CTERA Enterprise File Services
Platform Architecture for
HP Helion Content Depot
Whitepaper by CTERA Networks
Highlights





How unstructured data growth drives cloud storage adoption
Putting cloud storage to work: Building blocks and approaches
The need for a unified, interoperable, multi-application platform
CTERA Enterprise File Services Platform architecture and benefits
Leveraging CTERA and HP Helion platform for IT-as-a-Service transformation
www.ctera.com
info@ctera.com
USA: (650) 227-4950
©2015 CTERA Networks Ltd., All Rights Reserve
Intl.: +972-3-679-9000
©2015 CTERA Networks Ltd., All Rights Reserved
Page 1
Growth of Unstructured Data
The rapid growth of storage consumption, particularly
for unstructured data, has driven organizations to adopt
cost-effective cloud storage solutions as a substitute or
complement to more expensive block or file storage
systems. Beyond cost savings, cloud storage offers
many benefits to organizations, such as: elastic use of
storage to match changing demands, usage metering
and pay-per-use cost models, built-in geographical
redundancy, global name space, flexible data access
methods, and the ability to easily shift data between
private and public storage spaces.
The first step in creating a cloud storage offering is
having the right infrastructure (deployed in-house, or
hosted), and for many applications that infrastructure is
object storage. However, the storage infrastructure, on
its own, is not sufficient to create and deliver the
storage-based applications that users need.
approach creates a maintenance and support
nightmare. Cloud storage gateways are an ideal
substitute for on-site file servers, providing an easyto-manage, disaster-proof alternative, while
retaining compatibility with existing applications –
without sacrificing performance.
 Mobile Access: Many organizations have adopted
‘bring your own device’ (BYOD) policies, tolerating or
encouraging
employee
use
of
personal
smartphones and tablets to access their corporate
data. Cloud storage can be used to support BYOD
data access, enabling users to access their files
anytime, anywhere.
 VDI: Storage is a significant portion of virtual
desktop costs, and can be reduced and optimized
by storing user files (as opposed to the VDI images)
in object stores.
As with any emerging technology space, a plethora of
vendors have developed tools to enable specific cloud
storage applications. Yet IT organizations and service
providers are struggling with the integration of
disparate tools into a consistent set of cloud storage
services, in an environment fraught with immature
technologies and unclear standards. A different
approach is needed: an enterprise file services platform
that supports multiple storage applications in a
consistent, integrated and scalable fashion.
‘Killer Apps’ of Cloud Storage
Cloud storage has given rise to several types of file
services:
 File Sync & Share: Cloud storage can be used to
create a simple, intuitive file sharing environment,
whereby employees can grant secure file access to
team members and guest users, and synchronize
files across their devices.
Figure 1: Cloud-Based File Services
 Backup: Cloud storage is ideally suited for backing
up user-generated files, and is an ideal replacement
for tape backup and off-site tape storage services.
 Branch Storage: Traditionally, enterprise branch
offices have local file servers in each office, for
storing local, unstructured data. As their business
scales, many enterprises now recognize that this
©2015 CTERA Networks Ltd., All Rights Reserve
Page 2
Cloud Storage Building Blocks
Deploying a cloud storage solution involves integrating
key elements, and addressing several key issues:
 Storage infrastructure: Since cloud storage is often
used for storing ‘unstructured data’ (e.g., files), it is
often implemented using object storage architecture.
Object storage excels in storing and retrieving
variable size objects along with their associated
attributes. It typically has application programming
interfaces (APIs) that support creation, retrieval and
manipulation of stored objects. The industry standard
for object storage APIs has evolved around the HTTP
protocol, and is commonly referred to as REST API.
 Storage clients: The devices that access objects (or
files) stored in the cloud. Those typically include
users’ workstations, departmental servers and mobile
devices.
 Connectivity: Most storage clients support traditional
network protocols for accessing files remotely, for
example:
SMB
(Microsoft
Windows),
NFS
(Linux/Unix) and AFS (Apple OS X). These protocols
are not compatible with the new cloud storage APIs.
Therefore, a bridge is needed between the traditional
file access protocols and the new cloud storage APIs.
 Security: Since cloud storage usually resides off
premises, data exchanged between storage clients
and the cloud must be protected (e.g. encrypted)
both in transit and at rest.
 Performance: For end-users to adopt cloud services,
they must be able to access their files with
reasonable throughput and low latency. Therefore,
any solution that moves primary data to the cloud
must employ clever caching and tiering mechanisms.
Additionally, the volume of data transferred to/from
the cloud should be minimized to avoid taxing of
network resources and bandwidth, for example by
employing WAN optimization, data de-duplication
and compression.
 Reliability: For end-users to adopt cloud storage
services, they must be able to rely on availability of
data, even during inevitable Internet connectivity or
service disruptions. To reduce the impact of such
failures, it is crucial to use a hybrid approach such as
on-site storage or pinning of the most important data
