Cloud Gateways in the Enterprise
In basic terms, cloud gateways translate block or file commands to the cloud via REST or SOAP APIs. They may be physical or virtual appliances, and in some cases, they are storage systems. Specific offerings vary. Some gateways are primarily caching mechanisms to speed up data transfers. Cloud gateways scale up the business food chain from SMB to the enterprise. For mid-sized businesses and enterprise, more advanced gateways offer robust features beyond simple caching.
Enterprise development is centering on gateways with added value, such as NAS storage systems with cloud enablement, native data protection, distributed file sharing and robust security. As of yet, gateways are not sufficient to translate high transaction commands to the cloud.
Some commenters put cloud storage gateways into the STaaS (storage as a service) category, but they aren't really the same thing. They require an on-premise appliance or storage system to work. Whether physical or virtual, the devices require IT optimization and maintenance time, as well as sufficient bandwidth to work. However, their value is clear when faced with the alternative of sending data to the cloud without a gateway.
Latency is one big reason. Transporting data to the cloud without a gateway results in performance hits. Applications are built for traditional interfaces, including Fibre Channel, iSCSI, NFS and CIFS. Cloud storage does not operate using these protocols, but offers object storage with REST or SOAP interfaces. The result is severe latency, which gateways address by translating file and block protocols into these cloud APIs. Note that hosting NAS storage services in the cloud falls into the same reduced performance bucket by introducing high latency into the NAS storage system.
In contrast, gateways manipulate block and file data into objects by using cloud APIs. Most gateways add other fundamental value as well, such as caching, encrypting data and authenticating access. Most will also dedupe and compress to accelerate data transfers.
Adding a gateway appliance can add more complexity to the infrastructure, and adding gateway services via NAS systems means replacing traditional storage. However, there are several strong benefits to adopting cloud gateways that may overcome initial hesitation:
- Mobility. Some gateways expand beyond a single storage environment by connecting gateways to distribute storage and functionality. Global gateways enable users to access and share file while expanding IT control. Centralized consoles enable a control point for managing distributed data horizontally as well as vertically.
- Cloud flexibility. Gateways can ease the pain of choosing cloud providers and avoiding lock-in. Gateways enable simple integration between block and file protocols to the cloud without having to script and to change that script every time IT connects to different cloud. The gateway standardizes data traffic so it is simpler to send some workloads to one provider and others to another provider.
- File sharing. Connected gateways can also enable enterprise file sync and share (EFSS). “Sync” is the key here, with some gateway vendors adding value by building in EFSS to their gateways. Using cloud gateways to provide a distributed environment serves as a natural foundation for file-sharing products.
- Data Protection. Many gateway providers are building native data protection into the product, which is a particular advantage with distributed gateways. Traditional DP works on the gateway storage level but not over its cloud connection. Native DP enables the gateway to protect the data it is transporting to and from the cloud.
- Security. Security can be an issue with CIFS and NFS transfers to the cloud. These protocols gain their security from the network’s security, and sending data to the public cloud divorces them from built-in environmental protections. Having said that, security can be a core benefit in the gateway. F5 offers Secure Web Gateway Services for incoming and outgoing data security, while CTERA integrates with third party antivirus software, offers encryption for data in flight and at rest, and authenticates access.
Issues to Look For
Although gateways provide much higher performance than transporting data without them, they do not magically solve bandwidth issues. WAN acceleration helps, and deduping and compressing data should be standard issue on cloud gateways. But pipes do not simply carry data; they also carry protocol and application overhead. So although companies can mitigate the problem of limited bandwidth, they will not solve it without springing for more expensive pipes. Even then, there is a limit to the speed of data transfers between geophysical sites (i.e., the on-premise and cloud data centers).
Gateway vendor lock-in may also be an issue. The gateway vendor manipulates the data that it transports to the cloud. Users will want to know how to retrieve this data should they change gateway vendors. This is an old-hat issue with backup and archiving, which always require the same application to restore as to backup. It is a more worrisome issue with production data.
Gateways are increasingly popular in the enterprise, which means that gateway vendors are busy building in competitive value. The most common feature is native data protection, which replicates to the cloud. Less common is file collaboration or enterprise sync and share, where distributed gateways share files horizontally between distributed file shares. CTERA’s gateway has both native data protection and EFSS capabilities.
Other vendors run the gamut of gateway offerings. Predictably, AWS Storage Gateway is all-Amazon, all the time. Amazon backs up data as EBS snapshots in S3 with connections to Glacier as long-term storage. Users have the option to access their backed up data as EBS volumes that they can mirror to EC2.
EMC acquired cloud gateway vendor TwinStrata and its CloudArray offering in 2014. EMC embedded CloudArray into VMAX as a native data protection service to private and public clouds. The gateway caches and replicates blocks and files to the cloud.
Nasuni, Panzura and Avere are less gateway appliances than NAS systems with cloud gateway features. All run on proprietary file systems. Nasuni offers hybrid flash architecture and controllers engineered with native cloud storage features, and it runs snapshots and a centralized management console. Panzura’s Global Cloud Storage System enables file sharing and active archiving with structured file backup and DR from the cloud. Avere offers Cloud NAS through its hybrid flash FXT Edge Filers. Avere integrates compute and storage on-premise and in the cloud, enabling better application performance.
Microsoft StorSimple is another storage array with cloud enablement. StorSimple integrates with several public clouds but is full-featured with Microsoft Azure. StorSimple treats the cloud as an active secondary storage tier serving data protection, disaster recovery and test/dev.
Photo courtesy of Shutterstock.