Cloud-enable your NetApp Storage with - Egnyte your NetApp Storage with ... work is de-rigueur. Thus, simple file storage is insufficient. In order to facilitate collaboration, the

w w w . e g n y t e . c o m

Egnyte Inc. | 1890 N. Shoreline Blvd. | Mountain View, CA 94043, USA | Phone: 877-7EGNYTE (877-734-6983)

www.egnyte.com | © 2012 by Egnyte Inc. All rights reserved. | Revised Dec 30, 2012

Cloud-enable your NetApp Storage with

EgnytePlus™ File Sharing Infrastructure

White Paper

EgnytePlus™ for NetApp


www.egnyte.com | © 2012 by Egnyte Inc. All rights reserved.

Table of Contents

Cloud Storage 3

File Sharing and Collaboration 3

Email Attachments 3

Consumer Cloud Storage Services 4

File Sharing Infrastructure Requirements 4

Traditional File Sharing Infrastructure 5

Next Generation File Sharing Infrastructure 6

EgnytePlus for NetApp – Next Generation File Sharing 6

EgnytePlus for NetApp – Benefits 8

Expanding the Storage Tiering Model 9

Local Tier 9

Mobile Tier 9

Sharing Tier 10

Replication Tier 10

Archive Tier 10

Additional Features of EgnytePlus for NetApp 11

Complete Control 11

Permission (ACL) Enforcement 11

Synchronization 11

Granular Folder Selection 12

Enterprise-class Security, Data Protection and Compliance 12

EgnytePlus for NetApp Summary 12




Cloud Storage

Over the past decade, the progress of the cloud storage industry has directly tracked the growth of the

high-technology industry. The maturation of technology, including cost-effective high speed WANs, high

density disk drives, and the standardization of protocols has led to the increasing adoption of the cloud

storage industry.

File Sharing and Collaboration

The advent of Network Attached Storage (NAS) in the mid-1990s to mid-2000s allowed IT departments

to satisfy both user and corporate needs of centralized data storage. The commoditization of cloud

storage services in the last 5 years has enabled IT departments to both change the economics of data

storage as well as change the IT perspective - such that IT departments are now providing storage as a

service, regardless of the storage implementation (internal architecture or cloud).

Users expect their files to be backed-up and archived when stored under IT storage systems. In

addition, various enterprise storage features such as thin provisioning, storage virtualization as well as

cloud storage services make it appear to the end-user that the storage system has infinite capacity. This

leads to a significant level of confidence in the reliability and availability of their data.

However, in today’s business world, employees no longer work individually. Collaboration and team-

work is de-rigueur. Thus, simple file storage is insufficient. In order to facilitate collaboration, the sharing

of and accessibility of data has become a necessity.

Email Attachments

The first and easiest method to share files is through emails. Users routinely attach files to emails as a

means of collaboration. However, this has drastic negative impact on the email system. When a user

attaches a file to an email, the file is stored under the user’s sent mail folder, as well as in the recipient’s

inbox folder. If there are 20 recipients of the attachment, 21 copies of the exact same file are created,

clogging the email system and taking up valuable email storage space.




Another restriction of email file sharing is file size limitations. Due to the increase in average file sizes,

bandwidth limitations and increased risks of harmful email attachments, administrators are limiting the

size of email attachments. The typical restriction is no more than 5 MB.

Consumer Cloud Storage Services

Consumer cloud storage services offer a limited amount of storage for free, with additional storage

upgrades from subscription or referral. Some of these services directly enable file sharing by providing

publicly accessible links to files stored in their accounts. Users are also able to share files by making

account id and password available to collaborators.

These consumer cloud services bypass corporate controls and business policies. The IT department is

left with zero visibility, auditability or control over what happens to corporate data. Companies are

quickly blocking these services to mitigate their risks.

File Sharing Infrastructure Requirements

To satisfy user demands, enterprises have five key requirements for scalable file sharing infrastructure:

The ability to share many files

The ability to share large files

The ability to share with many collaborators

The ability to share with many offices

The ability to access on multiple devices




Traditional File Sharing Infrastructure

To satisfy today’s user requirements for file sharing, many IT departments are still implementing

yesterday’s technologies. For basic file sharing between sites, IT often deploys a dedicated site-to-site

VPN, along with storage mirroring or replication software. This implementation is costly, complex to

setup and maintain, and does not scale for large files or large volumes of files.

