Blog categories

My blog posts and tweets are my own, and do not necessarily represent the views of my current employer (ESG), my previous employers or any other party.

I do not do paid endorsements, so if I am appear to be a fan of something, it is based on my personal experience with it.

If I am not talking about your stuff, it is either because I haven't worked with it enough or because my mom taught me "if you can't say something nice ... "

Welcome Back, Veritas! The Truth is still the Truth

Today, Symantec announced that the Information Management (Data Protection) side of Symantec will be called Veritas Technologies Corporation – (press release). Frankly, if they had chosen anything else, I would have been disappointed.

The Truth is Still the Truth

“Veritas” actually means “Truth,” hence the original name as a way to imply the reliability and the authenticity assurances that Veritas’ technologies offer for your data, not only in traditional backup, but also storage management and availability technologies. And in a world of grey, some things (like data protection) really need to be black & white. Either your data is recoverable or not. Either your users are able to access their IT resources or they aren’t. Just as the world needs more definitive and unambiguous “truth,” many IT environments need better data protection, data preservation, high availability and integrated storage management. Maybe they need more Veritas?

Aside from the philosophy, the brand still has equity today.

The reality is that many of those folks that are using or have used/considered the information management portfolio from Symantec continued to see/say “Veritas” as the subtitle in their dealings anyway. Heck, many of the products’ best practice guides or social communities still leveraged Veritas in the product names somewhere – e.g. “Symantec Cluster Services powered by Veritas,” which the world always has and will again (presumably) call VCS.

So, what does Veritas have to do to be successful moving forward?

Leverage the broader IM portfolio to tell a single story, period.

Yes, they have to continue to separate their back-office operations, shore up their field/marketing and gain some IM-specific affinity with partners, but I believe the highest imperative is to truly embrace the Veritas portfolio (arguably for the first time).

While last year’s Symantec had a wide range of products, their marketing/field/engineering motion was really like two behemoth products (InfoSec and Backup), with the rest of the portfolio barely hitting most IT buyers’ radar, which is really too bad because some of those smaller products are not only really cool technology, but were the differentiators between just “backup” and comprehensive “data protection, preservation and availability.”

As much as InfoSec and InfoMgmt might have sounded like IT siblings or fraternal twins, they had very different buying cycles, influencers and innovation patterns; making them distant cousins at best. Now, InfoMgmt (Veritas) is an “only-child,” so it has no excuses but to tell a single story that will hopefully resonate with its channel, partners and customers. That said, their single story isn’t (or shouldn’t be) a “backup” story, but a true “information management” story that delivers data protection, preservation and availability in a single portfolio. Essentially, Veritas has the opportunity to deliver what I call the Data Protection Spectrum from a single company, through a broad channel system to customers of all sizes – if they choose to. If they don’t choose to leverage their Veritas-wide IM portfolio of differentiable capabilities, then they won’t really be “Veritas” as the whole truth, but merely the half-truth of being the “NetBackup/BackupExec Company.” 2015 will tell, but I’m optimistic for them.

Congrats to my Mountain View friends on another milestone towards what could be an amazing adventure — and welcome back, Veritas.

[Originally posted on ESG’s Technical]

You can prepare for tomorrow’s disaster today

This week, many of my colleagues are preparing for Winter Storm Juno. One of my compatriots actually warned his friends on Facebook that he was going to run around supermarket aisles telling folks “We’re all going to die!!

But seriously, it wasn’t that many years ago that IT folks would shrug their shoulders with the acknowledgement that “If you haven’t prepared for this months ago, there is no hope for you now.” And in every crowd, there would be some IT folks that quietly acknowledged that they never got around to preparing for a regional crisis or any other significant IT disruption. Those folks promised themselves that as soon as this weather pattern (or other pending calamity) was over, they would do better. And then the crisis passed and those IT folks spent the first few days afterwards catching up on what slowed down during the storm, and then naively continued on without ever really changing their DR preparedness.

We’ve all done it: we’ve all at some point cried out, “God, if I get through this, I am going to change” (either in IT or life) – and most of us have likely survived whatever the crisis was and then continued on without that change.

You Can Prepare For Tomorrow’s Disaster!

While it would be wholly irresponsible of me to suggest that you can do BC/DR planning in a day, you can do the most essential step – GET YOUR DATA OUT OF THE BUILDING.

If your servers are virtualized, they are (trans)portable.

If you have a credit card, you can get a secondary data center in the cloud.

The combination of those two wonderful realities is Disaster Recovery as a Service (DRaaS).

And while there is much more to BC/DR planning than “Create Account, Install Replication Software, Click [Start]” … those actions alone can provide you with a copy of your VMs in a survivable location.

