Public Cloud or On-Premises? Get the Best of Both Worlds and Lower TCO with HPE GreenLake with Cohesity

We are living and working in unprecedented times and ways that are pushing the boundaries of what’s possible. The operating environment for organizations and their IT teams has dramatically changed, with leaders looking to lower their expenses while running critical IT functions remotely from home. Simplicity and total cost of ownership (TCO) is top-of-mind as enterprise IT leaders are expected to do more with less, particularly when it comes to the management of their most important digital asset—data.

For some, cloud-based solutions can be the answer to streamlining enterprise data management, providing greater flexibility, speed, and agility. But, if not managed carefully, this may result in pricey cloud bills that give IT executives sticker shock. Beyond that, enterprises must also consider security and compliance of data not being housed in your own data center.

An alternative to cloud is keeping all your data and apps on-premises. While boosting privacy and control, data sovereignty, visibility, and security, this approach also has shortcomings. The skilled resources and time needed to efficiently manage and protect data center infrastructure can cause a strain on your IT teams, and force you and your staff to focus on day-to-day routine tasks involved in keeping the lights on.

Should your enterprise have to choose between flexibility and cost? Or agility and control? We don’t think so. That’s why Cohesity and Hewlett Packard Enterprise (HPE) are excited to announce that Cohesity is now available through the HPE GreenLake as-a-service consumption model. 

Modern, Pay-As-You-Go Model for Data Management

For the first time, your organization can take advantage of Cohesity’s industry-leading data management capabilities and HPE’s proven infrastructure, in the modern pay-as-you-go* consumption model that HPE GreenLake provides. You can now get the-best-of-both worlds with a flexible, cloud-like data management experience, while still maintaining privacy and control of your on-premises data — all with lower TCO.

HPE GreenLake with Cohesity is consumption-based* data management in your data center, at the edge, or in a co-location facility for worry-free backup, disaster recovery, file and object services, agile dev/test, analytics, and archiving across hybrid and multi-cloud environments. You enjoy all the benefits of our efficient, enterprise-class Cohesity DataPlatform offered in a flexible, pay-as-you-go experience that simplifies how you manage, protect, and derive insights from your non-latency sensitive data and solve mass data fragmentation.

Improve Business Agility While Lowering TCO

HPE GreenLake with Cohesity gives you the agility of a cloud-based solution by aligning your IT costs to business outcomes. Get billed monthly for your usage* and avoid any up-front costs, lowering your TCO. Quickly adapt to changing business needs by adding capacity on demand, paying only for what you need today,* and avoiding wasted spend due to overprovisioning.

HP Greenlake flexibility on demand

Simplify IT While Retaining Control 

This agility doesn’t mean that you need to sacrifice visibility and control. HPE GreenLake with Cohesity allows you to keep your data in your environment so you can reap cloud benefits without losing privacy and control. Fulfill performance guarantees and adhere to strict security, compliance, and SLA requirements with ease. Having HPE as a single trusted source for the entire Cohesity–HPE solution greatly simplifies procurement and support. And you don’t have to wait for months to add increased capacity, upgrades, or add-ons. The HPE team plans for buffer capacity which you can begin to use in days with a simple change order.

 

Cloud-like experience on-premises with HPE Greenlake

For a true hands-free experience, you can optionally consume Cohesity data management as-a-service by leveraging GreenLake Managed Services. Outsource the deployment and management of day-to-day routine activities involved in keeping the lights on and allow your IT team to focus on more strategic initiatives, making them true partners to the business.

Choose a Proven Partner to Back You Up

HPE GreenLake with Cohesity includes access to the skilled resources and expertise of the HPE PointNext Services team who act as the single point of contact for support and capacity planning of your non-latency sensitive data management infrastructure. We help to gather your unique requirements; helps you choose the right solution for your needs; configures, sizes, delivers, and installs the solution at the location of your choice—in your data center, at the edge, or in a co-location facility.

We also measure and monitor your use through the consumption analytics portal—a single interface that gives you complete visibility and control of your usage through personalized dashboards, customizable alerts, and self-service reporting. Get the insights your organization needs to optimize usage and costs based on rule-based thresholds, and plan capacity ahead of demand. When needed, HPE team works closely with Cohesity technical resources through a collaborative support model to ensure you have a superior customer support experience.

Do more with less by leveraging HPE GreenLake with Cohesity for your data management needs.

Enjoy a cloud-like experience, on-prem.

 


To evaluate how the HPE GreenLake with Cohesity solution will work for your enterprise data management needs, Contact Us.

New Options For Your Sophos XG Firewall

With Sophos XG Firewall v18, there are a variety of great upgrade options that you can take advantage of to significantly enhance your network protection, performance, and management capabilities.

Protection upgrades

Do you have Sophos Sandstorm Protection?  It’s a must-have.

Sandstorm Protection is available as an add-on subscription and is also part of our “Plus” bundles: EnterpriseGuard Plus and FullGuard Plus. If you don’t currently have Sandstorm as part of your license, reach out to us for a quote – it costs a lot less than you might think. In fact, we’ve made this ultra-important protection extremely affordable to ensure everyone can benefit from it.

You can quickly check if you already have the Sandstorm license for your XG Firewall: in the console, go to the Administration > Licensing tab to be sure. If you don’t have this protection, make sure you subscribe as soon as possible. It provides critically important threat protection against today’s ransomware and other advanced threats.

The Threat Meter provides at-a-glance threat analysis results.

