Companies are struggling to understand the various cloud deployment options and how they will effectively manage their environment. As organizations transition to using cloud solutions for part or all of their database configurations, the IT teams need to understand what choices they must make for ensuring they can meet business expectations for performance, security, and availability. IDERA’s Rob Reinauer shares insights into managing SQL Server environments from cloud to ground so that you can make confident decisions for your database deployments and mitigate the added data risks cloud environments can introduce.
꧁❤ Greater Noida Call Girls Delhi ❤꧂ 9711199171 ☎️ Hard And Sexy Vip Call
IDERA Slides: Managing the Transition to Hybrid Cloud
1. Rob Reinauer
Director, SQL Product Management
IDERA
November 19, 2019
Managing the transition
to Hybrid Cloud
2. Managing the transition to hybrid cloud
Topic Overview
• Private vs Public vs Hybrid Clouds
• Deployment Patterns for SQL Server In Cloud Environments
• Advantages and Risks of utilizing cloud infrastructure
• Performance
• Security
• Compliance
• Hybrid Cloud Design Challenges
• Cloud Network Connectivity
• Hybrid Cloud Network Connectivity
• Tools to help mitigate cloud deployment risks
3. Managing the transition to hybrid cloud
• Public Cloud vs Private Cloud Environments
On premise
Private Cloud Environments
Hoster.
Azure / EC2 VMs Azure / EC2 Managed Database
Public Cloud Environments
VM
VM
VM
VM
VM
VM
VM
VM
Cloud Technology Overview
4. Managing the transition to hybrid cloud
4
• Private Cloud Environments
• On premises management of server and storage farms to
achieve management efficiency and lower cost of ownership
• Cloud based servers, storage and network infrastructure
partitioned off from public cloud components.
• VMWare, System Center, Azure Stack
On premise
Private Cloud Environments
Hoster. Cloud Provider
Cloud Technology Overview
5. Managing the transition to hybrid cloud
• SQL Server In Public Cloud Environments
Azure VM / AWS EC2
IaaS
SQL Server
Instance
Database
Db1
Database
Db2
SQL Server
Agent
SQL Jobs
- Backup
- Defrag
3rd Party
Tools
SSMS
Azure SQL Managed Instance
Amazon RDS
(PaaS)
SQL Server
Instance
Database
Db1
Database
Db2
SQL Server
Agent
SQL Jobs
- Backup
- Defrag
Azure SQL Database
Single / Elastic Pool
(DBaaS)
Databases
Db1
DB2
DB3
DB4
Database
Db1
Database
Db2
• Essentially 100% compatibility with
private cloud deployments.
• SQL Agent & 3rd party tools available.
• Multi-database capable.
• VMs Deployed into subnets in Virtual
networks
• Greatly increased compatibility with
private cloud deployments.
• Multi-database capable
• SQL Agent available
• Azure MI Deployed into private
subnets in Virtual networks
• Fully managed database as a service.
• Somewhat constrained syntax
• Single databases or elastic pools
• No SQL Agent
• Service endpoints deployed into
subnets
Cloud Technology Overview
Cloud VMs Managed Instances Cloud Database
6. Managing the transition to hybrid cloud
On premise Hoster.
Public Cloud Environments
Private Cloud Environments
Azure / EC2 Managed Database
VM VM
VM
Cloud Provider
• Hybrid Cloud Environments
Cloud Technology Overview
SQL
Server
Database
Database
SQL
Server
Database
Database
SQL
Server
Database
Database
SQL
Server
Database
Database
SQL
Server
Database
Database SQL
Server
Database
Database
SQL
Server
Database
Database
SQL
Server
Database
Database
SQL
Server
Database
Database
SQL
Server
Database
Database
VM
VM
VM
SQL
Server
Database
Database
VM
SQL
Server
Database
Database
VM
SQL
Server
Database
Database
Azure / EC2 Virtual Machines
7. Managing the transition to hybrid cloud
The Business Necessity for Utilizing Cloud Infrastructure
For execution environment evaluation and optimization:
• Performance, Sizing, Capacity planning, short duration tests
Cloud infrastructure offers an easy order of magnitude increase in
productivity and agility.
