Architecture

Rubrik -  - How to Create the Next Generation of Design Systems

How to Create the Next Generation of Design Systems

For decades, brands have used design systems to help create an identity and unify separate solutions and messaging within a product portfolio. We can see it in everything from cars, product design and, of course, user interfaces. This blog post will walk through how we recently approached modernizing our design system to dramatically accelerate development while tackling the scaling challenges we encountered as our product portfolio expanded. Design systems, or the collection of components, building blocks, and elements used to define the visual language and rules of engagement with a product, have matured significantly in recent years. Now, they offer a granular-level of detail for every element of the design–color, components, key screens, states, and more.  As a result, design system sticker sheets and style guides are often lengthy and overloaded with detail, causing multiple problems:  design consistency is difficult to maintain as teams and product portfolios scale. designers spend too much time navigating documentation.  At Rubrik, we experienced these challenges firsthand and brought forth the question: how can designers create their design with minimum effort while also aligning with the design system?  To solve this problem, we decided to overhaul our entire design system and create an interactive working file.…
Rubrik -  - Building an Error Message Framework

Building an Error Message Framework

In a fast-growing engineering team, it becomes less and less realistic for a single engineer to understand every behavior behind a product. In fact, relying on an individual to make the product consistent often leads to disastrous results, especially for features that get less attention. A well-designed framework alleviates these problems by shaping collective developer behavior and promoting better designs, and ultimately makes a better product for our customers. Recently, I was commissioned to revamp the error message framework in Rubrik’s CDM product. Although this framework seems small compared to others, I learned a few lessons that can be applied to building frameworks of any size, including: Understand your customers, which include both end users and developers Automate as much as possible, leaving fewer chances for human errors Rules do not matter if they are not enforced by code A framework should help scale the engineering organization Building a framework means changing a culture What Went Wrong At Rubrik, we pride ourselves in prioritizing our customers’ feedback and using their insights to shape our product roadmap. This was recently true when we received feedback on the quality of our error messages. For reference, here is a real-life message given to…
Rubrik -  - Understanding Cloud Costs

Understanding Cloud Costs

Your company runs cloud infrastructure on AWS and it wants to reduce the spend.  You’ve already got a Savings Plan in place, you’ve right sized your instances, but when you look in Cost Explorer, the spend is still too big to believe. What do you do? If you take one thing away from this post let it be this – your objective should be to understand your costs. While reducing costs is important and valuable, reduction should come as a consequence of understanding. The value of understanding cloud costs is something we at Rubrik discovered firsthand on our journey to reduce our bills. Below we’ll share anecdotes demonstrating our approach to achieving an understanding of our cloud spend, concrete examples of both successes and failures, and the learnings we picked up along the way.  These stories will include how:   Accurate attribution led to a speedy 10x reduction in a major account. Dogfooding led to a bug discovery, a fix, and corresponding savings. Using APIs and histograms allowed us to come to grips with reality. Process failure can be as important as software bugs. Rearchitecting resulted in a 600x reduction in CI/CD cost. At the core of success is a model…
Rubrik -  - Recovering Fast from Ransomware Attacks: The Magic of an Immutable Backup Architecture

Recovering Fast from Ransomware Attacks: The Magic of an Immutable Backup Architecture

Summary Ransomware has been blasting my news feeds on a daily basis for years. Each article details the story of an organization that can no longer access their business critical data. Where the attackers have crippled their victims by encrypting access to production files and storage devices. According to the Emsisoft Malware Lab, ransomware attacks in 2019 “impacted at least 966 government agencies, educational establishments and healthcare providers” at a potential cost in excess of $7.5 billion. Whilst cyber security teams have invested in a myriad of protection tools, extortionists continue to find new mechanisms to encrypt organizations’ data. Backups are one of the most – if not the most – important defense against ransomware. But if subject to corruption, attackers will use it against you. Advanced ransomware is now targeting backups – modifying or completely wiping them out – eliminating your last line of defense and driving large ransom payouts. Rubrik’s uniquely immutable filesystem natively prevents unauthorized access or deletion of backups, allowing IT teams to quickly restore to the most recent clean state with minimal business disruption. This blog walks you through our one-of-a-kind immutable architecture and robust security controls that harden your data from cyber attacks. The…
Rubrik -  - How Rubrik Datos IO Reduces NoSQL Backup Storage Up to 96.4%

How Rubrik Datos IO Reduces NoSQL Backup Storage Up to 96.4%

NoSQL databases are becoming mainstream. As enterprises deal with the changing characteristics of data and applications, many are leveraging the inherent speed and redundancy of NoSQL databases. But the downside of this native redundancy is that NoSQL databases typically store 3 or more copies of each piece of data, resulting in pricey backup and storage costs. Rubrik Datos IO (RDIO) provides powerful space efficiency capabilities in a modern data management product purpose-built for distributed architectures such as NoSQL databases. Our approach helps customers realize their NoSQL database deployments in an easy-to-use data protection solution that enables them to achieve up to 96.4% in backup storage savings. This blog post explores two major features that make this possible: semantic deduplication and incremental forever.   Rubrik Datos IO’s industry-first semantic deduplication is the answer to the fundamental shortcomings that traditional block-level deduplication encountered in the world of modern distributed NoSQL databases (MongoDB, Apache Cassandra, DataStax). I’ll dive into the limitations of two distributions of Cassandra, DataStax Enterprise and Apache Cassandra, and how RDIO addresses them. At a high-level, these deduplication shortcomings fall into two categories: compression and housekeeping. One of the main reasons NoSQL deduplication is challenging is that the majority of…
Rubrik -  - Kick Ransomware in the Teeth with Polaris Radar