 

If you already have Sophos Sandstorm Protection, you should upgrade to v18 as soon as possible to take advantage of the critical new protection technologies included in the enhanced Sandstorm subscription at no extra charge. The new AI-powered static threat intelligence analysis greatly expands on the zero-day threat protection that Sandstorm provides. It uses multiple machine-learning models to render a verdict in seconds and convict never-seen-before ransomware and other attacks BEFORE they get on the network. It also adds in-depth reporting on suspicious and malicious files entering the network that no one should be without.

For new customers purchasing and deploying an XG Firewall for the first time, ensure that you can take advantage of this great multi-layer protection from the start by purchasing one of the Sophos Plus bundles (EnterpriseProtect Plus or TotalProtect Plus).

XG series upgrades and TLS inspection

Last year, we introduced the new XG 86(w) and 106(w) models with added RAM to the XG series lineup to be ready for XG Firewall v18 and all the new capabilities it provides. If you have any locations running older XG 85/105 models, now is the perfect time to refresh to a newer model and take advantage of all the great new capabilities in v18.

With the new streamlined encrypted traffic inspection with TLS 1.3 support in the new Xstream architecture, now may also be a great time to refresh aging hardware to take full advantage of the new visibility and protection you can get with XG Firewall v18 by enabling TLS inspection on important traffic flows. TLS inspection is critically important to take full advantage of the Sandstorm Threat Intelligence features mentioned above, since many files are now downloaded over encrypted connections.

Sophos Central

Sophos Central management and reporting for XG Firewall is free for all XG Firewall customers and partners. In addition to the free reporting capability, we recently announced the option for customers to extend their firewall reporting storage to dramatically increase their historical reporting options by housing up to a year’s worth of firewall log data in the cloud for instant access via the flexible new reporting tools in Sophos Central.

Make sure you have all the storage you need by checking out our convenient storage calculator. It’s extremely affordable, and having all your network traffic data in Sophos Central is super convenient with all the flexible reporting options it provides.

Working remotely

For customers and organizations working remotely, we have a couple of important reminders.  First, we are now approaching one million installations of our free Sophos Connect VPN client and recently announced the EAP for v2 with SSL VPN support on Windows platforms. Sophos is unique among firewall vendors, as we offer unlimited free remote access VPN connections that other vendors would most certainly charge you extra for.

Next, we’ve also recently announced XG Firewall support for Amazon Web Services (AWS) for organizations that may be migrating to or utilizing additional infrastructure in the cloud.  Ensure any cloud infrastructure is properly secured with XG Firewall, which now supports both AWS and Azure.

Working from home or remotely has never been easier with XG Firewall.

 


For more information or to request a demo, contact us.

Cohesity Accredited Installation Professional in Malaysia

We are excited to announce that two engineers in CLL Systems Sdn Bhd have achieved certification to be recognized as a COHESITY ACCREDITED INSTALLATION PROFESSIONAL in Malaysia.

We are extremely proud to obtain such achievement and we will stay focused on our vision, mission and goals for future improvements to meet the expectations of our employees, customers, partners and of the whole society.

 

 


Ready to Learn More? Contact us to discuss Cohesity solutions for your organization.

VEEAM ACCREDITED SERVICE PARTNER (VASP) in MALAYSIA

It’s official! We are so proud and excited to announce that CLL Systems Sdn Bhd is now a member of Veeam Software Accredited Service Provider program (VASP) in Malaysia. This partnership recognizes our high level of certifications and our ability to design projects, implement and support Veeam product portfolio. Thank you to our team of specialists for making it possible!

This certificate confirms that CLL Systems Sdn Bhd meets all requirements for, and is a member of, the Veeam Accredited Service Partner (VASP) in Malaysia. 

Veeam is the global leader in Intelligent Data Management for the Hyper-Available Enterprise Veeam HyperAvailability Platform is the most complete solution to help customers on the journey to automating data
management and ensuring the Hyper-Availability of data.
The VASP program identifies an elite list of delivery partners who possess the technical skills to deliver value-added
and reliable professional services for Veeam product portfolio implementations. This accreditation is issued only to
those with the highest Veeam solution expertise level and at Veeam’s discretion.

The VASP program is designed to:

  • Help accelerate the time to value (TTV) and return on investment (ROI) of Veeam solutions through a global network of highly-skilled and certified technical services delivery partners
  • Ensure that high-quality professional services are delivered to Veeam customers, validated against the latest technical best practices

The VASP program member does not officially represent Veeam or Veeam Professional Services, but their technicalskills are recognized and monitored to help ensure the highest quality of the professional services they deliver around Veeam solutions

Please feel free to contact us for more information.

 

Protecting Backups From Ransomware Is As Easy As 3-2-1

 

Ransomware attackers will attempt to locate your backups, steal the data from them, and then delete them. If you can prevent this, you can recover from an attack without giving in to blackmail.

Ransomware has been a red-hot problem for some time now. As they usually do with important events, ransomware attackers have been setting traps using the COVID-19 pandemic as a lure. That makes this a time for special alertness and a review of whether existing procedures are adequate enough to prevent or mitigate an attack.

Backing up your data is a key part of the defense against ransomware and other malware. If the backups are wiped out by ransomware, this defense is rendered useless. Ransomware attackers often try to find and delete or encrypt backups, many of which are accessible through compromised accounts. The loss of backups, even just recent backups, makes an attack a much more costly event and limits your ability to resist the attacker. What are practical ways to ensure this does not happen?

