Scalability and data security are two fundamental requirements of an on-prem enterprise storage platform. Scalability ensures the platform will meet your need for storage consolidation both now and into the future. Robust security protects your most valuable asset – your company’s data — from the full range of threat vectors. Cloudian is a proven leader in both.
This blog discusses how Cloudian’s S3-compatible software was designed from the start to deliver on these requirements.
Scalability
Cloudian was built for simple, modular scalability to exabytes. Here’s how.
Modular design for capacity-on-demand
Cloudian is built on a fully peer-to-peer software architecture that enables limitless expansion of storage capacity, allowing enterprises to scale their storage from terabytes to petabytes without service interruptions. In the Cloudian architecture, each storage “node” consists of an industry-standard server running an instance of Cloudian HyperStore software. All nodes run the same software and are therefore identical in terms of its features and capabilities. As nodes are added the total usable capacity increases.
Performance scalability
Along with capacity, performance also scales as storage nodes are added. Because all Cloudian nodes can respond to incoming requests, the aggregate bandwidth of the system increases with each additional node, ensuring consistent and efficient data access. This means you can grow the environment without creating the performance bottlenecks found in scale-up storage platforms.
Multi-tenancy for management efficiency
To capitalize on scale, it’s imperative that you be able to securely share that capacity among many difference users and workloads. Cloudian HyperStore is a multi-tenant environment, allowing a single storage system to serve multiple customers, or “tenants.” Each tenant’s data is isolated in its own namespace. It remains invisible to other tenants, ensuring privacy and security. This secure sharing capability delivers on the operational benefits of a limitlessly scalable data lake by letting you add workloads without fear of compromising sensitive information.
Erasure coding and replication ensure data durability
Data durability is closely connected to scalability in the Cloudian architecture. To achieve scale, Cloudian HyperStore aggregates raw capacity from multiple independent server nodes. Data can be stored to those independent nodes using techniques including erasure coding and/or replication to achieve the desired level of data durability.
Erasure coding divides data into fragments, encoding them with redundant data pieces, and distributing them across multiple nodes, which can all be at the same site or at multiple sites. This ensures that data can be reconstructed even if some fragments are lost.
Data replication creates multiple copies of data and storing them across different nodes, providing redundancy and high availability.
Erasure coding can be configured in a number of ways, including the most common configuration, “4+2”, in which data is sharded across six nodes in a manner that allows for full data access even if two nodes were to fail. Many other EC configs are possible, along with different levels of data replication. The result is configurable data durability, up to (and even beyone) 14 nines data durability.
Bucket-level policies for granular control
Additionally, Cloudian HyperStore’s bucket-level storage policies enable precise control over data durability and performance characteristics for each data type. This flexibility allows organizations to tailor their storage strategy to meet specific needs, rather than relying on a one-size-fits-all approach. By selecting appropriate storage policies, businesses can optimize for high performance where needed and ensure robust data protection for critical information.
Software-defined for operational flexibility
Cloudian’s software-defined approach also contributes to scalability. Cloudian is deployed on standard x86 hardware of most any type, flexibility allows organizations to scale easily with commodity infrastructure or with existing infrastructure. This reduces capital expenditure while maintaining high performance and reliability.
Security
Security is critical for a cloud-like infrastructure. Cloudian is designed to be a shared platform, and it’s designed to be distributed across sites, if needed. Access controls and data security were designed in at multiple levels to achieve this flexibility in a highly secure way.
Security certifications
With the most security certifications in object storage, HyperStore helps organizations meet compliance requirements effectively.
- FIPS 140-2 Data Encryption Validation: NIST awarded Cloudian’s FIPS 140-2 Level 1 validation, signifying that HyperStore data encryption methods have been independently reviewed and tested.
- HyperStore is also certified to meet the requirements of SEC Rule 17a-4(f), CFTC 17 C.F.R. § 1.31, FINRA 4511c, IDW PS 880 (German) and OR §§ 957ff (Swiss) regulations, and meets the data sanitization standards specified by NIST 800-88.
Ransomware protection
To protect against ransomware corruption, Cloudian offers S3 Object Lock (WORM, write once, read many) functionality. Once Object Lock is enabled, your data is made immutable and cannot be altered or deleted until the policy-defined retention period is met. Ransomware cannot encrypt the data.
Intrusion defense
In addition, HyperStore is hardened by the use of HyperStore Shell (HSH) and RootDisable, securing the solution at the system level, even disabling root access to make the solution impregnable. Similar solutions typically have porous root access leaving system-level breaches possible. This is a hardened solution, verified in government testing, and is certified compliant with the non-rewritable, non-erasable storage requirements of SEC Rule 17a-4(f).
Summary
Cloudian HyperStore is a robust and scalable storage platform that addresses the needs of modern enterprises. Its capabilities as an AI Data Lake and software-defined storage solution provide flexibility, security, and seamless integration with cloud services, making it a practical choice for managing the complexities of digital transformation and data growth. The system’s modular growth capabilities and performance scaling ensure that it can meet the demands of any organization, regardless of size.