to become container-based, microservice-architected, cloud-native “Teslas.” However, that isn’t the reality when you speak with most users. Many are still hesitant to run production workloads in the cloud because they are not sure if their data will be protected and managed. Even current cloud users have concerns about the challenges of protecting their stateful data. Earlier this month, we announced Rubrik Alta 4.2, which extended our enterprise hybrid cloud data management capabilities. Based on customer demand, we’ve made simplifying the protection of cloud workloads a key component of our platform, beginning with Amazon Web Services (AWS) EC2 instance protection. Protecting EC2 instances centers on efficiently managing EBS snapshots and Amazon Machine Images. We’ll dive into how Rubrik simplifies AWS EC2 protection in a follow-up blog post. But first, we need to level-set our understanding of related AWS technologies and the possibilities and challenges they present.  Let’s begin with the different storage types that an EC2 instance uses. What is an EC2 Instance Store? An instance store is temporary or ephemeral block storage for EC2 instances. It’s a logical volume…
Rubrik -  - Encrypting Your Data in the Cloud: Rubrik CloudOut with Azure Blob Storage

Product

Encrypting Your Data in the Cloud: Rubrik CloudOut with Azure Blob Storage

In a previous post, I discussed the role of data encryption as a critical component of any company’s security posture and the potential pitfalls of not using encryption properly. This is magnified when you are talking about storing data outside of customer data centers in public cloud storage repositories such as Amazon S3, Azure Blob Storage, and Google Cloud Storage. Since the beginning, security has been a key pillar of Rubrik’s Cloud Data Management platform. Our engineers have built security into every aspect of the platform, from end-to-end encryption to immutable backups. Naturally, this obsession with security extends to our integration with the cloud. As customers adopt the cloud, many are leveraging our CloudOut capability for long-time archive in the public cloud, often as a replacement for tape. This approach is typically more cost effective, more reliable, and offers better response times in the event that data restoration is required. I recently spelled out how Rubrik secures data that is sent to the cloud by encrypting data both in transit and at rest using a variety of methodologies with AWS. This post gives a more in-depth look at Rubrik’s main principles for encrypting data in the cloud, including using the…
Rubrik -  - Encrypting Your Data in the Cloud: Rubrik CloudOut with Amazon S3

Architecture

Encrypting Your Data in the Cloud: Rubrik CloudOut with Amazon S3

In a previous post, I discussed the role of data encryption as a critical component of any company’s security posture and the potential pitfalls of not using encryption properly. This is magnified when you are talking about storing data outside of customer data centers in public cloud storage repositories such as Amazon S3, Azure Blob Storage, and Google Cloud Storage. Security is one of the key pillars of Rubrik’s Cloud Data Management platform, and we design security into every aspect of the platform. This includes end-to-end encryption, both in transit and at rest, which extends to our integration with public cloud providers. The majority of Rubrik customers take advantage of our CloudOut capability to store their backup data in one of the big three public cloud providers, often as a replacement for tape. This approach is typically more cost effective, more reliable, and offers better response times in the event that data restoration is required. To secure data uploaded via CloudOut, Rubrik enables encryption in transit using TLS and encryption at rest using various methodologies. No matter the cloud provider, Rubrik applies the same three key principles to how we encrypt customer data: Use the strongest encryption cipher available and…
Rubrik -  - Encrypting Your Data in the Cloud, Part 1: Why It Matters

General Tech

Encrypting Your Data in the Cloud, Part 1: Why It Matters

Data Breaches Are Trending While IT security in 2018 has been dominated with news about CPU vulnerabilities, we may very well look back on 2017 as the year of online data breaches and cloud data leaks. From stolen consumer data due to unpatched vulnerabilities to sensitive data leaks due to misconfigured cloud storage buckets, it seems that no one’s data was safe in 2017. For a number of reasons, this is a trend that is likely to continue in 2018 and beyond: The inexorable move from analog to digital means more and more of our data is being stored on computers and websites that are targets for hackers. For example, the Equifax breach impacted 145 million consumers who had personal information stolen. A greater percentage of company employees work remotely using a wide range of devices from desktops to smartphones. This expands the threat landscape and gives malicious actors more ways to compromise valuable data. The growth of the public cloud means that increasingly more data is being stored outside of company data centers in repositories that are accessible via public endpoints. This move to the cloud requires knowledge and skill sets that are still in short supply, leading to…
Rubrik -  - Want Google Cloud for Data Retention? Rubrik Has You Covered!

Product

Want Google Cloud for Data Retention? Rubrik Has You Covered!

Rubrik has long provided customers the option to archive backup data to public cloud storage offerings such as Amazon Web Services S3 and Microsoft Azure Blob Storage. Archiving data to public cloud storage has become an attractive alternative to tape media for customers who require off-site retention of backup data. Many users recognize that public cloud storage solutions provide better durability, scalability, resiliency, availability, and convenience than tape media — and at a lower price point. Continuing our commitment to provide customers with choice of public cloud options, Rubrik has added support for archiving to Google Cloud Storage in our new Alta 4.1 release. To better understand Rubrik’s integration, let’s first go over object storage technology and the basics of Google Cloud Storage. Object Storage Overview Google Cloud Storage is an object storage solution that is offered as part of the Google Cloud Platform. At its core, object storage offers users a non-hierarchical namespace in which they can store different types of data using simple HTTP calls. Typical use cases for object storage include: Hosting web pages, videos, and music files A repository for user home directories Backend storage for file-sharing applications such as Dropbox Archiving target for backup data…
Rubrik -  - Ready for Microsoft Azure Stack? Rubrik Is!

