Architecture

Rubrik -  - Understanding Cloud Costs

Understanding Cloud Costs

Your company runs cloud infrastructure on AWS and it wants to reduce the spend.  You’ve already got a Savings Plan in place, you’ve right sized your instances, but when you look in Cost Explorer, the spend is still too big to believe. What do you do? If you take one thing away from this post let it be this – your objective should be to understand your costs. While reducing costs is important and valuable, reduction should comes as a consequence of understanding. The value of understanding cloud costs is something we at Rubrik discovered firsthand on our journey to reduce our bills. Below we’ll share anecdotes demonstrating our approach to achieving an understanding of our cloud spend, concrete examples of both successes and failures, and the learnings we picked up along the way.  These stories will include how:   Accurate attribution led to a speedy 10x reduction in a major account. Dogfooding led to a bug discovery, a fix, and corresponding savings. Using APIs and histograms allowed us to come to grips with reality. Process failure can be as important as software bugs. Rearchitecting resulted in a 600x reduction in CI/CD cost. At the core of success is a model…
Rubrik -  - Recovering Fast from Ransomware Attacks: The Magic of an Immutable Backup Architecture

Recovering Fast from Ransomware Attacks: The Magic of an Immutable Backup Architecture

Summary Ransomware has been blasting my news feeds on a daily basis for years. Each article details the story of an organization that can no longer access their business critical data. Where the attackers have crippled their victims by encrypting access to production files and storage devices. According to the Emsisoft Malware Lab, ransomware attacks in 2019 “impacted at least 966 government agencies, educational establishments and healthcare providers” at a potential cost in excess of $7.5 billion. Whilst cyber security teams have invested in a myriad of protection tools, extortionists continue to find new mechanisms to encrypt organizations’ data. Backups are one of the most – if not the most – important defense against ransomware. But if subject to corruption, attackers will use it against you. Advanced ransomware is now targeting backups – modifying or completely wiping them out – eliminating your last line of defense and driving large ransom payouts. Rubrik’s uniquely immutable filesystem natively prevents unauthorized access or deletion of backups, allowing IT teams to quickly restore to the most recent clean state with minimal business disruption. This blog walks you through our one-of-a-kind immutable architecture and robust security controls that harden your data from cyber attacks. The…
Rubrik -  - How Rubrik Datos IO Reduces NoSQL Backup Storage Up to 96.4%

How Rubrik Datos IO Reduces NoSQL Backup Storage Up to 96.4%

NoSQL databases are becoming mainstream. As enterprises deal with the changing characteristics of data and applications, many are leveraging the inherent speed and redundancy of NoSQL databases. But the downside of this native redundancy is that NoSQL databases typically store 3 or more copies of each piece of data, resulting in pricey backup and storage costs. Rubrik Datos IO (RDIO) provides powerful space efficiency capabilities in a modern data management product purpose-built for distributed architectures such as NoSQL databases. Our approach helps customers realize their NoSQL database deployments in an easy-to-use data protection solution that enables them to achieve up to 96.4% in backup storage savings. This blog post explores two major features that make this possible: semantic deduplication and incremental forever.   Rubrik Datos IO’s industry-first semantic deduplication is the answer to the fundamental shortcomings that traditional block-level deduplication encountered in the world of modern distributed NoSQL databases (MongoDB, Apache Cassandra, DataStax). I’ll dive into the limitations of two distributions of Cassandra, DataStax Enterprise and Apache Cassandra, and how RDIO addresses them. At a high-level, these deduplication shortcomings fall into two categories: compression and housekeeping. One of the main reasons NoSQL deduplication is challenging is that the majority of…
Rubrik -  - Kick Ransomware in the Teeth with Polaris Radar

Kick Ransomware in the Teeth with Polaris Radar

There’s a strong chance that you, a colleague, or a peer at another company has been hit by a ransomware attack. This means that someone penetrated your perimeter defense, likely through human phishing methods or insecure external access (such as RDP), and has landed malicious code within a permissive zone of your production environment. The outcome of these attacks comes in the form of encrypted content (files, folders, operating systems, etc.) that require cryptocurrency payment(s) to make it accessible once more. This pain can hit especially hard when: Identifying where the malicious code exists to remove or neuter it. Scoping out the damage and either paying the “ransom” or restoring data from backup. Determining how to prevent the intrusion from repeating, if possible. Fortunately, we at Rubrik understand this pain all too well. One of our earliest customers, Langs Building Supplies, had their production environment hit by a ransomware snag back in 2016. Their team acted quickly and used the immutable nature of Rubrik’s backups to recover the encrypted data without paying the ransom. Huzzah! Since then, we’ve taken the state of the art to a new frontier with the release of Radar, an application that lives on our Polaris…
Rubrik -  - Challenges of NoSQL Data Management: An Architect’s View

