SonicWALL CDP Overview
November 2010
Andy Barrow
SonicWALL Product Manager
+44 1753 797944
Who are SonicWALL?

SonicWALL was founded in February 1991 to develop standards-based, network
infrastructure products to meet the needs of the small to medium business and
education markets.

Today, SonicWALL’s Internet security and transaction security solutions are
leading the way for a more diverse and secure Internet experience for small,
medium and large enterprises.
2
CONFIDENTIAL All Rights Reserved
4/10/2015
The Company Overview
SonicWALL designs, develops, and manufactures network security, secure
remote access, Web and e-mail security, continuous data protection, and
policy and management solutions
Complete product portfolio (SoHo – Enterprise)
Global Organization
25 offices in 19 countries
5 regional support offices worldwide
Committed to a two-tier distribution model – indirect sales 100%
3
CONFIDENTIAL All Rights Reserved
4/10/2015
The SonicWALL Global Presence
Canada
United States
Mexico
Brazil
Belgium
United Kingdom
Germany
France
Spain
Italy
Russia
Dubai
Switzerland
Sweden
India
Japan
Korea
China
Hong Kong
Singapore
Australia
 25 offices around the world
 Conducting business in over 50 countries
4
CONFIDENTIAL All Rights Reserved
4/10/2015
How it all fits together
Market
Convergence
Vendor /
Technology
Convergence
End User /
Channel
Convergence
Keep Businesses Running
Increase IT Productivity
Manage Risks
Policy and Management
Business
Continuity
Content
Security
Network
Security
Content
Security
Business
Continuity
Policy and
Management
Unified
Threat
Management
Inbound &
Outbound
Content
Filtering
Secure
Backup and
Recovery
Policy
Creation
(Gateway AV,
Anti-Spy, IPS)
Network
Security
SSL-VPN
Compliance
Anti—Virus
Anti-Spyware
Anti-SPAM
Patch
Management
Comprehensive & Continuous Protection for our End-Users
Predictable & Profitable Growth for our Channel Partners
5
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential
Monitoring
Reporting
Management
Our Solutions
Secure Networking
Business Continuity
Content Security
TZ & NSA
Continuous Data Protection
(CDP)
Email Security
Secure Wireless
Global Management
Remote Access
SonicPoint N
Global Management System
(GMS) & Viewpoint
CONFIDENTIAL All Rights Reserved
Aventail & Sonicwall SSL-VPN
4/10/2015
6
Continuous Data Protection
7
CONFIDENTIAL All Rights Reserved
4/10/2015
The Importance of Disaster Recovery
Planning
 Business Continuity and Disaster Recovery planning is important to any
organization
 Any unplanned event that is disruptive to the business can prevent
employees from getting to what they need
 A properly defined Business Continuity plan often can keep the business
operational
 It is not just about data center redundancy- it is also about ensuring that
employees can keep working from anywhere when the need arises
“Companies and employers that have not done so are being urged to establish a business
continuity plan should the government direct state and local governments to immediately
enforce their community containment plans” Kevin Nixon, How to Prepare for Swine Flu
Pandemic (CSO Podcast)
8
CONFIDENTIAL All Rights Reserved
4/10/2015
Continuous Data Protection
 It takes a long time to recover a
lost file from a tape
 If you forgot to back it up
 If you have lost the tape
 If you accidentally erased it
 If it never backed up properly
but you didn’t know
 Or if the magnet in your door
speaker wiped it when you
took it off site!
9
CONFIDENTIAL All Rights Reserved
4/10/2015
Familiar Situations?
“I just so happened to check my backup tape and it
hadn’t been working for five months. I’ve been hauling
those tapes around for nothing…”
- Network Administrator, National
Fidelity Mortgage
“total and complete RAID array failure in their server.
Backup has not been run since 10/20/2000. Try to
restore from that tape: blank. Next tape. Blank. Next
tape. Blank.... and so on”.
- Scott Sanford, ST Computer Consulting
Key Drivers
Business Drivers

Mass Digitization: Value, complexity, and
volume of native documents growing
exponentially

Business Continuity: Reliable, and instant,
disaster recovery now a requirement

Mobile Offices: Remote workers and
distributed networks increasing the
complexity of managing and
administering data protection

Regulatory Compliance: HIPAA,
Sarbanes-Oxley, and other acts
increasing the amount and length of
time that data must be stored and
actively searchable
Technology Drivers

Tape Performance: Increasingly
viewed as unreliable, hard to
manage, and vulnerable to physical
loss