As with most security precautions, there is no 100% guaranteed way to protect your backups. But by following best practices, you can significantly increase your chances of being able to use backups for recovery from the attack with minimal losses of time and business. Having backups available won’t remove the need for an organized response to the attack run by incident response professionals, but it will make the recovery process quicker and easier.

The best backup practices can involve nontrivial cost and diligence by IT personnel. The methods used, mostly involving the 3-2-1 rule, are the right way to protect your organization—not just from ransomware but from myriad other problems that over the years have crippled companies and ruined careers. But, even if you’re not going to go to the lengths you should in backup, there are actions you can take to lessen the vulnerability of your backups in the event of an attack.

Follow the 3-2-1 rule of backup

The 3-2-1 rule of backups:

  • Three copies of the data are backed up
  • Two different storage media are used for the backup
  • One copy of the data is kept off site

The goal of the 3-2-1 rule is to increase the chances that a backup will be available. Keeping a copy remote protects you even in case of a fire or natural disaster. Backup strategists keep adding numbers to make corollaries of the rule. 

Enterprise backup software is generally designed to facilitate this approach as a best practice. Typically, one copy will be kept on an on-site storage device like a deduplicating backup appliance or high-density disk storage system. At least one of the others is written to an off-site deduplicating backup appliance or tape. But a cloud storage service is a candidate for one of the copies as well.

A good data protection setup will set the backup frequency, retention, and number of copies in relation to the value of the data, as not all organizational data has the same value. You really need to think the strategy through with respect to your own organization’s needs and capabilities, not to mention regulatory requirements. For some data, a 3-2-1+1 rule may be appropriate (regular 3-2-1, plus one copy offline). For others, a 2+1 (2 copies, one offline) rule may suffice.

Other rules follow from the 3-2-1 rule and from common sense: An on-site copy should be available for quick, operational recoveries. It should be in separate hardware so that it can’t be taken down by a problem in the devices it is backing up. The second copy doesn’t need to be as instantly accessible, but it should be available if needed.

Historically, the off-site copy has been a tape made on site and shipped to another location, probably a tape vaulting service like Iron Mountain. (Of course, you can archive non-tape media, or even paper, with such services.) A large enough company might use remote company facilities for this purpose.

The many problems with physical tapes stored off site—they get lost, they degrade from improper storage, and they are (deliberately) inconvenient—has led many companies to switch to disk storage or a cloud storage service as the off-site option.

One of the critical characteristics of the one off-site backup in the 3-2-1 rule above is that it is also, or at least should be, offline. This makes it inaccessible to the attacker. But the benefits of being offline mean that cloud storage isn’t necessarily appropriate for the off-site copy. If the attacker, through stolen credentials, can gain privileges sufficient to delete cloud storage, the whole point of off-site storage is lost.

One possible barrier you could place in the way of attackers attempting to reach your cloud-based backup is to use unique credentials, not from your company network, along with a separate second authentication factor to access and manage the backups. Even if the attacker completely compromises your network, the cloud backups may still be protected. Backup software vendor Veeam specifically recommends using different credentials for backup repositories in a paper about protecting backups from ransomware.

In fact, you need to be specifically careful with cloud backups, because ransomware attackers will use them to steal your data before they lock your data and blackmail you. This story tells of a victim whose online backups were compromised because their Active Directory was compromised and the service was set up to use Windows authentication. Because you are sure to back up your most sensitive data, the attacker is sure to have it. Preserving the backups is not your only big problem. The ways to prevent this situation are discussed below.

The same Veeam paper makes another recommendation that would tend to smooth the process of recovery from ransomware: Make backups more frequent and back up more types of things, like virtual machines.

But, for the most part, backups are just for data. If you only ever write data to them, you should be safe restoring them. If you are also backing up executable code, which theoretically could even be a Microsoft Office macro, then the backups themselves are compromised if the attacker infects your network and waits long enough before springing the trap. The answer to this problem is that you need to work with professional security people during the incident recovery, where your backups will be malware-scanned and otherwise scrutinized before being restored. They need to determine when the attacker gained control and to treat network data accordingly as of that point.

It is important to note that there’s a difference between what is possible for the attacker, with enough time and privilege, and what is typically done. Consider this detailed description of Ryuk, one of the most prevalent and successful ransomware strains. It attempts to stop backup processes and then delete backups available in the Windows file space. Here’s an example command:

del /s /f /q h:\*.VHD h:\*.bac h:\*.bak h:\*.wbcat h:\*.bkf h:\Backup*.* h:\backup*.* h:\*.set h:\*.win h:\*.dsk

Ryuk also attempts to shut down Windows volume shadow copying and delete all the copies. It does not seek out high-end backup servers and tape drives in an attempt to delete them. But a sophisticated attacker could.

Prevent the attack

There are a small number of ways ransomware attackers get a foothold in your network: phishing for credentials, running malware to gain access, and connecting through unsecured RDP ports, which may be the most popular one.

These methods point to a series of well-understood best practices, including but not limited to:

  • Apply security updates to software promptly.
  • Use role-based authentication and apply least-privilege rules to these roles.
  • Enforce strong authentication rules, including two-factor authentication.
  • Run updated malware scanning software, intrusion detection, firewalls, and other standard security products.
  • Use an SIEM (security information and event management) solution to keep up with developments on your network.
  • Lock down services (such as RDP) where they are not necessary, and enforce authentication for them where they are necessary.