8. Managing the transition to hybrid cloud
The Business Necessity for Utilizing Cloud Infrastructure
For execution environment evaluation and optimization:
• Performance, Sizing, Capacity planning, short duration tests
For bursty, large scale environments:
Scenarios are enabled which just wouldn’t be practical in the data center
• Thousands of nodes built on Thurs
• Run analysis Friday and Saturday
• Tear down and discard Saturday night
Cost advantages can be obtained which just wouldn’t be possible on-prem
Cloud infrastructure offers an easy order of magnitude increase in
productivity and agility.
9. Managing the transition to hybrid cloud
The Business Necessity for Utilizing Cloud Infrastructure
For execution environment evaluation and optimization:
• Performance, Sizing, Capacity planning, short duration tests
For bursty, large scale environments:
Scenarios are enabled which just wouldn’t be practical in the data center
• Thousands of nodes built on Wed
• Run analysis Thursday and Friday
• Tear down and discard Friday night
Cost advantages can be obtained which just wouldn’t be possible on-prem
Much of the agility and velocity advantages accrue because
development staff have the ability to implement changes directly.
Cloud infrastructure offers an easy order of magnitude increase in
productivity and agility.
10. Managing the transition to hybrid cloud
The Business Necessity for Utilizing Cloud Infrastructure
For execution environment evaluation and optimization:
• Performance, Sizing, Capacity planning, short duration tests
For bursty, large scale environments:
Scenarios are enabled which just wouldn’t be practical in the data center
• Thousands of nodes built on Wed
• Run analysis Thursday and Friday
• Tear down and discard Friday night
Cost advantages can be obtained which just wouldn’t be possible on-prem
Much of the agility and velocity advantages accrue because
development staff have the ability to implement changes directly.
Cloud infrastructure offers an easy order of magnitude increase in
productivity and agility.
11. Managing the transition to hybrid cloud
11
• Performance and behavioral impacts and differences
• Data Security
• Certification of Regulatory Compliance
• Loss of the ultimate control of your data
• Potential for tool profusion and siloed monitoring environments
SQL Server deployments to the public cloud introduces
new complexities, and increased performance and data risks
Cloud Deployment Risk Elements
12. Managing the transition to hybrid cloud
The Danger of Utilizing Cloud Infrastructure
• Cloud infrastructure provides elegant, easily accessible mechanisms to
setup and configure incredibly complex execution environments.
• Data Center computing is reasonably safe and reliable because of decades
of IT experience, largely informed by failures and bad outcomes.
• For cloud deployed infrastructure, these accepted IT procedures and best
practices are still evolving.
• Modern cloud infrastructures expose all aspects of an incredibly complex
execution environment.
13. Managing the transition to hybrid cloud
Flexibility & Complexity: Network Elements For a Single VM
Network Interface
14. Managing the transition to hybrid cloud
• Virtual Networks
• Azure: Azure Virtual Network
• Amazon: Virtual Private Cloud
• Address range isolated from other virtual networks
• Typically contain multiple subnets
• Can attach VPN gateways
• Subnets
• Provide traffic isolation within a virtual
private network
• Can have public facing IP address attached
• For can add Azure service endpoints
• CIDR address designations define subnets
Cloud Network Connectivity Overview
Azure / EC2 VMs
Vnet1 / Subnet 1
Azure / EC2 VMs
Vnet2 / Subnet 1
Virtual Private
Gateway
Virtual Network 1
Virtual Network 2
16. Managing the transition to hybrid cloud
• Virtual Networks Addressing
• Definition of Virtual network specifies an IP address range
• Each member subnet contain subsets of that address space
• CIDR blocks define those address spaces
• Entities in different subnets within the same virtual network have routes to each
other
• Entities in different virtual networks, by default, do not have routes to each
other
Virtual Network 1
Azure / EC2 VMs
Subnet 1
VMa VMb VMc
Azure / EC2 VMs
Subnet 2
Address Space: 10.6.0.0/16 - 64K Addresses
Address Space: 10.6.0.0/20
4096 – 6 = 4090 addresses
Address Space: 10.6.16.0/24
256 – 5 = 251 addresses
VMd VMe VMf
Cloud Network Connectivity Overview
17. Managing the transition to hybrid cloud
9
• IPV4 CIDR Blocks
• CIDR: Classless Inter-Domain Routing
• V4 IP address is 32 bits
• CIDR blocks specify how many bits are assigned to the network prefix and how
many are assigned to host addresses
• The remaining bits after network prefix are bits for unique addresses
• Unique available address = 2(remaining bits) – overhead addresses
• For example:
• CIDR block: 200.100.10.0/24 indicates:
• 24 bits are assigned to the network prefix
• 32 – 24 = 8 bits provides for 256 unique host addresses
• CIDR block: 200.100.0.0/16 indicates:
• 16 bits are assigned to the network prefix
• 32 – 16 = 16 bits provides for 65,536 unique host addresses
Cloud Network Connectivity Overview
19. Managing the transition to hybrid cloud
