Building a Sovereign Cloud with VMware and Cloudian
Data sovereignty and sovereign clouds have taken on a new significance in the world today. As organizations around the world generate troves of data, they are keenly aware of the need to manage, store and secure this valuable asset as well as comply with the sovereignty laws of the land where this data resides
The need for compliance creates a complicated patchwork of requirements. Data hosted in a particular country should be under that country’s jurisdiction, not a foreign entity. It is also essential to consider the privacy laws in the country where the data was collected. Beyond that, there are the organization’s own requirements for data privacy, data residency, data protection and data security.
Given this complexity, it is no surprise that organizations are increasingly working with service providers and managed service providers (xSPs) to help them implement data security and data protection measures, and to help navigate regulations to ensure compliance with data privacy legislation. This presents an opportunity for cloud xSPs to meet this demand with end-to-end cloud services that are scalable, cost effective, and secure.
Solution
With VMware and Cloudian technology, xSPs can gain competitive advantage by helping customers take control of their data with comprehensive data sovereignty strategies and fully compliant sovereign clouds.
VMware provides the validated designs which act as blueprints for xSPs for building and operating cloud infrastructure that can meet sovereignty needs while allowing for a wide range of cloud services offerings. Cloudian object storage management is integrated into VMware Cloud Director, offering a durable, scalable, and feature-rich storage that lets xSPs deploy and manage S3-compatible storage within their services environment. Cloudian features the industry’s most compatible S3-API, with a fully native implementation that eliminates gateways and access layers, making it a perfect match for highly secure, sovereign cloud environments built with VMware.
Cloudian Object Storage for VMware Cloud Director provides a single point of management for applications and object storage. Administrators can provision, view, and manage secure elastic pools of storage from within the VMware Cloud Director user interface, assuring customers that sensitive data will be properly managed, secured, and controlled in line with GDPR requirements.
S3-Compatible Storage Platform
As the de facto language of the cloud, the S3 API enables a wide range of use cases across virtually all industry groups. Cloudian Object Storage for Cloud Director incorporates a fully compatible, native S3 API implementation, making it an ideal platform for services deployments and software development.
VMware and Cloudian Sovereign Cloud
Solution
- S3-compatible cloud storage compatible with VMware Sovereign framework
- Start small and grow cloud storage services to exabytes
- Military-grade security and compliance certifications
- Integrated data immutability with S3 Object Lock
- All-flash and HDD-based appliances, from 100TB to 1.5PB capacity
- 70% lower TCO than traditional SAN and NAS storage
How it Helps
- Solves the data sovereignty challenge with fully on-prem storage
- Eliminates WAN latency
- Delivers capacity-on-demand for your most data-intensive use cases
- Proven interoperable with S3-enabled applications
- Available through VMware Cloud Provider Program
The Gartner Peer Insights Customers Choice Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved.
Secure Sovereign Platform
Cloudian object storage provides comprehensive data security features starting with secure shell, integrated firewall and RBAC/IAM for access controls that allow xSPs to implement a truly secure sovereign cloud service. Cloudian’s S3 Object Lock feature employs write once, read many (WORM) technology, to provide immutable storage. Using the industry standard API, S3 Object Lock protects data for the retention period specified by the customer. It is also certified to meet the non-rewriteable, non-erasable storage requirements of SEC Rule 17a-4(f) and is certified to meet the principles-based requirements of CFTC Rule 1.31(c)-(d) and the requirements of FINRA Rule 4511. In addition, Cloudian supports AES-256 server-side encryption for data at rest and SSL for data in transit (HTTPS). Fine-grained storage policies, including encryption at object and bucket levels, permit security settings to be individually configured for different users or data types in a shared-storage environment.
Service Provider Ready
Cloudian object storage is built for xSP’s with a wide range of service provider friendly capabilities. These include
- Multi-tenant resource pooling for creating secure storage pools within a shared storage platform
- Integrated management to manage commonly used storage functions, such as reporting and configuration of users and groups, with access provided through the VMware Cloud Director user interface
- Quality of Service to manage service level agreements with bandwidth controls
- Billing for client billing information based on usage parameters
- Modular Scalability enabling providers to start small and grow without interruption to an exabyte within a single namespace
- Granular storage management to set storage policies, data protection and security settings at the bucket level to tailor capabilities for specific users
- Self-service management to allow customers to select and provision storage on-demand from a service catalog via a self-service portal
Cost Optimized
Cloudian object storage with VMware Cloud is a scalable solution that enables service delivery at a fraction of the cost of public cloud, enabling xSPs to generate more than 50%* in potential profit margins while meeting security and sovereignty requirements. By offering subscription-based services, such as storage-as-a-service (STaaS) and backup-as-a-service (BUaaS), service providers can benefit from this growing market with storage capability that grows with demand.
Conclusion
Cloudian object storage with VMware Cloud Director delivers an on-premises secure cloud. The solution stores customer data where it is collected and so keeps it fully protected and sovereign under national laws and jurisdictional controls. This joint solution is a great fit for sovereign clouds because it’s scalable, secure, and integrates with enhanced data protection solutions such as Veeam technology. By leveraging STaaS and BUaaS, any xSP can create viable, affordable sovereign cloud offerings for its customers.
ON-DEMAND WEBINAR
Confessions of a public cloud provider:
End-user data has left the country
Join VMWare, Veeam, and Cloudian for a fireside chat about Data Sovereignty to find out:
- What really happens to data when it’s processed by a hyperscaler in the public cloud?
- How are hyperscalers responding to the requirements of the market to protect their data?
- What is the role of MSPs when building Sovereign Cloud environments for their customers?
Data Sovereignty Requirements for xSPs outside United States
As organizations generate exponential volumes of unstructured data, it’s important for Managed Service Providers and/or Cloud Service Providers (xSPs) to be able to offer broad, end-to-end cloud services that are scalable, cost effective, and secure.
This in-depth white paper covers the 5 most important things xSPs outside the USA need to know about their data in the era of sovereign cloud:
- Privacy
- Residency
- Sovereignty
- Protection & Management
- Security
Data needs to be stored on-premises in the country it was collected to be protected by national laws. For this purpose, object storage is a more affordable, scalable solution than block or file. xSPs also need to embed data protection into the cloud stack with backup, encryption, and micro- segmentation capabilities to secure workloads.
Cloudian HyperStore Multi-Cloud Technical Guide
Download this in-depth, 40-page technical whitepaper to learn how Cloudian HyperStore® can help overcome the challenges of moving to public and multi-cloud environments.