Multiple Vendors: Tech support,
versions

Disk Cost: Decreasing cost and
availability

Network Adoption: Driving investment
in anti-virus, firewalls, anti-spam,
and protection
SMBs need a more reliable, easier to manage, and
real-time solution for data protection
Losing Critical Business Data (or
access to it) is bad because …
 It costs time
 Administrator’s time to recover the data (if even possible)
 Employee time to recreate the data (if even possible)
 It costs money, and inefficiency
 Lost revenue and customers
 Staff cannot be doing the work they should be doing
 It can result in Regulatory or Compliance penalties
 HIPAA, PCI, SOX, …
 It can ruin small companies
 One study reports that 50 percent of companies suffering
serious data loss will be out of business within 5 years
[1]
[1] Jon Toiga, Disaster Recovery Planning: Managing Risk and Catastrophe in Information Systems, (Yourdon Press, 1989).
12
CONFIDENTIAL All Rights Reserved
4/10/2015
But how does critical business data
get lost or become inaccessible




Natural disaster
 Fire, flood, earthquake, hurricane, etc.
Local disaster
 Facility damaged or unusable for any reason
Hardware failure
 Drive failure
 Lost or damaged laptop
 Hardware simply dies of old age (SMB computers are on average 4-5 years
old)
Human Error causes between 33-40% of all data loss.
Source MS

13
 Accidental deletion
 Open a spreadsheet, clear all cells, save the spreadsheet
But all of the above have one simple root cause …
CONFIDENTIAL All Rights Reserved
4/10/2015
Root Cause for lost data
There was no complete end-to-end
solution in place to ensure data
could be restored under all
circumstances
“The truth is you can backup all you want but if you can’t
recover it, it’s doesn’t do any good. In the end, backup
doesn’t matter, recovery does” Source Gartner
14
CONFIDENTIAL All Rights Reserved
4/10/2015
For Small and Medium Businesses
it is especially problematic
 Many SMBs are not experienced with computers
 Conventional tape backup systems are expensive and
complicated
 Many SMBs have to rely on 3rd party providers for
maintenance so speed of assistance is an issue
 SMBs do not typically have Disaster plans
 “It will never happen to us”
 “We’re too small for Disaster Recovery Planning”
15
CONFIDENTIAL All Rights Reserved
4/10/2015
Do you know how many …?
 SMB Users do NOT have adequate data
80%*
protection?
 SMBs only backup data onsite?
64%**
 SMBs (that have protection) use tape back-up? 90%^
 Nightly tape-based backup jobs fail?
5-20%^^
 IT Managers couldn’t recover data from their tape
40%^
backup system?
* ITAA (Information Technology Association of America)
** Gartner
^ Yankee Group
^^ Infostor
16
CONFIDENTIAL All Rights Reserved
4/10/2015
Tape Back-up is Complicated
Customers are asking for …
 Complete end-to-end solution
 Simple installation with minimal administration
 Central policy and update management
 User transparent backups with better granularity than
tape backups
 User-directed restore – no administrator needed
 Ability to restore from a granular choice of versions
 Flexible Disaster Recovery capabilities including ability to
restore onto different hardware
18
CONFIDENTIAL All Rights Reserved
4/10/2015
Onsite and Offsite Back-up are
Required
The CDP Solution
CDP 5.0 Product Overview
 Focus is on data restore under all circumstances including:
 Accidental deletion of files and application data
 User-directed restore – no admin needed
 Inoperability of workstation or server
 Bare Metal Restore to recover computing environment, then CDP to
restore data
 Replacement hardware different to original
 Bare Metal Restore (Universal) to recover computing environment to
dissimilar hardware, then CDP to restore data
 Local or Natural Disaster
•Offsite Portal
•Site-to-Site
•Local Archiving
•BMR(U)
21
CONFIDENTIAL All Rights Reserved
4/10/2015
CDP is easy to install and
configure
1. Install CDP Appliance
SQL
Exchange
AD
2. Install and configure an agent on each
workstation or server to be protected
3. Optionally select a disaster
recovery option
Internet
Offsite Portal
TCP/IP
USB
Site-to-site
Local
Archive
22
CONFIDENTIAL All Rights Reserved
4/10/2015
SonicWALL CDP is a complete
end-to-end restore solution
SQL, AD,
Exchange
Servers,
Desktops,
Central policy &
upgrade
management
CDP
Appliance
Internet
Offsite Portal
Laptops,
backed up
transparently
USB
TCP/IP
CDP Appliance
SSL VPN
Internet
SSL VPN
Local
Archive
All-in-one h/w
and s/w
BMR(U) for Servers,
desktops, laptops
Site-to-site
4 Disaster Recovery
options
Mobile devices backed up over VPN
23
CONFIDENTIAL All Rights Reserved
4/10/2015
A Complete Solution…
Internet
Local
Offsite
SonicWALL CDP Platform: Simple, End-to-End Data Protection
The SonicWALL Advantage
• Integrated = Cost savings
• Local and offsite = Secure
• CDP = Real-time Protection
• End-to-End = Reliability
SonicWALL CDP is a breakthrough, simple, end-to-end data protection
platform targeting the SMB market
24
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential
What is Continuous Data Protection?