to be always available locally.
©2015 CTERA Networks Ltd., All Rights Reserve
 Management: A single cloud storage pool may be
used by thousands of sites and numerous users. Any
cloud storage service would require sophisticated and
scalable management utilities that support quick
service provisioning, real-time monitoring and
simplified maintenance.
Putting the Pieces Together
Organizations who are considering building a cloud
storage service (external or internal) can adopt any of
the following approaches:
 Do It Yourself (DIY): Picking individual cloud storage
building blocks and putting them together. This
involves deploying specific storage infrastructure,
installing protocol conversion gateways, creating a
management framework, developing individual
storage services, and integrating the entire system.
The advantage of this approach is having full control
over the architecture. However, the complexity and
TCO of such an effort will be very high, making it an
unrealistic option for most organizations.
 Best-of-breed solutions: Implementing vendor
supplied systems for each particular cloud storage file
service. For example, deploying one system that
supports backup, another that offers file sharing
services and a third to handle mobile access. The
advantage of this approach is the ability to select an
optimal solution per each storage application. The
challenge is integration between disparate systems.
Users and admins are required to deal with multiple
interfaces, depending on the application they need to
access, and a larger footprint on end-point devices.
 Unified platform: Deploying a services platform that
supports multiple cloud storage applications. The
platform
should
support
multiple
storage
applications ‘out of the box’, and seamlessly integrate
with existing IT infrastructure. The main advantages
of this approach are integration and consistency
between multiple storage applications. The challenge
here would be to support new applications currently
not supported by such a platform.
Page 3
What’s in a Platform?
The adoption of new technology typically involves
progression from do-it-yourself systems, through bestof-breed tools till finally reaching a platform approach.
The cloud storage market has evolved quite rapidly,
reaching a maturity level where the platform approach
is not only feasible, but delivers benefits that are
impossible to achieve using other approaches:
 Flexible deployment scenarios: Cloud storage
applications may be deployed as a public cloud
service, on private cloud infrastructure, or in virtual
private (hosted private) infrastructure. The data may
be accessed from desktops, laptops, web browsers,
smartphones or tablets. Users may reside in a
corporate office, home, or be on the road. They may
include permanent employees as well as consultants,
partners or customers. An enterprise file services
platform must therefore successfully address and
support all these deployment scenarios.
 IT infrastructure integration: Cloud storage is not
deployed in a vacuum. Organizations have made
significant investments in existing IT infrastructure.
Management systems, authentication services, billing
systems, and self-service app stores are examples of
infrastructure already deployed in datacenters. An
enterprise file services platform should be able to
interface and interoperate with existing IT
infrastructure, both at the data center and remote
offices.
 Scalability: A cloud storage service may be used by a
large number of businesses, thousands of corporate
remote offices, and numerous end-users. An
Enterprise file services platform must therefore scale
from a few to 100,000’s of users and devices. Since
demand for storage constantly grows, the platform
should scale to virtually any size of back-end storage.
through encryption, data stored on the cloud storage
infrastructure (i.e. at-rest), as well as protect data
transferred to/from storage clients and storage
infrastructure (i.e. in transit). User authentication
procedures and data access rights must be strictly
controlled. The platform should also ensure data
integrity, to prevent accidental data corruption or
unauthorized tampering. Lastly, all data, metadata,
encryption keys and access privilege data should all
be kept behind the firewall.
 Performance: Cloud storage applications involve
large volume data transfer (e.g. during backup) and
remote data access (e.g. from mobile devices or
remote sites). Successful adoption of cloud storage
requires that access performance, network load, and
storage size requirements are optimized. To that end,
the enterprise file services platform must employ
techniques such as de-duplication, compression and
bandwidth throttling.
 Service Management: IT teams must be able to
easily provision, monitor and maintain the cloud
storage service. With 100,000’s of devices and users
accessing the service, manual management
processes are highly inefficient, or even impossible to
implement.
Multi-tenancy
support
and
administration tiers are also required. All these
capabilities combine to deliver agility that facilitates
the transformation of IT departments into IT-as-aService organizations.
 Multiple File Services: Naturally, the enterprise file
services platform must support multiple file services
such as backup, file sharing or mobile access. Its
architecture must be scalable and extensible to allow
for future addition of new storage applications.
 Security: One of the key concerns associated with
cloud storage adoption is data security. The
enterprise file services platform must protect,
©2015 CTERA Networks Ltd., All Rights Reserve
Page 4
The CTERA Enterprise File Services Platform