You can find a lot of good advice along these lines in this HPE white paper: Protect your Windows SMB file infrastructure from ransomware

Use defense-in-depth

The defense-in-depth principle is that no one failure of a security measure should result in a security breach. The advice above is full of defense-in-depth: The 3-2-1 backup rule is designed to protect data even if there is a hardware failure, even if there is a local security breach, even if there is a fire or natural disaster. Strong authentication and malware scanning and locking down services all are, in part, different ways of protecting against the same sorts of attacks.

For a security professional, defense-in-depth is a philosophy that should pervade the IT infrastructure. Some security measures inevitably will be loosened in the name of usability, but you should always take advantage of opportunities to secure your network and users. Consider examining your network and applications in light of the OWASP Top 10, a list of the most common and serious vulnerabilities.

Use smart software

The most sophisticated backup products are more than just storage devices. They are intelligent systems that provide new ways to notice that something is wrong. For instance, they often will compress or deduplicate data being backed up. If the data is encrypted, it cannot be compressed or deduplicated, and this will be apparent in the backup results. Smart server monitoring software may notice the same thing.

There are other advanced capabilities of high-end backup devices that serve to impede the work of ransomware attackers. Some can mark backup data as immutable, meaning it cannot be deleted or modified, at least not until conditions set by policy are met, such as a certain date having passed. Some separate the actual storage interface in a controller with a private interface.

As a general rule, ransomware attacks are mass attacks, targeting common and relatively soft implementations. Sophisticated targets with astute administrators are a less attractive target for them.

Think comprehensively

Protecting backups is just one of the ways you have to plan to prevent a ransomware disaster. Obviously, knowing that you have a good plan to protect backups is no reason to take the other protective measures lightly. Better the attacker doesn’t get past your perimeter, doesn’t steal credentials, and doesn’t execute malware on your systems.

If you fail to stop the attacker from gaining entry, fail to prevent them from encrypting your data, and fail to prevent them from killing your backups, you’ve failed. With the right knowledge and resources, you can succeed.

Protecting backups from ransomware: Lessons for leaders

  • Commit to an aggressive backup plan, following the 3-2-1 rule.
  • Use separate credentials for cloud-based backups.
  • Use smart, modern products for a thorough and secure backup plan.
  • Consider backing up using a protocol which is hard for malware to access.

 

5 Common Mistakes That Lead To Ransomware

If you’re a system administrator, the network you look after is almost certainly way more spread out since coronavirus stay-at-home regulations kicked in.

But even if your colleagues are using their own computers now, and connecting in via their own internet connections, it’s still “your” network, and it still represents a valuable target – as a network, not just as numerous individual computers – to cybercriminals.

And one of the most dramatic all-at-once attacks that your network can suffer is, of course, ransomware.

Ransomware attacks often rely on victims making a few basic mistakes that are often quite uncomfortable to confront – it’s natural to assume you haven’t made any (or, at least, not many), and it can feel both tired and tiring to keep going through the basics.

So we decided that we’d find a fun way to help you to keep track of the common blunders that often lead to ransomware – something with rhyme and rhythym as well as reason.

Imagine that your computer were a house, and ransomware a gang of burglars, and chant along with us…

 

     Don't lock the door and then forget
        And leave the windows wide.         <--PROTECT YOUR SYSTEM PORTALS
     
     Don't think that keys beneath the mat
        Will keep the crooks outside.       <--PICK PROPER PASSWORDS
     
     Don't set a guard to watch all night    
        And write things in a book,
     
     Yet when you get their careful notes,
        just never take a look.             <--PERUSE YOUR SYSTEM LOGS
     
     Don't buy alarms but turn them off 
        Because they make a row.            <--PAY ATTENTION TO WARNINGS
     
     And when you need to do repairs,       
        Don't shrug, and say, "Not now."    <--PATCH EARLY, PATCH OFTEN

 

We’ve summarized the actions you can take into 5 simple phrases, each starting with P so they’re easy to remember.

1. Protect your system portals

Crooks often sneak in by looking for remote access portals such as RDP (remote desktop protocol) and SSH (secure shell) that aren’t properly secured, perhaps because they were set up temporarily but then forgotten about.

Learn how to scan your own network from the outside and make sure that any services that are open and listening for connections are supposed to be there, and that they are on your regular security checklist.

If you don’t check your network for access holes you’ve left open by mistake, then the crooks will do it for you!

2. Pick proper passwords

When you’re in a hurry, especially if you have to rely almost exclusively on remote access these days due to coronavirus lockdown, it’s easy to take shortcuts to “get it working” and to promise yourself you’ll check all the locks and latches later.

Yet every time there’s a huge password dump due to a data breach, you will invariably find the password changeme somewhere near the top of the list.

Clearly, lots of people start out with basic passwords with every good intention to pick a proper one soon, but then never get around to it.

Start as you plan to go on, with proper passwords from the outset, plus two-factor authentication to augment your security whenever it’s available.

3. Peruse your system logs

Many, if not most, ransomware attacks don’t happen instantly or without warning – the crooks usually take some time, often days and sometimes longer, to get a picture of your entire network first.

That’s how they make sure, when they finally pull the trigger that initiates the attacks, that they will get the destructive result they want for the ransom they plan to demand.

