putilov_denis - stock.adobe.com

Upgrades to Vast Data OS emphasize simplicity, security

Vast Data released VastOS 4, which includes security features such as indestructible data snapshots and visualization tools aimed at making storage simpler to use and manage.

Vast Data upgraded its operating system, bolstering its security and adding new monitoring features to make what the flash memory vendor calls its universal storage offering more user-friendly.

Vast Data released a major update to its VastOS and introduced its newest version, VastOS 4. It focuses on ransomware protection through its indestructible data snapshots feature, support for network file system (NFS) version 4.1's built-in security features, and policy-based data isolation. The newly updated OS also includes updates to Vast Data's monitoring and consolidation options and adds new data reduction features.

Founded in 2016 and based in New York City, Vast Data's universal storage offering combines lower-cost QLC flash and storage class memory (SCM) for all storage needs, including backup and AI. QLC is the main storage while SCM does the heavy lifting. NVMe over Fabrics makes the storage appear like direct-attached NVMe with the efficiency of shared storage infrastructure. This eliminates the need for combined media and tiering, according to Vast Data.

Users need storage that can scale and meet performance requirements, according to Scott Sinclair, a storage analyst at Enterprise Strategy Group (ESG), but they also need it in a simpler, consolidated fashion.

"We continue to see a huge demand for lots of data with high-performance access," Sinclair said. "We used to store a lot of data; now we use a lot of data."

Making snapshots indestructible

In its first major security release, Vast Data introduced indestructible snapshots to help combat ransomware attacks, according to Jeff Denworth, chief marketing officer and co-founder of Vast Data. Using snapshots for recovery is common practice, he said. However, if the network is compromised, the snapshots could also be deleted by attackers, leaving nothing to recover.

Vast Data indestructible snapshots
Vast Data makes snapshots indestructible.

To avoid deletion, storage vendors, including many of the public cloud providers, use write-once, read many (WORM) technology. WORM ensures that snapshots written to disc are unable to be rewritten or tampered with for a set period of time.

But, Denworth argued, while WORM technology can provide data protection, it's also inflexible, requiring policies that could lock customer data away for years and eat up capacity if they are continuously generated.

ESG's Sinclair agreed that WORM has weaknesses, including what he deems the biggest problem -- that administrators can just turn it off.

Indestructible data snapshots look to address WORM weaknesses by giving select administrators a backdoor into the policy, according to Denworth. If a cyber attack occurs and systems are encrypted, two administrators can call Vast Data and use separate passwords to obtain a time-based key, allowing them to change the policy within a certain window.

Vast Data's updated OS also includes security features for container pools. Containers, which are central to the vendor's "disaggregated but shared everything" architecture, provide access protocols for I/O while the data resides in high-density enclosures, Denworth said.

Customers can now set up different container pools and allocate these pools to different users for their workloads, helping to avoid performance issues. The newly released OS also adds security to container pools by isolating data access within a pool, adding a view policy that limits access to certain data sets. Denworth likened this to AWS Nitro Enclave, Amazon's isolated execution environments.

Sinclair said the security features provide safeguards around ensuring applications in certain containers never send data to anyone other than the specific customer for that service.

VastOS v4 also supports NFS v4.1 that includes kerberized access, which means only people with the right credentials can get access to the data.

New monitoring, visualization tools

The new version of the OS includes monitoring and visualization tools such as Uplink Cloud Management, a 360-degree access portal where customers can monitor all the systems deployed on Vast Data, Denworth said. This single view lets users see items such as support tickets, knowledge base systems chats with support teams or sales teams.

Data Flow Monitoring, a data visualization tool that's free when updating to v4, enables administrators to use graphics to see the causes for bottlenecks or how usage affects servers and SSDs, according to Vast Data.

Sinclair said visualization tools like these are designed with the current IT workforce in mind.

"We've seen a shift in hiring practices to more [of an IT] generalist," he said. "If customers want control over where their data is and a better understanding to help with capacity planning [and] management, give them those tools, but designed in a way that a generalist will be using."

Finally, Vast Data's v4 adds a capacity reporting tool to enable customers to visualize how data consumes storage and where they might be able to reduce its data footprint.

From there, Vast Data uses what it calls similarity reduction, which seeks out similar blocs of data in a cluster. "We start to compress these against each other, pulling out the unique bits," Denworth said. He stated that this can result in a 10 times reduction, lowering overall overhead.

Enterprise Strategy Group is a division of TechTarget.

Dig Deeper on Primary storage devices

Disaster Recovery
Data Backup
Data Center
and ESG