Challenges of NoSQL Data Management: An Architect’s View

More and more enterprises are adopting modern NoSQL databases like MongoDB and Apache Cassandra (DataStax) to enable rapid development of next-generation applications (AI/ML, IoT, eCommerce, customer experience). However, while these databases can help speed up application development, they lack enterprise-class recovery solutions, putting organizations at risk of data loss. While NoSQL databases offer capabilities such as cross data-center database replication, they do not provide point-in-time backup and recovery. If data errors are introduced or data is accidentally deleted, the databases’ redundant-node replication can lead to almost immediate corruption of critical data across all nodes. In this post, I’ll dive into NoSQL data protection requirements and the technical challenges that enterprise- grade data management solutions must address. Comprehensive data management is a must for running mission-critical applications in enterprise environments (private cloud, hybrid clouds, or public clouds). As the shift to these next-generation applications and NoSQL databases increases, we see new data management requirements emerging: Eventually-consistent databases require novel point-in-time techniques for consistent state across a database cluster. The elastic nature of next-generation databases necessitates backup and recovery to be highly available, scalable, and failure resilient. Backups need to be maintained in native (source) formats for advanced data management services such…
Rubrik -  - NAS Recovery for the Cloud Era

NAS Recovery for the Cloud Era

At Rubrik, we have architected our product for enterprise scale. Our typical NAS customer has at least a few hundred TBs, up to many PBs, of NAS in their environment.  Backing up this large of an environment while ensuring SLA compliance is a huge challenge for them, as it requires a platform that is highly parallelized, vendor-agnostic, and policy-based. With our customers’ pain points at the forefront of our minds, we have built an innovative solution to managing NAS. A Modern Approach to Backing Up NAS We’re focused on developing a solution that delivers both simplicity and high performance, even in large-scale environments. For enterprise customers with NAS systems, our approach delivers four key benefits: Cost-effectiveness: Just like Rubrik is disrupting the overall backup and recovery industry, we’re developing a truly innovative way of protecting today’s enterprise environments. We take a cloud-first approach to our NAS solution so that users can enjoy the flexibility and cost-efficiency of the cloud. Not only do we provide our customers with the ability to archive to on-prem targets such as NFS and object stores, but we also allow users to store files of both structured data (like documents or spreadsheets) and unstructured data (like PDFs…
Rubrik -  - Encrypting Your Data in the Cloud: Rubrik CloudOut with Amazon S3

Encrypting Your Data in the Cloud: Rubrik CloudOut with Amazon S3

In a previous post, I discussed the role of data encryption as a critical component of any company’s security posture and the potential pitfalls of not using encryption properly. This is magnified when you are talking about storing data outside of customer data centers in public cloud storage repositories such as Amazon S3, Azure Blob Storage, and Google Cloud Storage. Security is one of the key pillars of Rubrik’s Cloud Data Management platform, and we design security into every aspect of the platform. This includes end-to-end encryption, both in transit and at rest, which extends to our integration with public cloud providers. The majority of Rubrik customers take advantage of our CloudOut capability to store their backup data in one of the big three public cloud providers, often as a replacement for tape. This approach is typically more cost effective, more reliable, and offers better response times in the event that data restoration is required. To secure data uploaded via CloudOut, Rubrik enables encryption in transit using TLS and encryption at rest using various methodologies. No matter the cloud provider, Rubrik applies the same three key principles to how we encrypt customer data: Use the strongest encryption cipher available and…
Rubrik -  - Intelligent Data Protection: Revisiting Cerebro

Intelligent Data Protection: Revisiting Cerebro

Making any sufficiently complex system look and feel simple is a tall order. But that’s precisely what Cerebro does for Rubrik Cloud Data Management! As the “brains” of the stack, Cerebro acts as the autonomous conductor standing on a podium before thousands of critical systems, all eager to be protected or restored as part of the data lifecycle management symphony. Founding Engineer Fabiano Botelho introduced Cerebro in a blog post over two years ago. The time is nigh to dig deeper. The power of Cerebro allows workload data to be freed from the storage tier by unlocking mobility beyond the data center — into the cloud and between different clouds. Cerebro is the system’s brains, accommodating many critical functions of the Rubrik CDM stack. Two of those functions are the Distributed Task Framework and Blob Engine, which together unite as powerful components to ensure Rubrik delivers data that is immediately accessible and recoverable. Distributed Task Framework The Distributed Task Framework is the engine responsible for globally assigning and executing tasks across a cluster in a fault tolerant and efficient manner. It has the intelligence to provide resource utilization and load balancing of all data in a declarative manner. Rubrik’s Distributed Task…
Rubrik -  - Instant Recovery with SQL Live Mount

Instant Recovery with SQL Live Mount

Rubrik Alta, our ninth and largest product release, expands our focus on creating the complete enterprise data management solution. With this goal comes the need to offer instant data access and recovery wherever that data resides. That’s why we at Rubrik are excited to introduce SQL Server Live Mount, a groundbreaking capability that no other solution has ever offered. SQL Server Support Overview Before diving into our Live Mount technology, it’s important to understand how Rubrik supports SQL Server. Just like many other facets of Rubrik, our SQL support is designed around simplicity and efficiency. To protect databases with Rubrik, the user merely installs the Rubrik connector onto the SQL Server host. The connector is lightweight, requires no restarts upon installation, and will automatically upgrade itself in the future as needed. Once installed, the connector auto-discovers all SQL Server instances and databases on the host. From then on, databases can be assigned SLA Domains, have manual snapshots taken, and be easily recovered. Because our connector is highly integrated within the host, we can use an initial full backup along with intelligent block mapping inside the connector to provide incremental forever backups. This method utilizes the network as efficiently as possible…