Kick Ransomware in the Teeth with Polaris Radar

There’s a strong chance that you, a colleague, or a peer at another company has been hit by a ransomware attack. This means that someone penetrated your perimeter defense, likely through human phishing methods or insecure external access (such as RDP), and has landed malicious code within a permissive zone of your production environment. The outcome of these attacks comes in the form of encrypted content (files, folders, operating systems, etc.) that require cryptocurrency payment(s) to make it accessible once more. This pain can hit especially hard when: Identifying where the malicious code exists to remove or neuter it. Scoping out the damage and either paying the “ransom” or restoring data from backup. Determining how to prevent the intrusion from repeating, if possible. Fortunately, we at Rubrik understand this pain all too well. One of our earliest customers, Langs Building Supplies, had their production environment hit by a ransomware snag back in 2016. Their team acted quickly and used the immutable nature of Rubrik’s backups to recover the encrypted data without paying the ransom. Huzzah! Since then, we’ve taken the state of the art to a new frontier with the release of Radar, an application that lives on our Polaris…
Rubrik -  - Challenges of NoSQL Data Management: An Architect’s View

Challenges of NoSQL Data Management: An Architect’s View

More and more enterprises are adopting modern NoSQL databases like MongoDB and Apache Cassandra (DataStax) to enable rapid development of next-generation applications (AI/ML, IoT, eCommerce, customer experience). However, while these databases can help speed up application development, they lack enterprise-class recovery solutions, putting organizations at risk of data loss. While NoSQL databases offer capabilities such as cross data-center database replication, they do not provide point-in-time backup and recovery. If data errors are introduced or data is accidentally deleted, the databases’ redundant-node replication can lead to almost immediate corruption of critical data across all nodes. In this post, I’ll dive into NoSQL data protection requirements and the technical challenges that enterprise- grade data management solutions must address. Comprehensive data management is a must for running mission-critical applications in enterprise environments (private cloud, hybrid clouds, or public clouds). As the shift to these next-generation applications and NoSQL databases increases, we see new data management requirements emerging: Eventually-consistent databases require novel point-in-time techniques for consistent state across a database cluster. The elastic nature of next-generation databases necessitates backup and recovery to be highly available, scalable, and failure resilient. Backups need to be maintained in native (source) formats for advanced data management services such…
Rubrik -  - NAS Recovery for the Cloud Era

NAS Recovery for the Cloud Era

At Rubrik, we have architected our product for enterprise scale. Our typical NAS customer has at least a few hundred TBs, up to many PBs, of NAS in their environment.  Backing up this large of an environment while ensuring SLA compliance is a huge challenge for them, as it requires a platform that is highly parallelized, vendor-agnostic, and policy-based. With our customers’ pain points at the forefront of our minds, we have built an innovative solution to managing NAS. A Modern Approach to Backing Up NAS We’re focused on developing a solution that delivers both simplicity and high performance, even in large-scale environments. For enterprise customers with NAS systems, our approach delivers four key benefits: Cost-effectiveness: Just like Rubrik is disrupting the overall backup and recovery industry, we’re developing a truly innovative way of protecting today’s enterprise environments. We take a cloud-first approach to our NAS solution so that users can enjoy the flexibility and cost-efficiency of the cloud. Not only do we provide our customers with the ability to archive to on-prem targets such as NFS and object stores, but we also allow users to store files of both structured data (like documents or spreadsheets) and unstructured data (like PDFs…
Rubrik -  - Encrypting Your Data in the Cloud: Rubrik CloudOut with Amazon S3

Encrypting Your Data in the Cloud: Rubrik CloudOut with Amazon S3

In a previous post, I discussed the role of data encryption as a critical component of any company’s security posture and the potential pitfalls of not using encryption properly. This is magnified when you are talking about storing data outside of customer data centers in public cloud storage repositories such as Amazon S3, Azure Blob Storage, and Google Cloud Storage. Security is one of the key pillars of Rubrik’s Cloud Data Management platform, and we design security into every aspect of the platform. This includes end-to-end encryption, both in transit and at rest, which extends to our integration with public cloud providers. The majority of Rubrik customers take advantage of our CloudOut capability to store their backup data in one of the big three public cloud providers, often as a replacement for tape. This approach is typically more cost effective, more reliable, and offers better response times in the event that data restoration is required. To secure data uploaded via CloudOut, Rubrik enables encryption in transit using TLS and encryption at rest using various methodologies. No matter the cloud provider, Rubrik applies the same three key principles to how we encrypt customer data: Use the strongest encryption cipher available and…