Creating a peering relationship
through the Azure Portal
• Executed between Vnets
• In the context of Vnet1 add peering
to Vnet2
• Status of peering will be initiated
• Then in the context of Vnet2 add
peering to Vnet1
• Status of peering will be connected
Cloud Network Connectivity Overview
22. Managing the transition to hybrid cloud
• Hub & spoke architectures
• Virtual Network dedicated to Azure or AWS account
• VPN tunnels can be overlaid for fully secure site to site communications
Site to Site traffic routed by
Virtual Private Gateway
Hybrid Cloud Network Connectivity
Virtual Network 1
Virtual Network 2
Azure / EC2 VMs
Vnet1 / Subnet 1
Azure / EC2 VMs
Vnet2 / Subnet 1
Virtual Private
Gateway
23. Managing the transition to hybrid cloud
Azure ExpressRoute & AWS Direct Connect Termination Locales
Azure locales Amazon Locales
Hybrid Cloud Network Connectivity
24. Managing the transition to hybrid cloud
• Migration of data and compute infrastructure to the cloud, can
obviously magnify existing but undiagnosed vulnerabilities.
• Within a corporate data center protected by firewalls, managed by
experienced IT staff, misconfigured or under secured servers and
storage often will have no impact what so ever.
• Many areas of exposure are not known and will not be known until
they are migrated to cloud infrastructure.
• The best practices and established IT procedures for Cloud deployed
infrastructures are still evolving.
The Danger of Utilizing Cloud Infrastructure
25. Managing the transition to hybrid cloud
Generally speaking, the big three cloud infrastructure platforms have rock
solid security and reliability
• Through 2025, 99% of cloud security failures will be the customer’s fault.
• Through 2025, 90% of the organizations that fail to control public cloud
use will inappropriately share sensitive data.
• Through 2024, the majority of enterprises will continue to struggle with
appropriately measuring cloud security risks.
Is The Cloud Secure?
Gartner Research, October 10, 2019
The Danger of Utilizing Cloud Infrastructure ( The Real Concern )
26. Managing the transition to hybrid cloud
The advantages are too compelling to ignore
• “CIOs need to ensure that their security teams are not holding back cloud
initiatives with unsubstantiated cloud security worries,”
• “Exaggerated fears can result in lost opportunity and inappropriate
spending.”
• When formulating a cloud computing strategy, organizations must make
calculated decisions about what they will and will not do to mitigate cloud
risks based on budget and risk appetite.
• Tools and automation are the key to managing cloud complexity
The costs for the risk mitigations should be included in the all up front cloud
strategy
The Danger of Not Utilizing Cloud Infrastructure
31. Managing the transition to hybrid cloud
• Identify vulnerabilities in SQL Server deployments
• Harden security policies across all of your SQL Server Instances & databases
• Analyze and report on user permissions across database objects
• Deploy in cloud or in datacenter – monitor cloud or datacenter deployments or both
Identify Vulnerabilities
• Discover who has access to what
• Identify user’s effective rights across all SQL databases
• Browse and analyze all files, directories and registry
settings associated with SQL Server
• Determine ownership, explicit and inherited security
rights
Set Strong Security Policies
• View a complete history of SQL Server security settings
• Designate baselines for future comparison and forensic
analysis
Automated Security Snapshot capture
• Security snapshots captured on regular schedule
• Automated alerts and email notifications
configurable by severity of security findings
Prevent Security Violations
• Pre-defined templates leveraging CIS & MS Best
Practices Analyzer guidelines
• Identifies top security vulnerabilities on your
databases and servers
IDERA SQL Secure
32. Managing the transition to hybrid cloud
• Deploy SQL Secure in the cloud or datacenter
• Monitor deployments in cloud, datacenter or both
IDERA SQL Secure Deployment Patterns
- Designed for the Hybrid Cloud -
33. Managing the transition to hybrid cloud
• Audit sensitive data to see who did what, when, where and how
• Monitor and alert on suspicious activity to detect and diagnose
• Easily satisfy audits across multiple industry regulatory requirements
• Select from 25 pre-defined compliance reports as well as unlimited custom views
Audit sensitive data
• Discover and define the most sensitive data in your DB
• Audit this data and database operations down to the
column and field level
• Define sensitive data sets spanning multiple tables
Stop potential threats
• Track all access and changes to database data
• Evaluate query row counts
• Compare before and after data for all modifications
• Customize alerts and notifications on suspicious
activities
Pass regulatory audits with ease
• Preconfigured templates for GDPR, PCI DSS, DISA STIG,
NERC, CIS, SOX, HIPAA, FERPA help you meet
compliance requirements
Rich Reporting Capabilities
• 25 pre-defined compliance reports
• Developed with industry compliance experts to
address critical security auditing & compliance report
requirements.
