Ruslan Grumble - Fotolia

Features of vSAN that improve storage and security

You can combine vSAN with an HCI appliance to streamline operations, and use its many features -- such as ReadyNodes and Performance Diagnostics -- to improve storage and security.

With proper installation and configuration, vSAN can enhance storage and security for your data center, especially if you use a hyper-converged infrastructure appliance and Failures to Tolerate policies.

VMware vSAN is VMware's hyper-converged, software-defined storage product. When used alongside vCenter and the vSphere suite, vSAN operates like hyper-converged infrastructure (HCI). It creates a shared data store across a vSphere cluster by pooling together storage from multiple devices.

As the admin, you control and define storage requirements such as performance and availability, and vSAN automates and enforces these requirements. VMware vSAN supports both hybrid and all-flash configurations, as well as most modern server compute and memory features.

The product also includes a number of key security features such as Storage Policy-Based Management, stretched clusters and software-defined encryption.

Requirements for using vSAN

There are specific hardware requirements you must meet to install vSAN in your data center. For network functionality, you need a server with at least a 1 GbE network interface card -- although 10 GbE works better -- and for storage, you require either a serial-attached SCSI adapter or a RAID controller with at least one flash disk.

VMware vSAN has a few software requirements as well; it can run with any edition of vSphere 6.5 or later, vSphere with Operations Management 6.1 or later, vCloud Suite 6.0 or later, and vCenter Server 6.5.

Use vSAN to improve storage

VMware vSAN improves storage performance and streamlines storage resource management in a number of ways: It reduces storage capacity demands by supporting data deduplication and file compression. This significantly decreases the cost of storage devices and computing overhead, and it makes storage performance more predictable.

Several features of vSAN address compatibility and further improve storage. For example, you can use vSAN Configuration Assist to verify hardware compatibility, network operations and vSAN configuration, as well as identify missing components and maintain correct configurations across a cluster. Meanwhile, vSAN's Performance Diagnostics feature analyzes performance benchmarks and suggests steps to restore or improve storage function.

VMware vSAN also integrates with vRealize, VMware's IT operations management platform. VMware vRealize adds visibility and analytics to vSAN environments and makes it possible for you to enhance troubleshooting and further improve storage performance.

Use vSAN with an HCI appliance

Hyper-converged infrastructure enables organizations to integrate computing, network and storage in a data center. With HCI, you can manage and modify such resources through a single pane of glass. However, HCI modules contain limited resources, such as storage.

You can use vSAN and an HCI appliance -- such as VxRail -- to streamline your data center storage operations. VMware vSAN software complements HCI hardware by taking on the storage problems HCI presents. It recognizes available storage, adds it to the storage pool and then uses it as soon as it's needed, which prevents you from having to create and connect logic units for VMs.

You can also use vSAN's ReadyNodes program to support a software stack and turn your servers into HCI modules.

Use vSAN to secure VMware environments

Additional features of vSAN – such as vSAN Encryption and multifactor authentication (MFA) -- can help secure your VMware environment.

VMware vSAN includes native encryption to protect data stores at rest. The platform enables and configures encryption at the data-store level; specifically, vSAN encrypts data during write operations to drives used for caching or regular storage. The vSAN Encryption system is hardware-agnostic, so you can deploy it on any host that uses a solid-state drive or hard disk drive. This eliminates the need for self-encrypting drives.

MFA improves vSAN's ability to secure VMware environments by adding physical elements -- such as a common access card or similar smart card -- to the authentication process, beyond simply verifying a user's credentials.

VMware vSAN also implements stretched clusters, which protect sites by providing both local and geographically separate sites for clusters. You can configure and manage stretched clusters via vSphere, implement protection for different VMs and change policies. You can also use vSAN to locate VMs not replicated via stretched clusters.

Finally, vSAN can detect, report and proactively address errors that might precede a storage failure. This reduces risk and mitigates data loss.

Failures to Tolerate

VMware vSAN can tolerate up to three hardware failures across a cluster. The program uses a VM storage policy to define a specific number of Failures to Tolerate (FTT), which determines the number of failures that can occur within a vSphere cluster without sacrificing availability and compromising data and VMs. This enables you to set the level of redundancy in a given cluster.

To determine how many failures a vSAN cluster can tolerate, use the following formula, where n equals number of failures:

2n + 1 ESXi host

You can employ several FTT policies within a single vSAN cluster. This helps prioritize and protect more critical VMs and virtual disks.

Dig Deeper on VMware ESXi, vSphere and vCenter

Virtual Desktop
Data Center
Cloud Computing