Figure 2: CTERA platform logical architecture, integrated with HP Helion platform
CTERA recognized the need for an integrated
enterprise file services platform to enable the delivery
and management of multiple cloud storage-based
applications. Figure 2 outlines the key elements of the
CTERA platform:
 Storage infrastructure: The CTERA platform provides
native support for HP Helion Content Depot via an
®
optimized OpenStack Swift connector.
 Storage Clients: The CTERA family of storage clients
includes its cloud storage gateways, which are
deployed in physical locations; desktop and server
software agents; mobile apps for iOS, Android and
rd
Windows Phone smartphones and tablets; 3 party
web browsers. The cloud storage gateways are all-inone branch office ‘network attached storage’ (NAS),
collaboration and backup appliances. As part of their
NAS functionality, they also offer ‘protocol
conversion’ (see figure 3 next page) of local network
storage protocols such as CIFS, NFS, AFP and FTP
thus enabling seamless deployment of cloud storage
into existing IT infrastructure. The wide range of
storage clients enables the CTERA Enterprise File
Services Platform to support virtually any
©2015 CTERA Networks Ltd., All Rights Reserve
deployment scenario, including small businesses,
enterprise ROBOs, individual users, mobile users and
anyone with a web browser.
 Device Connectors: Handle the interface between
the CTERA storage platform and its diverse set of
storage clients. The device connectors communicate
with cloud storage gateways over a web-optimized
protocol named CTTP. The gateways handle/convert
any legacy protocol to CTTP, while the storage
connectors convert CTTP to any proprietary cloud
storage protocol. This makes the integration between
cloud storage and existing IT systems seamless.
 Security and Acceleration: The CTERA platform has
built-in functionality for security and acceleration.
Data is encrypted as soon as it leaves the storage
client, ensuring full protection in transit and at rest.
Users have full control over encryption keys, ensuring
that their sensitive data is not accessible to others.
On mobile devices, access is verified with 2-factor
authentication, and data is encrypted, ‘sandboxed’
(sequestered) from other applications, with a remote
wipe feature for lost or de-authorized devices. On the
acceleration front, CTERA employs client side
Page 5
source-based de-duplication, compression and
bandwidth throttling. Any data redundancy is
removed before being transferred over the WAN,
thus reducing network load and required cloud
storage space. These techniques also enhance
performance for end-users.
 Multi-Tenant, Multi-Tier Management: Designed to
support large deployments by service providers or
large enterprises, the CTERA platform offers highly
scalable provisioning, monitoring and maintenance
capabilities. Built in templates and automation
features help administrators control 100,000’s of
users and devices. There are several management
tiers within the system to allow delegation of
administration rights to customers, divisions, or
agencies, and multi-tenancy keeps data and service
plans separate between them.
 Enterprise Integrations & APIs: Designed for
integration with existing IT infrastructure, the APIs
enable a seamless interface with important functions
such as: existing directory services (e.g. Active
Directory, LDAP) for user authentication and rights
management; Anti-Virus (AV) scanning to prevent,
detect and remove malicious software; Enterprise
Mobility Management (EMM) solutions to manage
and maintain the use of mobile devices; Data loss
prevention (DLP) to detect and prevent potential
data breaches; Single Sign-On (SSO); Billing systems;
and a variety of other existing IT services.
 Core File Services: The CTERA platform includes
several key application workflows. Among those are:
File sync & share (FSS) for secure sharing of files
amongst devices and users whether roaming or at
branch offices; Hybrid backup that combines local
backup with cloud backup of user workstations and
servers; Team collaboration tools that support adhoc and project-based information sharing; Remotely
managed ‘network attached storage’ (NAS) for SMBs
and enterprise remote offices; etc. The platform can
be extended to support future applications,
developed by CTERA or its partners (through APIs).
Figure 3: CTERA platform’s protocol conversion
©2015 CTERA Networks Ltd., All Rights Reserve
Page 6
The following table summarizes how the platform requirements outlined earlier in this white paper are addressed by
the CTERA platform:
Platform requirements
CTERA capabilities
Back-end interoperability
Cloud storage connectors offer certified interfaces to a variety of storage vendors and
cloud storage services, configurable via a wizard interface with no coding required.
Flexible deployment
The broad offering of cloud storage gateway appliances, end-point software agents and
mobile apps addresses multiple deployment scenarios.
IT infrastructure integration
CTERA Portal, the management system, includes enterprise integrations & APIs for
billing, monitoring, and web shop front.
Scalability
The CTERA platform scales to 100,000’s of users and end-point devices. Load
balancing and high availability are supported for scale-out deployments.
Security
Data is encrypted in transit and at rest; User authentication is based on existing directory
services (AD, LDAP); Mobile device data is ‘sand-boxed’ and can be wiped remotely;
Single Sign-On (SSO) is supported.
Performance
Source-based de-duplication, compression and bandwidth throttling ensure that users
enjoy maximum performance with minimum load on network and storage resources.
Disaster recovery