The ability to continuously backup ever-changing data
Policy
Continuous
Backup
Appliance
Workstations and Servers
(Agents)
Offsite
Backup
Folders and Applications
with Data
Offsite Service
Definitions
Downstream CDP Appliance–
Upstream CDP
Appliance –
CDP in LAN on the customer’s
site doing offsite backup
CDP that is receiving
data from another CDP
aka Local CDP, Client CDP,
Downstream Node
aka Offsite CDP, Portal
CDP, Remote CDP
Box-to-Box Backup
 One-to-one backup
 Many-to-one backup
 Allows partners to
‘host’ offsite backup
 Use in distributed
network for
companies with
branch offices
 End-to-end protection
Key Features
 Simple, easy to use
 AES 256-bit Encryption
 Data is sent and stored encrypted to other CDP box
 Stores most current version of data
 Disaster at 5pm, get up and running with data from 4:59pm
 Flexibility
 Send all or some of data to another CDP box
 Only sends blocks that have changed
 Minimal configuration and training
 Mix-match CDP models
One to One Backup – VPN/WAN
• 1 Node SKU
• Valid support
contract
Many to One Backup
• 2 Nodes
• Valid support
contract
Benefits of Box-to-Box Backup
 Secure, confidential data backup and recovery
 Additional protection against data loss
 Easy deployment
 Quick recovery of data, settings and configurations or
settings
 Alternative to the SonicWALL Offsite Portal
Data Recovery
 Scenarios
 A file needs to be recovered
 An agent needs to be recovered
 Disaster Recovery
File Backup and Restore Operation


Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V1
football.doc
Agent
football.doc
Appliance
Offsite Service
File Backup and Restore Operation


Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V1
football.doc
football.doc
V1
football.doc
Appliance
Agent
Offsite Service
File Backup and Restore Operation


Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V2
football.doc
Agent
V1
football.doc
V1
football.doc
Appliance
Offsite Service
File Backup and Restore Operation


Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V2
football.doc
V1
football.doc
V1
V2
football.doc
Appliance
Agent
Offsite Service
File Backup and Restore Operation


Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V3
football.doc
V2
V1
football.doc
V3
V2
football.doc
Appliance
Agent
Offsite Service
File Backup and Restore Operation


Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V3
football.doc
Agent
V2
V1
football.doc
V3
football.doc
Appliance
Offsite Service
File Backup and Restore Operation


Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V2
football.doc
Agent
Restore
V3
V2
V1
football.doc
V3
football.doc
Appliance
Offsite Service
File Backup and Restore Operation


Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V4
football.doc
V3
V2
V1
football.doc
V3
football.doc
Appliance
Agent
Offsite Service
File Backup and Restore Operation


Multiple File Versions are Backed up and Saved on Appliance
Offsite Service holds the latest file version
V4
football.doc
Agent
V3
V2
V1
football.doc
V4
V3
football.doc
Appliance
Offsite Service
Agent Recovery

Agent is destroyed or lost
 Data can be easily recovered off of the appliance
Agent 1
Continuous
Backup
Appliance
Agent 2
Agent 3
Restore
Agent 3b
Offsite
Backup
Offsite Service
Disaster Recovery

Appliance and agents destroyed
 Appliance can be replaced and latest data recovered from the offsite
Agent 1
Agent Continuous
1a
Backup
Appliance
Agent 2
Agent 1b
Offsite
Backup
Offsite Service
Restore
Offsite
Backup
Agent 3
Agent 1c
Appliance 2
Main Hardware Components
 SonicWALL’s CDP Hardware Components
Server
Server
Client
Client
Appliance
Offsite Service
AES Encrypted
Data
Compressed
Data
Agent
Includes: Workstations,
laptops and servers
Backup Targets

CDP Implements two Backup Mechanisms

File Based CDP
 Agent interfaces with file system
Multiple Folders with Multiple Files