• Flexible customization capabilities
• MS Reporting Services compatible
IDERA SQL Compliance Manager
34. Managing the transition to hybrid cloud
Configuring SQL Server for compliance with regulatory
guidelines can be incredibly complex.
▪ SQL Compliance Manager makes regulatory
compliance configuration single button simple
The following compliance regulations are preconfigured:
▪ CIS Center for Internet Security
▪ SOX Sarbanes-Oxley
▪ HIPAA Health Insurance Portability and
Accountability
▪ PCI DSS Payment Card Data Security Standard
▪ DISA STIG Defense Information Security Agency
▪ NERC North American Electric Reliability
▪ FERPA Family Educational Rights & Privacy
▪ GDPR* General Data Protection Regulation
IDERA SQL Compliance Manager Regulatory Compliance Standards
35. Managing the transition to hybrid cloud
• Deploy SQL Compliance Manager in the cloud or datacenter
• Audit deployments in cloud, datacenter or both
IDERA SQL Compliance Manager Deployment Patterns
- Designed for the Hybrid Cloud -
36. Managing the transition to hybrid cloud
Most storage volumes in Azure and AWS will be networked and virtualized
This results in sometimes different behaviors than on prem SANs
• Generally higher latency, but, often more deterministic than typical SAN
• Both bandwidth and IOPs are constrained on a per VM basis
• With block sizes relevant to SQL Server, IOPs typically hit before bandwidth
I/O virtualization provides some benefit on a per volume basis
• Larger volumes will provide benefits over smaller volumes
Attach multiple I/O channels to multiple volumes
• OS Level storage spaces and striped volumes scale almost linearly
Cloud Storage Technology Overview
37. Managing the transition to hybrid cloud
Comparison of data read scaling by larger volumes vs striped volumes
• Incremental IOPs benefit from larger Azure volume sizes
• Near linear IOPs benefit from striping multiple volumes or filegroups
Cloud Storage Technology Overview
38. Managing the transition to hybrid cloud
Comparison of data read scaling by striping volumes Azure vs on prem Direct Attached Storage
• Near linear IOPs growth for both Azure and DAS striped volumes
• Throughput grows at much slower rate for Azure vs DAS striped volumes
Cloud Storage Technology Overview
39. Managing the transition to hybrid cloud
• Monitor hundreds of SQL Instances
• Receive instant notification of problems and alerts defined by templates or the administrator
• Drill down to instance level details and statistics
• Monitor & analyze queries and query plans to determine causes of blocks and deadlocks
• Deploy in cloud or in datacenter – Monitor deployments in cloud, datacenter or both
Managing SQL Server Performance, Health and Availability with IDERA DM for SQL Server
IDERA SQL Diagnostic Manager for SQL Server
40. Managing the transition to hybrid cloud
Monitor and analyze continuously
• Detailed drill down for each instance
• SQL Server resource usage
• Statement, batch and transaction throughput by database
• Session details
• Lock waits
• Operating system performance details
Automated Alerting Infrastructure
• Predefined alert settings based on industry best
practices
• Automatically calibrated and configured baseline alerts
to minimize noise and false alerts
• Automated alert responses: email, SQL scripts,
PowerShell, and more.