CTERA portal, the management system, includes point-in-time recovery and built-in
replication of the Portal database.
Service Management
CTERA Portal offers centralized provisioning, monitoring and maintenance of large scale
deployments, with multiple tiers of management. Templates are employed to manage
and configure a large number of remote appliances.
Customization
CTERA Portal look & feel can easily be ‘white labeled’ to meet corporate or service
provider branding needs.
Storage applications
CTERA has multiple built-in, full-featured storage applications, such as: hybrid-backup of
workstations and servers; truly private file sync & share (FSS); team collaboration
services; mobile data access with BYOD support; centrally-managed NAS appliances.
Benefits of CTERA Deployed on the HP Helion Content Depot
Adopting an integrated platform approach to cloud storage offers significant benefits:

Enterprise Productivity: A simple, comprehensive approach to enterprise user file access & data protection –
direct-to-cloud or from remote & branch offices.

Maximum Data Security & Privacy: Flexible deployment, all behind the enterprise firewall, to ensure
maximum data and metadata security and sovereignty.

Cost-Efficient to Minimize TCO: Leverages software-defined-storage and central management tools
aggregate data & administration from a cost-effective cloud resource.

Comprehensive Data Governance: Centralizes all data and access history to one comprehensive data
management system comprehensive insight and centralized control.

Simple, Scalable IT Delivery & Support: Automated service delivery: Creates new IT efficiencies while also
enhancing the end user service level experience. It provides faster deployment times, while reducing
operational IT overhead. At the same time it provides end-users with consumer-like apps and self-service
provisioning that enhance productivity and satisfaction.
©2015 CTERA Networks Ltd., All Rights Reserve
Page 7
Summary
Organizations who wish to deploy cloud storage and associated applications are best served with a unified storage
platform that handles integration, interoperability and manageability challenges.
The CTERA Enterprise File Services Platform, deployed on the HP Helion platform, enables enterprises and service
providers to quickly deploy a full-featured cloud storage-based file services. It seamlessly integrates with existing IT
infrastructure, is architected for multi-tiered management, includes built-in security measures, and offers back-end
storage infrastructure flexibility. With CTERA and HP Helion, organizations can adapt to any deployment scenario,
offering robust storage applications to all users, including remote and mobile ones, while enabling IT-as-a-Service
transformation, increasing business agility and reducing total cost of ownership (TCO).
Figure 4: CTERA Portal provides scalable, centralized management of remote appliances and end-point agents
©2015 CTERA Networks Ltd., All Rights Reserve
Page 8
CTERA Networks enables enterprises to securely sync, share, protect and govern
files from any device or remote office, all from the cloud of their choice. Trusted
by the Fortune 100 and leading service providers, CTERA provides industry’s
most secure approach to file services, with the widest choice of use cases and
infrastructure options to enable the IT-as-a-Service transformation.
For more information, visit www.ctera.com
The OpenStack word mark and the Square O Design, together or apart, are trademarks or registered trademarks
of OpenStack Foundation in the United States and other countries, and are used with the OpenStack
Foundation’s permission.
www.ctera.com
info@ctera.com
USA: (917) 768-7193
Intl.: +972-3-679-9000
©2015 CTERA Networks Ltd., All Rights Reserved