Amazon primes S3 as backup facility

By Liam Tung on Jan 27, 2012 8:30 AM
Filed under Cloud

Cloud-attached storage backup.

Amazon Web Services has launched a new offsite backup service that replicates in-house application data to the Simple Storage Service (S3) cloud. 

The AWS Storage Gateway, currently in beta, involves installing a virtual appliance -- initially VMware ESXi 4.1 with wider support planned later -- between business applications and in-house storage.

The gateway takes snapshots and replicates it to S3. Data is transferred to S3 over a Secure Sockets Layer connection and from there it is encrypted using Advanced Encryption Standard 256 bit keys, according to Amazon. 

After installing the gateway, administrators would create "gateway storage volumes" which are attached to on-premise application servers as iSCSI devices.

There's also an option to mirror data, either as a disaster recovery strategy or to offload capacity to Amazon's Elastic Cloud 2 (EC2), achieved by uploading applications to S3 in the form of Amazon Elastic Block Storage (EBS) snapshots, then attaching the blocks to a compute instance through the management console or EC2 APIs.

Pricing for the service in Singapore's S3 starts at $US125 a gateway a month.

While Amazon's infrastructure may be more robust than many in-house systems, last year's extended outage in Western Europe highlighted it is far from impervious to the same types of issues that enterprises face, such as human error and power failures.

In Amazon's case, engineers spent days moving massive amounts of data to S3 before attempting to rebuild storage blocks that were mistakenly deleted during a botched de-duplication run.  

One criticism of the security set-up is that Amazon holds the encryption keys, offering "checkbox compliance", commented Dan Griffin, former Microsoft security executive and founder of JW Secure

"Commendably, during replication, the data traverses an encrypted tunnel (SSL). As well, when the data is received by Amazon’s storage gateway proxy in the cloud, it’s encrypted before it’s written to permanent storage.

"However, since Amazon has access to the encryption keys, that protection buys you checkbox compliance, but not much more. After all, whoever has access to the keys can decrypt the data, and that includes rogue system administrators, or even Amazon itself if under duress (subpoena, national security, etc.)."

Amazon's new backup service comes a week after its launch of another enterprise service, the NoSQL-based 'big data' offering for the enterprise, DynamoDB. 

 
Follow us on Facebook and Twitter
 

Copyright © iTnews.com.au . All rights reserved.

Amazon primes S3 as backup facility
 
 
 
 
 
Top Stories
Who wins in the cloud price wars?
AWS, Google and Microsoft are slashing prices in a race to the bottom.
 
WhiteGold bought by billion-dollar French distributor
New regional powerhouse in security and networking.
 
HubOne kills the IT guy with $200 Office 365, Xero bundle
All-in-one cloud package for accounting firms.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
Which mobile device couldn't you live without?


Latest Comments
CRN Magazine

Issue: 329 | July 2014

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.