But that isn’t real BC/DR!!

TRUE! If you actually need to use them, you’ll have to roll up your sleeves and do a little work to get them bootable within the cloud or replicate them back down someplace else – but at least it gives you an option. To do nothing except shrug your shoulders is to accept that your personal BC/DR plan is an updated job resume.

But the storm is already here – I won’t get everything copied over!!

Maybe not – but if you don’t do something, you won’t have copies of anything. Good luck in your next job and please pass on your regrets to your former colleagues that are also out of work.

Other than making copies, I don’t know anything about real BC/DR

Fair enough – but the good news is that DRaaS providers often provide that kind of consulting expertise, as well as their data center and technology. BC/DR is about planning, as much as technology, but the good news is that it isn’t as hard as you might think, with the right partner.

Not all of my servers are virtualized!

Why not?! Unless you have a mammoth multi-server database running on an archaic OS and a support agreement that is tied to the entire stack running on original hardware, then virtualize it! Some replication technologies will even protect physical production servers and convert them into virtual BC/DR servers. You probably shouldn’t do that without testing (not this week), but at least get your data out of the building … and once you’ve replicated and converted the physical servers to VMs, do some tests and you’ll likely discover that they run just fine that way. Virtualize everything.

Are you out of excuses yet?

Then get your data out of the building and keep your people safe — and when you’ve survived this potential calamity, look into real BC/DR by first looking at DRaaS.

Hyperconverged Infrastructure for BCDR using EVO RAIL

Shortly after VMware announced its EVO Rail initiative, whereby hardware partners could start delivering a very dense compute, storage, and networking solution within a wholly-contained appliance – I started exploring the data protection aspects of an EVO Rail solution.  The nice folks in ESG’s video studio have produced a whole series on this … in two-minute increments.

In the earlier video capsules, we looked at the protection of EVO Rail systems in production.  For part 6 in the series, let’s look at EVO RAIL as perhaps the ideal BC/DR infrastructure.

After all, it has everything you need for a second site … so why not drop one in an alternate location (or co-lo site) and start replicating to it?  And for DRaaS providers, perhaps a self-contained EVO might be an interesting option over a shared infrastructure for some clients?  Check out the video for more details:


Please feel free to check out the earlier installments in the series:

DP considerations for EVO Rail – part 1 – an overview of EVO RAIL and its data protection ramifications

DP considerations for EVO Rail – part 2 – VMware’s own data protection options

DP considerations for EVO Rail – part 3 – EMC’s EVO RAIL and its data protection possibilities

DP considerations for EVO Rail – part 4 – Dell’s EVO RAIL and its data protection possibilities

DP considerations for EVO Rail – part 5 – HP’s EVO RAIL and its data protection possibilities

In the next few weeks, I will be releasing the last of the seven segments  … on channel partner considerations for EVO RAIL systems.  As always, thanks for watching.

– jason

[Originally blogged on ESG’s Technical]

Better Catalogs Make for Better Data Restores (video)

It really is just that simple: backup products without robust catalogs are just that, backup products – not restore products.

There are lots of reasons that just maintaining a browse-able file list is not enough today, including not only a lack of search-ability but also because the catalog is the key to really leveraging primary storage snapshots and replication capabilities with traditional backup for a modern recovery capability.

As always, thanks for watching.

[Originally posted on ESG’s Technical]

How to Protect an EVO RAIL (video series)

VMware’s EVO RAIL is an architecture for a hyper-converged, software-defined data center in a single appliance form-factor … to be delivered by various hardware partners.  But how do you protect that all-in-one solution?

For the next several weeks, ESG will be releasing a seven-part series of ESG Capsules, 2 minute video segments, where I’ll talk more about some of the protection possibilities and caveats in an EVO world:

part 1 – Introductory ideas for protecting EVO RAIL

part 2 – Solution Spotlight : VMware

part 3 – Solution Spotlight : EMC

part 4 – Solution Spotlight : Dell

part 5 – Solution Spotlight : HP

part 6 – BC/DR possibilities

part 7 – Channel considerations

Here’s part 1 on ideas for protecting an EVO RAIL.  Check back here for updated hyperlinks … or follow @JBuff on twitter to see more of this series.

Thanks for watching

[Originally posted on ESG’s Technical]

Data Protection Appliances are better than PBBAs

Too many folks categorize every blinky-light box that can be part of a data protection solution as a "Purpose Built Backup Appliance" or PBBA.

But the market isn’t just a bunch of apples with an orange or two mixed in, data protection appliances (DPAs) can be apples, oranges, bananas and cherries — but if you lump them all together, all you have is a fruit salad.

