Feeds

What's the point of a cloud storage gateway?

More and more vendors pushing them out, but not every cloud needs one

Internet Security Threat Report 2014

Deep Dive What exactly is a cloud storage gateway? We know what direct-access storage (DAS) is, and understand SANs and NAS, forms of networked storage. Cloud storage is, obviously, storage in the cloud. But when, where, how and why do we need a cloud gateway for storage?

We can envisage a four-layer IT stack and three kinds of IT-as-a-service with the cloud:-

SNIA XaaS types

Not all clouds need storage gateways


Let’s say a company decides to go in the direction of Software as a Service (SaaS) and put everything in the cloud. All that’s needed, in this scenario, would be access devices like smartphones, tablets and personal computers to browse the cloud. The classical data centre becomes obsolete and the cloud provider’s data centre is the new data centre; servers, storage, applications, lock, stock and barrel. This is the extreme example of using the cloud and one where companies might reduce most cost by eliminating the overhead of an IT department.

In the case of Platform as a Service (PaaS) and 100 per cent Infrastructure as a Service (IaaS), all hardware moves to the cloud, but the company retains responsibility for more (IaaS) or less (PaaS) of the software. This includes full responsibility for the data and often includes backup and archiving.That means the company still needs significant staff and incurs more IT staff cost than in the SaaS case.

Now, if we break up the server and storage boxes, we will find scenarios where some storage remains in the data centre and some moves to the cloud via cloud storage gateways. This combination of on-premise and cloud IT usage is called a hybrid Cloud and is the most probable place for a cloud gateway.

The job of a cloud gateway

The most basic cloud storage gateway function is to translate our beloved storage access standards like iSCSI and CIFS/NFS to the APIs that are popular in the cloud, like restful HTTP and, probably the most popular these days, Amazon S3. From a conceptual point of view, this would only be a small transitional function.

Typically a cloud gateway should be able to make data transfer between the data centre and the cloud more efficient. This can be achieved by reducing protocol chatter and by using some kind of data reduction technology, like data de-duplication. It is no surprise that some of the cloud gateway vendors have a background in WAN optimisation.

To address security concerns, cloud gateways must also encrypt data to ensure it is safely stored in the cloud.

Here, there or everywhere?

The fundamental question for the cloud gateway user is: ”What data should be stored in the cloud?”

The cloud is not a good place to store primary data because of high access latency, compared to on-premise storage, and the often slow connection. If users want to use the cloud for primary storage, than the cloud gateway needs to have strong caching capabilities to get over these problems.

The cloud is much better at storing data that is rarely accessed and has no access time criticality – archives and similar data for example. In such cases no on-premise copy is needed.

Disaster resilience is a use case where data is intentionally stored both on-premise and in the cloud. Backup also seems to be suited to the cloud, as large amounts of data need to be stored but rarely accessed, however the upload can take a lot of time. This is where a dedicated cloud gateway can be useful, as it helps to decouple operational data from backup data. This explains a new breed of dedicated backup cloud gateways that use the cloud as a final target.

However, when large amounts of data have to be quickly moved back to the data centre, the cloud is quite inefficient.

Surviving a disaster

If you use the cloud for disaster resilience and disaster strikes your data centre, then you could lose any physical cloud gateway at the same time.

One answer to this problem would be to have a remote virtualised gateway. Make it a Virtual Machine (VM) and put it onto a hypervisor in the cloud. This will not be rocket-fast, but when there is a disaster,it will work. Instead of restoring a huge backup that will take much too long, you can continue to work on your data immediately. It’ll be slow, but in such a case, you will be happy that it works at all.

Even if a cloud gateway is not available as a virtual appliance, one thing to keep in mind is that data in the cloud could be accessed natively without using a gateway.

Lock in, lock out

One thing cloud provider customers really fear is lock-in; the dependency on and from their cloud service provider (CSP). What if the CSP shuts down tomorrow, changes service levels or doubles prices? Do you move to another provider? Can you?

How long does that take? And how is it done? A cloud gateway is a logical point to virtualise CSP access. If this is your intent, (by the way, it might make sense to buy the gateway from someone other than the CSP) such a virtualisation layer would enable you to sign up with a couple of cloud providers who offer different Service Level Agreements at different prices and use the gateway to automatically manage what data is stored in which cloud. This virtualisation layer might also make a migration from Cloud A to Cloud B seamless.

Are small and large enterprises the same?

Very large enterprises can operate large data centres and enjoy good economies of scale. For them the use of cloud storage is not as alluring as it is for small organisations. At the other extreme, SMEs don’t often have their own IT infrastructure and will buy everything as a service. So, the best use of cloud gateways can be made by medium-sized organisations who run a data centre but need the cloud to bring down their cost, especially for inactive data, and who need something in a second location for disaster resilience reasons.

Does it have to be a separate device?

No it doesn’t. The gateway functionality can be part of a RAID system. Some gateways offer local storage capabilities and strive to replace existing RAID systems.

So these concepts exist in parallel and compete at the same time. It will pretty much depend on the size and versatility of your data centre equipment whether you would prefer a one-box solution or a gateway approach, which is intentionally focused on consolidation at the cloud edge.

To recap, cloud storage gateways, typically found with hybrid clouds, are transfer stations with resources to provide and improve data movement between on-premise and CSP data centres. Cached ones enable primary data storage in the cloud. Others enable disaster resilience. Dedicated backup ones enable data backup to the cloud. Cloud storage gateways can encrypt data for security and provide an abstraction layer between customer and CSP, enabling migration between CSPs and multiple CSP use where required, defeating CSP lock-in.

When you have a hybrid cloud then the cloud storage gateway is key item needed to realise cloud benefits. ®


This article was written by Marcus Schneider, a member of SNIA Europe. He works for Fujitsu. For more information on this topic, visit: www.snia.org and www.snia-europe.org.

About the SNIA

The Storage Networking Industry Association (SNIA) is a not-for-profit global organisation, made up of some 400 member companies spanning virtually the entire storage industry. SNIA's mission is to lead the storage industry worldwide in developing and promoting standards, technologies, and educational services to empower organisations in the management of information. To this end, the SNIA is uniquely committed to delivering standards, education, and services that will propel open storage networking solutions into the broader market.

About SNIA Europe

The Storage Networking Industry Association (SNIA) Europe is dedicated to educating the market on the evolution and application of storage infrastructure solutions for the data centre by providing thought leadership and industry education focused on storage technologies and business value. For more information visit: www.snia-europe.org.

Internet Security Threat Report 2014

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
'Urika': Cray unveils new 1,500-core big data crunching monster
6TB of DRAM, 38TB of SSD flash and 120TB of disk storage
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
SDI wars: WTF is software defined infrastructure?
This time we play for ALL the marbles
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.