Product

Ready for Microsoft Azure Stack? Rubrik Is!

Today, a developer that enjoys the robust features and ease-of-use of public clouds is often constrained by the lack of comparable services in most private cloud solutions. Likewise, cloud operators who develop workflows for managing their public cloud infrastructure find they must create new workflows to manage their private cloud environment due to incompatible tooling and APIs. To address this gap, Microsoft created Azure Stack, which provides public cloud capabilities inside a user’s data center. What Is Azure Stack? Unlike most vendors, Microsoft didn’t attempt to create a private cloud platform that was compatible with public cloud. Instead, they built Azure Stack by instantiating Azure in a private cloud form factor as an extension of its public cloud. The best way to think about Azure Stack is as an on-premises extension of an Azure Cloud subscriptions. Microsoft’s goal with Azure Stack is to give users the same experience and capabilities as Azure Cloud, with common services, APIs, and interfaces. Source: White Paper – Azure Stack: An extension of Azure – 2017 In his blog post comparing Azure Stack with VMware Cloud on AWS, Massimo Re Ferre’ phrases it well when explaining that Microsoft “looked at it from the application architecture and…
Rubrik -  - Disaster Recovery in the Cloud with Rubrik, Part 2: The Architectures

General Tech

Disaster Recovery in the Cloud with Rubrik, Part 2: The Architectures

My previous blog post focused on leveraging the public cloud as a DR site for a primary on-premises environment. For this use case, there are several cloud DR options based on a user’s Recovery Time Objective (RTO), Recovery Point Objective (RPO), and financial requirements: Backup and Restore, Pilot Light, Warm Standby, and Hot Site. In this post, I will show how Rubrik’s Cloud Data Management Platform can be used to build out a DR site in the cloud, regardless of the option they choose. Using Rubrik for Disaster Recovery in the Cloud There are a number of approaches that users can take to move data to the cloud, from home-grown scripts to cloud vendor-specific tools to robust data management platforms. In his Gestalt IT blog post, Tim Carr cited Rubrik as a tool that facilitates data archiving to the cloud and provides orchestration capability to help automate the Backup and Recovery option. Rubrik also provides tools to help users build out and extend all four of the DR options. Specifically, there are three important capabilities in our Cloud Data Management platform that support this use case: CloudOut: Archive backup data to object storage platforms such as Amazon S3 or Azure Blob…
Rubrik -  - Disaster Recovery in the Cloud, Part 1: Knowing the Options

General Tech

Disaster Recovery in the Cloud, Part 1: Knowing the Options

I’ve had the opportunity to speak with many users about their plans for public cloud vendors and disaster recovery (DR). Specifically, users ask me about how they can use AWS or Azure as the DR target for their on-premises environment. This is also a topic that Tim Carr addresses in his recent Gestalt IT blog post. In the first of two blog posts, we will examine the different DR options in public cloud. Why Use Public Cloud for DR? The traditional approach to DR requires significant investment of time and resources. At minimum, users must consider how they would replicate their primary infrastructure to a secondary site. That secondary site needs to be procured, installed, and maintained. During normal operations, the secondary site will typically be under-utilized or over-provisioned. The cost of such an investment is beyond the means of many companies. Even for companies with the means, DR is seen as a sunk cost that delivers little return quarter over quarter. However, not having an adequate DR strategy is also something no company can afford. The public cloud offers a way for companies of all sizes to build DR sites with little upfront costs through a pay-as-you-go model. Options…
Rubrik -  - Accelerating Your Cloud Data Management Strategy

Product

Accelerating Your Cloud Data Management Strategy

In my previous blog post, I responded to a Gestalt IT article by Tim Carr that reviewed the typical stages of public cloud adoption in an enterprise. In particular, I focused on Rubrik solutions such as CloudOut, CloudOn, and Cloud Cluster, which provide customers with advanced data management capabilities for each phase of their cloud adoption journey. Tim has followed up his article with a deeper look at how enterprises are approaching phase 2 and the important role that cloud data management plays in their journey. Three areas of emphasis that Tim highlights are security, management tool sprawl, and cloud lock-in. These are areas that Rubrik has thought hard and long about as part of its “clean sheet” approach to data protection and cloud data management. Security While security should always be top of mind, it’s frequently an afterthought addressed in phase 2 or beyond in the cloud journey.  But any time you consider sending data off-premises over the internet, there should be questions about securing data in transit and at rest. Rubrik provides an end-to-end solution beginning with data encrypted as it is being backed up to our Rubrik nodes. Each file is encrypted using client-side encryption prior to data…