VPNs are also used to provide employees access to files behind the corporate firewall. However,

employee VPNs require VPN servers, additional per-user provisioning, and do not scale. In addition,

VPNs do not provide the ability for employees to share files with non-employee business partners. For

this requirement, IT departments deploy dedicated FTP servers. However, these servers require IT

administrators to configure user names and passwords every time a file needs to be shared with a new

employee, placing additional burdens on IT.

The current toolset available to corporate IT allows for the delivery of a bare minimum level of file sharing

support. However, these tools do not scale well, are costly to implement and maintain, and, worst of all,

do not support mobile devices.




Next Generation File Sharing Infrastructure

Corporate IT departments are now tasked with meeting requirements from multiple constituencies:

CIO – ensure data integrity and reliability; prevent data loss or leakage

Corporate IT – easy to implement, easy to monitor, easy to audit and administer; scales instantly

with changes in the business

Finance – low financial impact, especially when scaling

Employees – any time, any place, any device any size file sharing across multiple sites with

multiple users both inside and outside the firewall

To satisfy this diverse constituency requires implementing the next generation file sharing infrastructure.

EgnytePlus for NetApp – Next Generation File Sharing

The EgnytePlus platform is comprised of two components: Cloud File Server and Local Cloud enabled

NetApp storage system.




The Cloud File Server is an infinitely scalable file storage and sharing service. Files can be accessed

using any standard web browser (Internet Explorer, Firefox, Safari, and Chrome). Through the Egnyte

web browser interface, users have access to a wide range of features, such as collaboration, content

management, file sharing and backup. Those same features are available using the Egnyte mobile app

for the iPhone, iPad, Android, Windows Mobile, and webOS devices.

Advanced access to Egnyte’s public cloud service is provided on both PC and Mac computers through

mapped drives, which make the public cloud service, appear as a local drive. Users interact with their

files using their native drag-and-drop and click-to-edit interface. Users can use an optional desktop sync

service which provides full access to files even when Internet connectivity isn't available. When Internet

connectivity is restored, files are automatically and seamlessly synchronized between your computer and

the cloud file server.

Egnyte Local Cloud is a thin enablement layer that communicates with local NetApp storage systems

using the NetApp ONTAP API’s. Local Cloud replicates data between local storage and the cloud. It is

uniquely architected to allow direct CIFS access to the NetApp share without intermediation by Egnyte.

There is no proprietary file system or access protocol required by Egnyte. Direct access to NetApp

ensures high performance file serving in your office, preserving the value of your investment. Files on the

Local Cloud are automatically synchronized with the Cloud File Server, providing users with flexible

remote file access or fast local network access

Egnyte Integrates with existing shares & access controls. Not only data but also, access permissions

from existing shares on your NetApp FAS system can be synchronized to the cloud. This lets you cloud

enable existing shares and ensure that users access files locally with the same level of security as they

would on the Cloud File Server. For example, a user who has "read" permissions on a folder would not

be able to modify or delete files in that folder from the NetApp device or the cloud.

Local Cloud is delivered as a VMware virtual storage appliance. Capable of running on either VMware

vSphere 4 and 5 or VMware ESXi 4 and 5 on any existing or new storage system. Local Cloud requires

two VMware virtual disks (vmdk). The first virtual disk contains the core applications, log files, and

synchronization engine. The second virtual disk contains data synchronized to the cloud and exported

locally via CIFS. The virtual disks can reside on any storage that is mountable by VMware, including

locally attached, iSCSI attached, Fibre Channel attached and NFS storage systems.




Egnyte Local Cloud is provided as an installable OVA file. Once installed, configuration and

management is performed through a simple web interface. Within minutes of installation,

synchronization of files in the cloud begins, and users can mount the Local Cloud data drive via CIFS.

EgnytePlus for NetApp – Benefits

EgnytePlus with cloud-enabled NetApp storage provides:

“In-the-office” experience from anywhere – uninterrupted (online or offline) access, real-time

collaboration across multiple teams and offices

Enterprise-class security – 256 bit AES encryption during transmission and at rest, SSAE 16

compliant data facilities, audit reports, and robust multi-level file access and permissioning

Focus on mobility and reliability – mobile access, VPN -free environments, remote replication,

data redundancy and disaster recovery

Mobile Archive Sharing

Storage (office 1) Storage (office 2)




Expanding the Storage Tiering Model

Historically, storage tiering was viewed through the lens of access speed, capacity and price. A tiered

storage system contained a small, high performing, high cost tier (tier 1, fast cache), a larger, medium

speed, medium cost tier (tier 2, on-line access), and a large, slow speed, low priced tier (tier 3, near-line

access).