IDERA SQL Diagnostic Manager for SQL Server
41. Managing the transition to hybrid cloud
Query plan viewer
• The interactive visual representation of queries enables
better drill down and understanding of query behavior.
• Quickly identify the costliest operators
Discover and display query bottlenecks
• View queries stripped of parameters or in full statement
mode
• Quickly compare CPU, Disk I/O and elapsed time
consumed by top queries
• Compare performance of queries over time
• Query store utilization provides more efficient and
detailed query history
IDERA SQL Diagnostic Manager for SQL Server
42. Managing the transition to hybrid cloud
Receive Expert Query Tuning Advice
• Award winning SQL Doctor capabilities built-in and
automated
• Quickly improve query performance through deep
tuning insights
• Updated for each new version of SQL Server
• Intuitive interface makes sophisticated tuning
decisions accessible to a broad range of users
IDERA SQL Diagnostic Manager for SQL Server
43. Managing the transition to hybrid cloud
• Deploy SQL Diagnostic Manager in the cloud or datacenter
• Monitor deployments in cloud, datacenter or both
IDERA SQL Diagnostic Manager Deployment Patterns
- Designed for the Hybrid Cloud -
44. Managing the transition to hybrid cloud
• Target backups to cloud VHDs, cloud buckets & BLOBs and Datacenter volumes
• Save time and space with dynamic compression and optional encryption
• Instant restore allows databases to go online in minutes while restore operations are still underway
• Deploy in cloud or in datacenter – backup cloud or datacenter deployments or both
Highest speed backups
• Advanced compression
• Multi-threaded, parallel volume write scheduling
Policy based automated backup, restore and log shipping
• Fully automated backup life cycle with defined
targets
Flexible cloud and data center backup & restore support
• Amazon EC2 and S3 buckets
• Azure VHDs and Blobs
• Tivoli Storage manager
• EMC
Tolerate and recover from cloud network latencies
• Backup and restore throttle and pause during
latencies
• Avoid excessive retries and time outs
Easy to use point-in-time
• Graphical time scale makes precise recoveries quick
and easy
• Identifies top security vulnerabilities on your
databases and servers
IDERA SQL Safe Backup
45. Managing the transition to hybrid cloud
• Deploy SQL Safe Backup in the cloud or datacenter
• Target backups to cloud VHDs, cloud buckets & BLOBs as well as Datacenter storage systems
IDERA SQL Safe Backup Deployment Patterns
- Designed for the Hybrid Cloud -
46. Managing the transition to hybrid cloud
• SQL Secure scans and monitors SQL Server deployments for vulnerabilities
with instant notification of problematic settings.
• SQL Compliance Manager provides the ability to easily certify regulatory
compliance and pass data audits in both cloud and data center deployments.
• SQL Diagnostic Manager monitors 1000s of SQL Server Instances to provide
instant notification of problems, query degradation and detailed drilldown
and query analysis tools.
• SQL Safe Backup provides industry leading performance in backups and gets
SQL Server back online long before any other backup solutions on the market.
IDERA database management tools help manage the
complexities and mitigate the risks of cloud deployment
47. Managing the transition to hybrid cloud
https://www.idera.com/productssolutions/it-database-management-tools
IDERA Database Management Tools For SQL Server
48. Managing the transition to hybrid cloud
▪ All IDERA SQL products are available for free 14 day trial usage
▪ Live demos driven by IDERA Engineers on request
▪ Fully functional, no credit card or approvals required.
IDERA SQL Diagnostic Manager
https://www.idera.com/productssolutions/sqlserver/sqldiagnosticmanager#getStartedForm
IDERA SQL Compliance Manager
https://www.idera.com/productssolutions/sqlserver/sqlcompliancemanager/freetrialsubscriptionform
IDERA SQL Secure
https://www.idera.com/productssolutions/sqlserver/sqlsecure/freetrialsubscriptionform
IDERA SQL Safe Backup
https://www.idera.com/productssolutions/sqlserver/sqlsafebackup/freetrialsubscriptionform
The Products We Discussed:
Free fully functional trial downloads
49. Managing the transition to hybrid cloud
Thank You!
Rob Reinauer
Director, SQL Product Management
IDERA
rob.reinauer@idera.com