So there will often be numerous telltale signs in your logs, such as the appearance of “grey hat” hacking tools that you wouldn’t expect your own users to need or use; sysadmin operations such as creating new accounts that happened at unusual times; and network connections from outside that don’t follow your usual pattern.

4. Pay attention to warnings

If you’ve set up your alerting system to shout at you all the time, you will almost certainly end up with alert fatigue, where you just click through because you’ve run out of time.

But be careful not to assume that otherwise interesting warnings can be ignored if they mention a potential threat was already blocked.

Often, threats that pop up on your network aren’t just chance events, they’re evidence that crooks are already poking around cautiously to see which actions set off what alarms, in the hope of pulling off a much bigger attack later on.

5. Patch early, patch often

Don’t leave yourself exposed to potential holes for longer than necessary.

While the crooks are scanning your network for ways to get in (see 1), they can also scan for externally accessible services that aren’t patched at the same time.

This helps the crooks automatically build lists of potential victims to come back to later – so your best result is simply not to be on their list!

 

For more information, please refer to Naked Security by Sophos

Cohesity Expands Certified Data Protection for SAP HANA

For many large enterprises, SAP HANA is quickly becoming the de facto in-memory database management system, and for good reason. SAP HANA allows companies to rapidly process large volumes of real-time data. The in-memory computing engine allows HANA to process data stored in RAM as opposed to reading it from a disk. This distinction is profound, giving enterprises enough of a reason to rely on HANA for real-time analytics and transactions.

Given the growing emphasis on concurrency and managing data at scale, more organizations are relying on HANA for additional use cases such as monitoring networks, optimizing their supply chains, and detecting fraud.

The Need for HANA Data Protection

It’s clear that both the number of deployments and the scope of HANA will continue to grow. What’s less obvious is the imperative need for a comprehensive data protection solution. While SAP offers backup tools that save data from memory to disk at regular savepoints, a modern data protection solution is necessary to complement these native tools to address the following data protection requirements:

  • Protecting against disk corruption, logical damage, or human error
  • Storing backups efficiently
  • Recovering to an earlier point in time in the event of a disaster—and to the right location

Protecting Data Where It Counts

To allow you to bring back your database to a consistent state after a power failure, for example, SAP HANA relies on two elements: savepoints and transactional logs. HANA keeps both savepoints, or the content of database memory, as well as logs that track transactional changes in a persistent layer.

Savepoints and transactional logs are key components of HANA, but believing these components alone are enough for data protection is a fallacy. In the event of logical errors or data loss stemming from hardware failure, data loss can become a reality if the persistent layer is not backed up.

Cohesity provides the ability to back up this persistent layer, protecting the integrity of HANA’s safeguarding measures, and ultimately, your data.

Storing Backups Efficiently and Securely

For many organizations, particularly large enterprises, the key challenge is the fact that there are numerous considerations. It’s not enough to simply protect data. The questions often by organizations allude to the juggling act performed by IT teams: How can we keep guardrails on cost? How do we eliminate silos and make our infrastructure simpler to manage? 

Since SAP HANA is a system that encompasses both SAP applications—like SAP S/4HANA—and other non-SAP applications, by backing up HANA with Cohesity, you can eliminate data silos related to both SAP and non-SAP applications. This is relevant regardless of the location of HANA—in a public cloud provider or on-premises. This results in infrastructure that is simpler to manage, reducing the costs, and time that goes into management overhead. Going beyond consolidation, you can reduce the data footprint of HANA by leveraging Cohesity’s global variable-length deduplication. Large organizations consistently report data reductions rates above 26x and TCO savings of $500k, with much of the savings predicated on a differentiated approach to deduplication.

Recover Granularly, Anywhere

Flexibility is important when determining how data should be protected and recovered. Particularly for analytics, it’s necessary to have the ability to restore to a specific point in time and have granular options. To allow enterprises to meet these requirements, Cohesity supports granular and point-in-time restores. In addition, you can recover to any location, regardless of the environment. With multistreaming support, restores, as well as backups, are faster on Cohesity than other solutions.

Native Integrations—SAP Certified Across the Board

Cohesity’s data protection solution for SAP HANA is founded on a native integration. The implication is the ability to allow SAP Basis administrators to continue using their existing tools and workflows such as SAP HANA Cockpit, Studio, and HDBSQL. Backup administrators can also choose to use Cohesity to easily protect SAP HANA data. This is why having a native solution matters. It helps provide flexibility and simpler operations for users.

And Cohesity is more than a native solution. It’s certified. Cohesity is SAP Certified for:

  • Intel + SAP HANA 1.0 / 2.0 
  • IBM Power Systems + SAP HANA 2.0

SAP HANA 2.0 on IBM Power is a configuration that many enterprises rely on. Now, Cohesity is one of the few solutions that is certified for this combination. Leveraging the Backint API, Cohesity delivers a certified solution that has numerous benefits, including direct access to the HANA database through a fast pipe. This means faster backups and restores. 

Cohesity offers a comprehensive backup and recovery solution for SAP HANA by protecting nuanced layers within HANA, reducing TCO through a unique approach to data deduplication, and provides flexibility in recovery. These benefits can be attributed to a unique approach to data management and building a native solution for HANA that’s certified by SAP.