EgnytePlus expands the tiering model of enterprise storage. Rather than considering speed of access

as the main differentiator of the tiers, EgnytePlus considers the use of the tier as the major differentiator

of storage tiers. The new tiering model then includes:

Local Tier – local access to the storage system from behind the corporate firewall (subdivided

into speed of access)

Mobile Tier – sharing of files with mobile devices

Sharing Tier – sharing files within teams, both behind and outside the corporate firewall

Replication Tier – multiple site-to-site replication

Archive Tier – file backup and archiving for historical use and regulatory compliance

Local Tier

The EgnytePlus platform maintains the Local Tier via Local Cloud. Local storage such as NetApp FAS

can be single-tiered or multi-tiered, which Local Cloud will interoperate appropriately.

Mobile Tier

The EgnytePlus platform delivers the Mobile Tier, enabling mobile device to access corporate data. All

data that resides on Egnyte’s Cloud File Server can be accessed by mobile devices through the Internet.

Egnyte currently supports Apple iOS devices (iPhone, iPad), Google Android devices (Phones, Xoom,

Galaxy, Nook, Kindle, etc.), Microsoft Windows Mobile devices and HP WebOS (Touchpad). As new

mobile devices are released, or mobile operating systems are revised, Egnyte’s expert mobile device

team keeps the mobile device apps up-to-date, eliminating the need for IT departments to limit mobile

support to specific devices and versions.




Egnyte also has partnered with leading mobile app developers such as QuickOffice, Office2 Plus,

Readdle, GoodReader, and Apple to integrate Egnyte’s cloud file sharing service with mobile apps.

Users can share files, download files directly to the mobile device, edit and print office and other

documents as well as upload files from the mobile device to the cloud.

Sharing Tier

The EgnytePlus platform delivers the Sharing Tier, enabling employees to share files among themselves

or with business partners. Employees can share links to any file and folders they have permission over.

Links can be expired by time or number of clicks, preventing inadvertent data leak. Users of Microsoft

Outlook can use an extension that automatically captures email attachments, transferring the attachment

to the cloud and sending the email recipient a link to the file.

Replication Tier

Implementing Egnyte Local Cloud at two sites automatically delivers site-to-site replication, enabling the

Replication Tier. No additional VPN configuration, mirroring or replication software is required. Each

Local Cloud instance synchronizes to Egnyte’s Cloud File Server. The Cloud File Server becomes the

master, and each instance can synchronize only the subset of files necessary at that site.

Archive Tier

The EgnytePlus platform automatically enables both backup and archive in the Cloud File Server.

Egnyte's Cloud File Server is hosted in world-class SSAE 16 compliant data centers. All data is

encrypted using 256-bit AES encryption over SSL during transfer and at rest. Egnyte's architecture has

built-in redundancy, maintaining multiple copies of your data to protect against hardware failures and

disasters. In the case of disaster recovery, all your files, including past versions, can be instantly

retrieved from the cloud. In addition, with Local Cloud, files are replicated to local storage, and are

available even in the absence of Internet connectivity.

The Cloud File Server never overwrites files. Instead, whenever a file is modified, a new version is

stored on the Cloud File Server. Previous versions of files are easily retrieved, and system

administrators can control versioning and data retention policies. With the EgnytePlus platform, the IT




department never has to implement a separate backup and archive system. Instead, IT can rely on the

Archive Tier delivered by EgnytePlus.

Additional Features of EgnytePlus for NetApp

Complete Control

EgnytePlus for NetApp enables the administrator to control user access levels and monitor file usage

with real-time audit reports. User permissions and authentication are synced locally and in the cloud,

ensuring that only the right users have access to the right files. For organizations with Single Sign-on

(SSO) authentication, Egnyte integrates with VMware Horizon, OneLogin, Ping Identity, and Citrix

CloudGateway. SAML 2.0 compliance enables integration with SSO solutions that utilize this standard.

E gnyte also enables directory service integration with Active Directory and LDAP for centralized

authentication management behind the firewall.