Application Based CDP (AB-CDP)
 Agent interfaces with application
Microsoft
Exchange
Active
Directory
Outlook
SQL Server
CDP 5.0 Hardware Appliances
Product Portfolio
CDP 110
CDP 210
CDP 5040
CDP 6080
46
CONFIDENTIAL All Rights Reserved
4/10/2015
Appliance Characteristics
Workstation Models
Server Models
CDP
110
CDP
210
CDP
5040
CDP
6080
Desktop
Desktop
1U
2U
-
-
RAID 5
RAID 5
RAM
512MB
512MB
2GB
4GB
Internal Drives
1 fixed
1 fixed
4 repl
4 repl
Total raw capacity
400GB
1TB
2.25 TB
Appliance Characteristics
Form Factor
RAID Support
4.5 TB**
~4.5 TB
~0.8TB
~2TB
~4.5 TB
100BaseT
100BaseT
GbE
GbE
Redundant Power protection
-
-
-
Yes
Field replaceable hard drives
-
-
Yes
Yes
Total usable capacity ~@2:1
Network Interface
** With optional Disk pack upgrade SKU
47
2.25TB
CONFIDENTIAL All Rights Reserved
4/10/2015
~9 TB**
CDP Features
 Workstation and Server Platform support*
 Vista, Win XP
 Windows Server 2000, 2003, 2008
 Linux Debian 3.1, Suse 10.1, Fedora Core 5, Redhat
Enterprise Linux 3
 Client Application support*
 Microsoft Outlook, Outlook Express
 Server Application support*
 Exchange 2000, 2003, 2007, User mailbox
 SQL Server 2000, 2005, 2008
 Active Directory 2000, 2003, 2008
*See websites for up to date list (updated regularly as matrix expands)
48
CONFIDENTIAL All Rights Reserved
4/10/2015
CDP Features
 Local Archiving using USB 2.0 drive
 Monitoring & Alerting
 For Site-to-Site and Offsite Portal (Email alerts to
administrator )
 Reporting (Emailed to administrator )
 Agents’ activity collected on Downstream CDP
 Downstream CDPs’ activity collected on Upstream
CDP (for Site-to-Site)
49
CONFIDENTIAL All Rights Reserved
4/10/2015
File Based CDP Targets

A folder is the basic target unit
 The entire underlying folder tree is monitored and backed up by the agent service
Target Folder
Folder Tree
Root and Common Folders

Agent Service monitors a collection of targets
Ajax

Two category of folders are specified
 Root Folders
 Absolute Addresses
 Like C:\Ajax\Players
 Common Folders
 Specific User Folders
 Desktop
 Favorites
 My Documents
Common Folders
 Enterprise Manager
 Sets backup for all users
on an agent
 Agent Tool
 Can set targets on a per
user basis
 Can only restore data for
authorized users
Block Level Processing
 File data is always processed in blocks
 Limits usage of CPU, memory and network resources.
Agent
Appliance
Offsite Service
File
Data
Agent
Appliance
Offsite Service
Block Processing
Block Processing
Block Processing
Agent Service and the File System
 Agent Service and Windows
Captures:
• Windows Save Notification
• File Address Region and
Offsets where data is written
Applications
Operating System
File System
Agent Service
Disk
Bypass
Backup for
Certain Files
for Backup
Scheduling Backups
 File backup is delayed
 To achieve file stability
 To reduce network utilization
 Wait time depends on
 File Size
 Last Backup
 Incremental vs. Full Backup
Windows Save
Notification
WAIT
PERIOD
High
Probability of
File “Stability”
File
Backup Process
Block Level Processing on Agent
 Agent Performs 3 Processing Steps
Agent
File
Data
Dismantles
into Blocks
Compresses
as needed
Sends
To
Appliance
Block Level Processing on
Appliance
 Appliance Receives and Stores blocks
 Sends latest file and database revisions to the Offsite Service
Appliance
From Agent
Incrementally
Backs-Up
Blocks
Stores
To
AES Encrypts
Offsite Service
Bare Metal Recovery
 Create image of entire disks or individual partitions
 Image includes everything - applications, data, updates, user
preferences, patches, etc.
 Unique Snapshot technology creates image without shutting
down system, closing applications or interrupting operations
 Restore entire image to recover a failed system quickly
 Create bootable media that includes all necessary drivers
 Browse image archives / Restore individual files and folders
58
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential
WHAT TO FIND – WHERE?
 3 main resources:
 www.sonicwall.com
 https://partnerlink.sonicwall.com/emea/
 www.mysonicwall.com
59
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential
60
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential
61
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential
62
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential
63
© 2005 SonicWALL, Inc. All Rights Reserved - Confidential