 

CLL Systems 2020 Payment Relief Program

 
Payment Relief Program: Defer over 90% of the cost until 2021

Acquire the IT your business needs today with reduced payment for the remainder of 2020. Lower payment terms for the first eight (8) months will help you navigate temporary cash flow challenges caused by unexpected business disruption.
• Lower payment to get you into next year.
• Pay 1% of the solution value monthly for the first 8 months of your contract.
• Beginning in 2021, each monthly payments would equal approx. 3.3% of total
contract value.
• Full portfolio of HPE Servers & Systems, Networking and Data Storage hardware (apply to non-HPE brand)
• Up to 20% select non-hardware items (e.g. software, software appliances, services,
and installation) may be bundled.
• Qualifying transactions start at a minimum of $5,000 USD.
• Subject to credit approval. Other restrictions may apply

 
ADAPTABLE USE MODELS –Extended Deployment

Acquire the IT your business needs today with reduced payment for the remainder of 2020. Lower payment terms for the first eight (8) months will help you navigate temporary cash flow challenges caused by unexpected business disruption.
• Lower payment to get you into next year.
• Pay 1% of the solution value monthly for the first 8 months of your contract.
• Beginning in 2021, each monthly payments would equal approx. 3.3% of total contract value.
• Full portfolio of HPE Servers & Systems, Networking and Data Storage hardware.
• Up to 20% select non-hardware items (e.g. software, software appliances, services, and installation) may be bundled.
• Qualifying transactions start at a minimum of $5,000 USD.
• Subject to credit approval. Other restrictions may apply

 

We can help you build an IT investment solution that supports transformation and the ability to deliver on your business goals.

For more information, please contact us

Industry-Leading AirEngine Wi-Fi 6: A New Engine for Enterprise Digital Transformation

Huawei recently released ten new AirEngine Wi-Fi 6 products designed to help enterprises step into the fully-wireless campus era. These new products enable enterprises to build fully connected, fully wireless campus networks with unprecedentedly high levels of experience for offices, production lines, and services, effectively accelerating digital transformation.

Wi-Fi 6: A game changer for enterprise campus networks

Throughout its history of over 20 years, Wi-Fi’s development has been driven by the pursuit for ever-higher bandwidth. There have been major upgrades to Wi-Fi about every four to five years, with bandwidth increasing each time. The latest standard — Wi-Fi 6 — is a game changer for enterprises. By introducing new technologies — such as uplink/downlink (UL/DL) 8 x 8 Multi-User Multiple-Input Multiple-Output (MU-MIMO), Orthogonal Frequency Division Multiple Access (OFDMA), and 1024-state Quadrature Amplitude Modulation (1024-QAM) — Wi-Fi 6 delivers a four-fold increase in throughput and user access capacity, while reducing latency by half compared with Wi-Fi 5. With these vastly improved capabilities, Wi-Fi 6 opens up opportunities for enterprises to replace wired networks with wireless ones. Going wireless frees employees from the constraints of cables, allowing them to work and communicate anytime, anywhere. All-wireless also accelerates the sharing of innovative ideas, improves production and operational efficiency, and strengthens overall competitiveness.

However, pursuing a fully wireless campus in the Wi-Fi 6 era requires more than just high bandwidth and large capacity. There is also a need for stable, continuous signal coverage, low-latency service assurance, and lossless roaming to deliver fiber-like speeds and performance that is on a par with wired networks.

Huawei AirEngine Wi-Fi 6 is a viable solution that meets all the Wi-Fi network expectations of enterprises. So, what differentiates Huawei AirEngine Wi-Fi 6 from other Wi-Fi 6 products?

16 spatial streams, 10.75 Gbit/s speeds, twice the industry average throughput

Throughput is the biggest difference between Wi-Fi 6 and previous Wi-Fi generations, but not all Wi-Fi 6 products can deliver ultra-high throughput. The number of spatial streams and the effective operating frequency bandwidth are the key factors that determine throughput. Huawei AirEngine Wi-Fi 6 has the industry’s largest number of spatial streams —16 — and supports the industry’s widest 160 MHz channels on 5 GHz, delivering air-interface throughput of up to 10.75 Gbit/s, twice that of the industry standard Wi-Fi 6. For standard 2*2 Wi-Fi 6 terminals that support 160 MHz, it’s easy to reach 1.4 Gbit/s+ performance.

Built-in Smart Antennas at dual bands ensure stable network coverage without blind spots

The Wi-Fi 6 standard delivers a higher link setup speed than previous Wi-Fi generations. While all Wi-Fi products cannot work without radios and antennas, these technologies are irrelevant to the Wi-Fi standard. However, the design and implementation of radios and antennas are both key indicators of a vendor’s technical expertise and product performance.

With 30 years of technical experience in the wireless field, Huawei’s innovations lead the industry. AirEngine Wi-Fi 6 APs feature 16 smart antennas — the highest figure in the industry — and a unique dual-band dual-polarized co-planar antenna design, with Artificial Magnetic Conductor (AMC) antenna materials. Additionally, Smart Antennas are supported on both 2.4 GHz and 5 GHz without any increase in the physical size of the AP necessary. Performance is further enhanced by Huawei’s unique four-element electronic switchgear and dynamic coverage direction adjustment algorithms, as well as beamforming technology. With all these features, AirEngine Wi-Fi 6 APs enable signals to move with users, double signal strength at the same location, and increase coverage distance by 20%.