So, let’s reset the term to understand the market:

  • "Backup" alone isn’t enough — so call the all-encompassing category what it should be delivering = "Data Protection"
  • And there isn’t just one kind of appliance, there are at least four:
    • (real) Backup Appliances
    • Storage / Deduplication Appliances
    • Cloud-Gateway Appliances
    • Failover Appliances

Check out this video to see how I look at Data Protection Appliances:

As always, thanks for watching

[Originally posted on ESG’s Technical]

Could VeeamON be the next MMS?

This week is the first VeeamON, Availability for the Modern Data Center, conference in Las Vegas. As I listened to the side conversations and such, I was reminded of the special-ness of Microsoft Management Summit (MMS). Not MMS 2010+, when Microsoft started shoe-horning everything in the Server & Tools line-up, before eventually killing it and Tech-Ed behind it … but MMS 1995-2005, which was as much about "community" as it was "technology".

Veeam has very smartly done something that other data protection vendors several times larger have failed to do — create a community of avid influencers and advocates that are made up of Microsoft MVPs, VMware vExperts and an army of well-intentioned backup folks that are passionate about telling people how Veeam saved their jobs by reliably and quickly recovering a a VM. Many larger companies have tried to programitize that community initiative, and most haven’t seen success on any scale. But Veeam has … so a conference is the next logical step.

The question will be whether Veeam can convert the cyber-community that advocates their products year-round and parties with Veeam at TechEd/VMworld. Can Veeam maintain or build on that community vibe in an in-person event? If they can, and then build anticipation for VeeamON 2015, then lightning will have struck and VeeamON could be for many what was revered about MMS.

There is a notable difference with VeeamON over MMS, though. Veeam is adamantly 100% channel to the degree that they don’t even maintain a direct sales team. So, VeeamON is as much for partners (vendor, channel and cloud), as it is the customers — which is different than the much more enterprise-vibe of MMS in its latter years. Another difference is the accessibility of Veeam exec’s walking throughout the venue and striking up personal conversations throughout the day — something that again shows the strength of the "community" of the Green Army. With Veeam aspiring to be the next $1B player in IT, there are more parallels that one could make with MS System Center, which also became a $1B during MMS’s hay-day. Veeam is doing it without a juggernaut behind them, though their partnerships with MS, VMware, NetApp, Cisco, HP, Exagrid and others doesn’t hurt.

The event itself is as much style (at the Vegas Cosmopolitan) as it is substance (deep technical breakouts) — so the rest is left to be seen. Congrats to Veeam on what is looking to be a great start to what could be a powerful event in IT availability, through data protection.

[Originally posted on ESG’s Technical]

Why Doesn’t IT back up BYOD!?

ESG recently started offering TechTruths … single nuggets of data and the analyst perspectives of why they matter. Check out all of them via the link above, but here is my favorite so far on BYOD data protection:


So, why doesn’t IT back up BYOD endpoints?! It isn’t a rhetorical question.

I have always been confounded why IT, the custodians of corporate data, doesn’t feel obliged to protect that corporate data when it resides on an endpoint device, and more particularly when the corporate data resides on a BYOD endpoint device.  I understand the excuses – its hard to do well, the solutions are expensive, its difficult to quantify the business impact and therefore the ROI of the solution. In fact, in ESG’s Data Protection as a Service (DPaaS) trends report, we saw several excuses (not reasons) to not back up endpoint devices.


The myth that endpoint protection is hard and without justifiable value is old-IT FUD, in much the same way that tape is unreliable and slow. Both were true twenty years ago, and neither are true today.

Today, with the advent of all devices being Internet-connected, it’s never been easier to protect endpoint data, whether employer- or employee-owned. The real trick and one of the most interesting areas of data protection evolution is in the IT enablement of endpoint protection. It used to be that most viable endpoint protection solutions were consumer-only, meaning that IT was not only excluded from the process, they were unable to help when it matters. Today, real business-class endpoint protection should and does enable IT to be part of the solution, instead of the problem:

  • Lightweight data protection agents that reach through the Internet to be protected, with user experiences that look like they came from an AppStore, instead of from the IT department.
  • Encrypted connections in-flight and at-rest ensure the data is likely more secured while protected than it might be on the device itself.
  • And most importantly, IT oversight – so that IT can do the same diligent protection of corporate data on endpoints that it does with corporate data on servers.

If you aren’t protecting your corporate data on endpoint devices, then you aren’t protecting your corporate data, period – and with today’s technologies, you are out of excuses (and reasons).