Permission (ACL) Enforcement

With the EgnytePlus for NetApp infrastructure, it is crucial that permissions are uniformly enforced both in

the cloud and through local storage. All EgnytePlus solutions offer strict permission enforcement from

any user access point, a capability unique to Egnyte. Permissions set in the cloud are enforced locally

by the synchronization engine.

All permissions rules allowed in the cloud (inheritance, exclusion, user and group level access) are

seamlessly mirrored to the local storage. EgnytePlus effects permission changes in the cloud by

receiving and processing change events (e.g. a permission level was changed from read/write to read

only). ACL enforcement is achieved by a patented permission enforcement module that traps all file

system access.

Synchronization

The synchronization engine selectively compresses files based on type and size to minimize bandwidth.

The amount of reduction is based on the compression ratio (e.g. 50-60% with Office documents) and

overhead incurred to compress the file. After the initial sync, all subsequent synchronizations process




only the events that have occurred since the prior synchronization. Since event processing is

proportional to the number of outstanding events, the synchronization time is independent of the data set

size.

Administrators have the ability to configure the synchronization frequency of each Local Cloud instance.

This allows every office to customize the sync rate according to their needs. The synchronization

frequency can be set at a defined schedule such as after business hours to optimize bandwidth, or at

intervals ranging from several minutes to real time.

Granular Folder Selection

Egnyte provides administrators with the ability to select which folders are synced with the local storage at

each office location (each Local Cloud instance). This allows for efficient file sync of folders and sub-

folders at any level of data hierarchy, so only the important files are replicated for online and offline use.

Enterprise-class Security, Data Protection and Compliance

Egnyte is focused on complete end-to-end data protection through the five stages of security: Physical,

Network, Transmission, Access, and Data. In addition to providing maximum security under each

category, Egnyte continually maintains state-of-the-art technology and performs ongoing threat

management.

Regardless of the access method, all users must go through the authentication process before accessing

their files. Once authenticated and authorized, user permissions are granularly enforced at every folder

and sub-folder level, ensuring only the right users have access to the right files.

Egnyte has adopted the transmission practices of the most secure institutions in the world by using 256-

bit AES encryption to encode data during transmission and at rest. In order to police traffic between

public networks and the servers where company data resides, Egnyte employs ICSA-certified firewalls

and a Network Intrusion Detection System that monitors and blocks hackers, worms, phishing, and other

infiltration methods.

Egnyte offers FINRA compliant online storage solution with complete end-to-end data protection. Egnyte

enables full compliance under SEC 17a, 31a, 204 Recordkeeping regulations for confidential data

storage, retention, digitalization and accessibility. Egnyte understands the importance of the




confidentiality and protection of an individual's Protected Health Information (PHI). Egnyte's

comprehensive data security enables HIPAA compliance for healthcare, pharmaceutical and biomedical

businesses. Egnyte complies with the EU Safe Harbor framework as set forth by the Department of

Commerce regarding the collection, use, and retention of data from the European Union.

EgnytePlus for NetApp Summary

EgnytePlus for NetApp is the next generation file sharing infrastructure that delivers these requirements,

combining the accessibility and flexibility of cloud storage with the "in-the-office" experience and

performance of local storage. With this "best of both worlds" approach, files on local storage are made

available for sharing. Files can be stored, shared, and accessed from anywhere, with any computer or

mobile device. EgnytePlus transforms local storage into a central collaboration hub, allowing multiple

teams, offices and business partners to easily work together as if they’re in one location, and delivers file

sharing at scale.

About Egnyte

Over 1 billion files are shared daily by businesses using Egnyte. Egnyte’s unique technology provides

the speed and security of local storage with the accessibility of the cloud. Users can easily store, share,

access and backup files, while IT has the centralized administration and control to enforce business

policies. Egnyte, founded 2007, is based in Mountain View, California and is a privately held company

backed by venture capital firms Google Ventures, Kleiner Perkins Caufield & Byers, Floodgate Fund, and

Polaris Venture Partners. For more information, please visit www.egnyte.com or call 1-877-7EGNYTE.

Contact us to learn more about EgnytePlus.

mailto:[email protected]?subject=EgnytePlus%20Information%20Request%20-%20IBM%20Whitepaper

Documents

Cloud-enable your NetApp Storage with - Egnyte your NetApp Storage with ... work is de-rigueur. Thus, simple file storage is insufficient. In order to facilitate collaboration, the