Unique SmartRadio lossless roaming technology ensures stable roaming with zero packet loss

Roaming on a Wi-Fi network is different from roaming on a cellular mobile network, because roaming is initiated by a terminal (sometimes referred to as a Station or STA). Specifically, the terminal usually triggers roaming by detecting an idle channel and the signal quality based on a carrier sense technology called Clear Channel Assessment (CCA). As a result, Wi-Fi terminals always scan for an idle channel before roaming, which takes up more than 80% of the handover time. A long roaming handover time causes an increase in the packet loss rate, which, in turn, adversely impacts services sensitive to in-roaming packet loss, such as voice and production network instruction delivery.

Huawei AirEngine Wi-Fi 6 can be tailored to customers’ service requirements and uses roaming processing algorithms and the practices of cellular mobile networks. Specifically, AirEngine Wi-Fi 6 APs identify and notify terminals of available idle channels before roaming. In this way, terminals do not need to scan all channels during roaming, greatly reducing the roaming handover time. When Huawei devices (running EMUI 10.0 or later) are used, the roaming handover time is reduced to as low as 10 ms, ensuring no interruptions for mobile voice calls. In addition, Huawei has set up a “connectivity” alliance with partners, where multiple types of mobile terminals deliver optimal mobile experiences with low roaming handover latency and uninterrupted services.

When it comes to Automated Guided Vehicle (AGV) terminals used in industrial production, Huawei AirEngine Wi-Fi 6 uses a device-pipe synergy mechanism to proactively steer AGV roaming and back-up service data during roaming handovers. The data is then sent back to the AGVs after successful roaming handovers, eliminating packet loss. Such a design ensures the stable running of AGVs without interruption, improving efficiency by more than 40%.

Unique SmartRadio Dynamic Turbo technology delivers 10 ms ultra-low latency for application experience assurance, improving stability for applications

Wi-Fi 6 uses OFDMA technology to concurrently transmit the different services of different users over more subcarriers. This approach greatly reduces transmission latency, for a vastly superior experience. However, there are no technical specifications for the classification of different services, and subcarrier allocation is random. Consequently, some key users and latency-sensitive services still encounter delayed data transmission issues, caused by untimely scheduling or insufficient subcarrier allocation, affecting the service experience. For example, high latency may cause users to feel dizzy after prolonged use of real-time interactive services such as wireless Virtual Reality (VR) and Augmented Reality (AR).

To resolve this issue, Huawei AirEngine Wi-Fi 6 looks beyond OFDMA technology. For example, a hardware-based multi-queue mechanism efficiently groups users, while air-interface slicing technology slices wireless air interface resources based on service requirements. With these innovations, Hierarchical QoS (HQoS) assurance for data forwarding and scheduling as well as air-interface resource scheduling is achieved, slashing the latency for key services to as low as 10 ms — 50% lower than that of the Wi-Fi 6 standard.

Wi-Fi 6 has arrived, and Huawei AirEngine Wi-Fi 6 is an ideal choice to help build a next-generation Wi-Fi network.

AirEngine Wi-Fi 6 transforms enterprise offices, improves collaboration and communication efficiency, and accelerates enterprise innovations

AirEngine Wi-Fi 6 uses industry-leading Smart Antenna technology to enable wireless signals to move with users. At the edge of a Wi-Fi network, AirEngine Wi-Fi 6 automatically enhances signals and suppresses interference based on user locations, improving user experience.

In dense environments, AirEngine Wi-Fi 6 flexibly adjusts the coverage direction, based on the number of access terminals, to ensure consistent signal quality for users. Unique to Huawei, AirEngine Wi-Fi 6 is the first solution in the industry to provide Continuous Self-Organizing Network (CSON) capabilities, which ensures 100 Mbit/s network performance everywhere, even in high-value cases (such as roaming and at the network edge). As such, applications on wireless networks are as stable as those on wired networks, and benefit from speeds comparable to optical fiber networks. In this way, enterprises can move a step closer to realizing all-wireless campus networks.

AirEngine Wi-Fi 6 has the power to transform how enterprises work. Traditional office cubicles that rely on phones and emails for communication can be transformed, with new ways to communicate and collaborate coming to the fore, including real-time mobile HD videos and wireless multi-screen interactions in meetings, improving work efficiency and driving innovation.

AirEngine Wi-Fi 6 transforms the teaching experience and improves students’ interest and learning outcomes.

According to joint research from Stanford University and a Danish university, students’ learning outcomes are improved by 76% when wireless VR and AR are introduced to the curriculum. And through the ability to create virtual anatomy labs, wireless VR and AR is revolutionizing the medical teaching field. For instance, training for medical professionals is often hindered by the limited number of donated bodies, which cannot be reused. Additionally, the traditional methods of teaching anatomy — based on 2D content, where students have to rely on their imagination for graphs and organ structures — have become dated. None of these problems exist in virtual anatomy labs.

AirEngine Wi-Fi 6 delivers a wireless throughput of over 10 Gbit/s, fully meeting the requirements for various bandwidth-hungry services. By introducing one-of-a-kind Software-Defined Radio (SDR) technology, AirEngine Wi-Fi 6 allows 50% more concurrent users without compromising bandwidth per terminal. On top of that, unique SmartRadio Dynamic Turbo technology reduces the latency for the wireless AR and VR services of multiple users to as low as 10 ms — just half the industry average — so users do not feel dizzy, even after prolonged use. By deploying VR and AR in classrooms, students can have a more immersive learning experience, enriching teacher-student interactions, and inspiring greater engagement in learning.