[Originally posted on ESG’s Technical]

HDS bought Sepaton – now what?

Have you ever known two people that seemed to tell the same stories and have the same ideas, but just weren’t that in to each other? And then one day, BAM, they are besties.

Sepaton was (and is) a deduplication appliance vendor that has always marketed to “the largest of enterprises.” From Sepaton’s perspective, the deduplication market might be segmented into three categories:

  • Small deduplication vendors and software-based deduplication … for midsized companies.
  • Full product-line deduplication vendors, offering a variety of in-line deduplication, single-controller scale-up (but not always with scale-out) appliances from companies that typically produce a wide variety of other IT appliances and solution components … for midsized to large organizations.
  • Sepaton, offering enterprise deduplication efficiency and performance to truly enterprise-scale organizations, particularly when those organizations have outgrown the commodity approach to dedupe.

Aside from the actual technology differences between the various deduplication systems, the Sepaton approach is somewhat reminiscent of the different marketing philosophies between American cars that appear to be commonplace and some well-engineered, European beast that is positioned for the select few – justifiably so, or not.

To be fair, Sepaton’s technology really is markedly different in a few aspects that do lend it to enterprise environments, but their challenge until now has been gaining penetration into those enterprise accounts – and defending against the other deduplication vendors in those enterprise accounts whose solution portfolio typically includes production storage systems (not just deduplication secondary systems) and other key aspects of the overall IT infrastructure, often with higher relationships and more flexibility in pricing due to the broader portfolio … and that is where this gets interesting.

HDS tells a similar story around understanding and meeting the needs of truly large enterprises, so Sepaton story is congruent with what the HDS teams know how to talk.

HDS’s core DNA is a conservative approach to knitting together solution elements, while trying to help the customer see the bigger picture in IT – which should allow the Sepaton product lines to seamlessly be evangelized within a broader HDS data protection and agility story. I for one am eager to hear more about what that new broader story sounds like, with the Sepaton pieces integrated in.

Similarly, HDS serendipitously did not have its own deduplication solution already (unlike almost every other big storage/IT vendor that HDS competes with), so there should be very little overlap – and in fact, the primary data protection products (e.g. Symantec NetBackup) that HDS often offers its customers already work well with the Sepaton platform (due to OST support).

But most importantly, HDS has the broader enterprise gravitas that Sepaton alone could not achieve. HDS ought to be able to have similar C-level meetings to those of Sepaton’s (and HDS’s) competitors, and that means that more enterprises will be exposed to Sepaton and HDS will have a broader story to tell (win-win).

Put it all together:

  • Sepaton gets better enterprise reach and more enterprise sales folks that align with the Sepaton story.
  • HDS broadens its storage portfolio beyond primary storage with a complimentary secondary/deduplication solution that is aligned with its core story and customer base for incremental sales and broader customer penetration, due to a more complete story.

Congratulations to HDS and Sepaton on what looks like a good fit for both of them – now, let’s start talking about that cohesive data protection story!

[Tardiness disclaimer: The HDS-Sepaton announcement occurred while I was on vacation in August, but it was interesting enough that “late” seemed better than “silent”]

[Originally posted on ESG’s Technical]

Backing up SaaS : an interview with Spanning

One of the more frequent topics that I get asked about is “How do you back up production workloads, after they go to the cloud?”

A few months ago, I blogged on that – essentially saying that history is repeating itself (again). As new platforms usurp the old way of doing things (NetWare to Windows to VMware to SaaS), it is not typically the existing data protection behemoths that are first to protect the new platform. Instead, it is often smaller, privately-held innovators who are willing to do the extra work and “protect the un-protectable.” And in most cases, those early innovators ended up leading the next generation while the APIs eventually made standardized backups possible by anyone.

  • ARCserve didn’t back up midrange systems, but led NetWare’s backup market
  • Backup Exec and CommVault weren’t overly known for backing up NetWare, but dominated the early years of protecting Windows NT, later Windows Server
  • Veeam didn’t back up anything before VMware, but it is the defacto VM-specific solution to beat today

So, as traditional workloads like file/collaboration and email move from on-premises servers to cloud services like Office365 and GoogleApps and SalesForce, there will likely emerge new dominant innovators that could put all of the legacy solutions on notice.  That dominance has historically been based on two things: 1) early brand awareness in the space and 2) their influence on the platform provider that the rest of the backup ecosystem will eventually depend on. 

So, I recently took the opportunity to visit with Jeff Erramouspe, CEO of Spanning Cloud to hear his thoughts on SaaS backup:

Thanks for watching.

[Originally posted on ESG’s Technical]