AirEngine Wi-Fi 6 transforms production and manufacturing for higher operational efficiency

Continuous and stable running of the production line is paramount in production and manufacturing scenarios. AirEngine Wi-Fi 6 uses industry-unique SmartRadio lossless roaming technology to ensure production services are uninterrupted. For example, AGVs operate consistently, 24/7, even in large-scale high-speed scenarios such as material feeding in logistics and production lines.

With a throughput of over 10 Gbit/s, AirEngine Wi-Fi 6 enables employees to cost-effectively participate in simulation training sessions, online and in real-time, through VR. Elsewhere, technicians can make repairs at any time through AR, calling on remote experts to provide guidance in real-time when needed, making repairs faster, more accurate, and more efficient. With the help of AirEngine Wi-Fi 6, production components can be detected by using ultra-HD cameras in real-time, improving efficiency and accuracy rates by dozens of times.

With all these capabilities, industrial production is becoming less labor-intensive as automation increases. Meanwhile, the production process is transforming from one characterized by rigidity, to one with flexibility and resilience. These changes greatly reduce production costs, while doubling efficiency and enhancing competitiveness.

Act today for a more productive tomorrow

Wi-Fi 6 is bringing substantial changes to the ongoing digital transformation of enterprises. Unlike previous Wi-Fi generations, Wi-Fi 6 delivers unprecedented levels of throughput and capacity, delivering an optimal user experience and superb service stability.

Huawei is a widely recognized leader in, and contributor to, the standardization of Wi-Fi 6. Because of its dedication to Wi-Fi 6 throughout 2019, Huawei has maintained a leading position in the global Wi-Fi 6 market.

By integrating Huawei’s unique 5G technologies into Wi-Fi 6 products, AirEngine Wi-Fi 6 APs are truly first-of-their-kind, supporting 16 spatial streams and delivering 10.75 Gbit/s throughput. Additionally, industry-leading Smart Antennas, algorithms, application acceleration, lossless roaming, and continuous networking technologies make Wi-Fi network coverage, experience, and roaming more stable than ever before, achieving a 100 Mbit/s experience for every user, regardless of their location, and paving the way for enterprises to build fully wireless campus networks.

High-quality fully wireless campus networks built using Wi-Fi 6 can truly help enterprises accelerate digital transformation in their offices, production lines, and services, bringing improved efficiency and experience. In the future, Huawei will continue to carry out joint innovations with customers and capitalize on Wi-Fi 6 upgrade opportunities, to build fully connected, intent-driven campus networks with AirEngine Wi-Fi 6. With this network, enterprises can reduce operating costs, improve competitiveness, and enter the fully wireless campus era.

For more information, please refer to Huawei

New Capabilities In Nutanix’s HCI Software and AHV Hypervisor

Nutanix, a leader in enterprise cloud computing, announced several new capabilities in its hyperconverged infrastructure (HCI) software and AHV hypervisor to protect business-critical applications and maintain continuous business operations in the face of a possible disaster.

New capabilities include advanced automation for recovering applications and data, support for seamless multi-site disaster recovery (DR), synchronous replication for workloads running on AHV, and a near-zero data loss with “near sync” replication for recovery point objective (RPO) times of approximately 20 seconds.

At a time when business continuity is more important than ever, ensuring businesses have strong recovery policies and procedures is no longer a “nice to have.”

However, customers looking to implement strong DR plans for critical applications, such as those supporting emergency services, had little choice but to deploy complex, often disparate technologies that demand specialized, on-going administration.

The new capabilities in Nutanix HCI and AHV help enable customers to confidently deliver mission-critical applications with significantly less complexity and lower management overhead.

“Maintaining continuous business operations is a high priority for all types of companies and organizations,” said Greg Smith, VP of Product Marketing at Nutanix.

“However, most businesses rely on custom, handcrafted DR implementations to guard against system-wide IT failures. Nutanix now natively delivers automated, easy-to-deploy disaster recovery solutions built to deliver applications that must always be available.”

1.Multi-site disaster recovery

Nutanix now supports multi-site DR designs, helping enable enterprises to quickly recover from the simultaneous failure of two or more data centers while keeping applications and data available to users.

Particularly valuable in regulated industries like financial services, healthcare, and emergency services where organizations need to deliver uninterrupted service, Nutanix DR leverages advanced automation technology to eliminate the complexity of DR installation and ongoing orchestration.

Application teams can quickly recover from unplanned outages or data corruption and set configurations to adhere to many stringent compliance requirements.

2.Unmatched near sync disaster recovery

Nutanix now supports near sync replication with an RPO of only about 20 seconds, a 3x improvement from its already industry-leading technology. Nutanix is the only leading HCI vendor to offer a 20-second RPO.

3.Synchronous data replication for Nutanix AHV

Synchronous replication, or the nearly instantaneous replication of data between multiple locations, is now natively supported on the Nutanix AHV hypervisor. AHV can be used by customers to deliver a highly available service for their most important workloads, such as virtual desktop infrastructure, databases, and general server virtualization.

4.DR orchestration with runbooks

The latest release gives customers more flexibility and control over the end-to-end recovery process, with more granular control to focus DR resources toward targeted applications.

“Our business users expect a zero recovery point objective, which guarantees no data loss when a failover occurs following a datacenter outage,” said Delfim Da Costa, System and Infrastructure Manager at Infomil, an IT spin-off of a large European retailer and a Nutanix customer since 2015.

“We are delighted to now use Nutanix’s AHV virtualization and to maintain the highest possible SLA for our production workloads.”

These new DR capabilities are included in the Nutanix HCI software and are generally available.