Three Vendors Disrupting Integrated Secondary Storage and Data Protection – Forrester

This report, Three Vendors Disrupting Integrated Secondary Storage And Data Protection, Integrated Secondary Storage And Data Protection Will Gain Widespread Adoption In 24 Months, was published on October 30, 2017 by Naveen Chhabra with Glenn O’Donnell, William McKeon-White, Bill Nagel, from Forrester Research, Inc.

Data protection suffers from archaic tools and processes, a lack of innovation and architectural change, and the need for proprietary secondary storage alongside primary storage and software. No single solution supports fast, reliable recovery and secondary data copies. This report shows infrastructure and operations (I&O) pros how three vendors – Cohesity Inc., Reduxio Systems, Inc., and Rubrik, Inc. – are trying to change the way enterprises manage secondary storage, data protection, and data copies and to attain a 1-second RPO for mission-critical applications.

Key Takeaways

• Integrated Secondary Storage And Data Protection Will Transform Data Resiliency
  Incumbent vendors in the data protection space face challenges owing to lack of innovation and proprietary technologies that lock in large enterprise clients. As usual, smaller innovators have changed the game for everyone.
• Hyperconverged Industry-Standard Infrastructure Reduces Complexity And Cost
  Hyperconverged industry-standard infrastructure helps reduce complexity, technical debt, and the cost of data protection operations. Global deduplication reduces the total storage required, bringing down the cost of acquisition.
• Stringent Recovery Objectives Are Finally A Reality
  Businesses that strive for stringent recovery objectives for data recovery or DR will see a significant boost. I&O leaders can deliver RPOs that were not practically possible with schedule-based snapshots.

Integrated Secondary Storage and Data Protection Is Disruptive
Disruptive innovations create new markets and value networks and revolutionize, erode, or destroy existing ones, displacing established market leaders and alliances. Such innovations present both opportunities and threats to incumbents. While secondary storage, tiering, and data protection software come under the ambit of the data protection practice, market offerings have been disjointed and firms rarely get results from their investments. Businesses need to improve recovery times but rarely meet their RPOs – and if they do, it requires heroic engineering effort. The past few years have ushered in disruptive innovation – scale-out hyperconverged platforms, industry-standard infrastructure, cloud-integrated solutions – in this domain that had been long overdue.

Integrated Secondary Storage And Data Protection Vendors Reinvigorate Backup
Most enterprises suffer from ‘an excess of expertise,’ having implemented sprawling backup and secondary storage infrastructure from multiple vendors. Integrating these technologies to make data continuously available continues to be a challenge, firms tend to retain far more copies of their data than needed, and data volumes are growing rapidly. To do their jobs, engineers must navigate more and more consoles – exacerbating the difficulty of data protection. Integrated secondary storage and data protection is becoming a significant disruptive force, helping everyone drive technological and economic benefits by providing visibility into systems via a centralized console.

The vendors of this disruptive technology promise to:

• Converge technology silos and reduce technical debt. From an operations perspective, engineers use a single pane of glass to build policy-driven protection from day one. Vendors build these solutions using industry standard compute and storage components powered by data protection software to serve data protection and secondary copy use cases and speed recovery. Automation, REST APIs, and self-service capabilities reduce the need for strong technical knowledge of storage and data protection silos.
• Simplify the onboarding and operational aspects of data protection. Just as virtualization technologies made it easy for I&O leaders to onboard infrastructure and operate their data centers, integrated data protection and secondary storage will simplify onboarding and ongoing operations. This simplicity results from a more complete packaging of technology that hides the complexity from users. In the past, technologists often preferred complex solutions – a destructive philosophy. Complexity is your enemy.
• Deliver a foundation that supports scale-out deployments. These vendors have built a cloud-like distributed scale-out architecture, enabling firms to start small and grow along with demand. The scalability of these software-driven solutions feeds market interest; customers don’t feel locked in and continue to get the latest upgrades. Vendors report large numbers of repeat orders from existing customers, indicating that the solutions are easy to use, scalable, and deliver a quick time-to-value. These capabilities solve some of the perennial issues that firms have faced as they were forced into vendor-proprietary secondary storage boxes.
• Enable seamless, simplified data placement management. Until very recently, enterprise backup tools didn’t support backup to the cloud – so enterprises depended on standalone tools to push protected data to public clouds. Embracing public cloud storage as the archive tier via an automated policy eases operations. These innovative solutions can also maintain a global index to enable ultra-fast search across all managed data stores. In a Forrester survey, 46% of respondents said that they now use public cloud storage as a backup tier.
• Reduce the cost of data protection practices. Many of our enterprise clients have told us that the cost of data protection has escalated in recent years. One reason is disparate technologies that force the creation of multiple copies of data, making a single view difficult or impossible, as data spreads across multiple storage systems without global deduplication, reducing the usable space. Innovative vendors overcome all of these challenges and offer the opportunity to reduce the cost of acquiring and operating data protection.

Vendors Are Bringing Reliability And Confidence To Data Protection
Forrester has identified three vendors – Cohesity, Reduxio, and Rubrik – that offer integrated secondary storage and data protection solutions. As few established vendors are adding such offerings to their portfolio, these three are gaining market acceptance by delivering advanced capabilities to address specific problems in the secondary storage and data protection space.

This report describes each company’s decision factors:

• Offering. What are the capabilities of the products and the technology?
• Scenarios. What are the user requirements, environments, and use cases?
• Maturity. What are the company’s go-to-market approach, channel strategy, and viability?
• Challenges. What are the barriers to success?
• Roadmap. What’s next for the business and the products?

3 Vendors Disrupting Secondary Storage and Data Protection Market

Cohesity Aims to Redefine Data Protection and Secondary Storage
It provides a hyperconverged platform designed to eliminate secondary storage silos by consolidating all secondary data and associated management functions, including backups, files, objects, testing and development copies, and analytics into a unified solution. It began with a mission to dramatically simplify data protection across the enterprise, but backups are just the start. Unlike incumbent solutions, it provides more than an insurance policy by putting backup data and infrastructure to productive use. I&O pros can reuse their backup data and infrastructure to provision test/dev copies, perform in-place search and analytics, and consolidate files and objects.

Cohesity’s decision factors are:

• Offering. Cohesity recently launched Orion 5.0. DataPlatform is a software-defined, hyperconverged scale-out platform for consolidating secondary storage that supports backup data on a globally deduplicated storage target; unlimited snapshots and clones; files with network file system and server message block interfaces; object storage with an S3 interface; tiering; and archiving to public cloud. DataProtect, the backup and recovery software, runs on DataPlatform and unifies traditional modules – software, master and media servers, and target storage – in a backup infrastructure to enable instant recovery of massive amounts of data.
• Scenarios. The company aims to consolidate secondary storage silos and data management functions on a single platform. Many customers adopt it for backup and expand from there. Ultimately, customers can use it for purposes like data protection, DR, public cloud archiving, tiering, scale-out file storage, object storage, dev/test copy data management, and analytics storage.
• Maturity. Founded in 2013, the firm sells through a direct sales force and leverages a large channel partner network to sell to enterprise and commercial accounts. It started in the North American market and is now expanding to Europe.
• Challenges. Like other vendors in the category, the company is taking a new solution category to market, one that will take time to resonate with enterprise customers. While Cohesity has been successful with repeatable data protection, it remains focused on educating customers on its broader value proposition. The solution protects virtual infrastructure from VMware, Microsoft, Linux KVM, and Nutanix; physical Windows and Linux servers; SQL and Oracle databases; and network-attached storage systems including Pure Storage FlashArray, FlashBlade, and Dell EMC Isilon – but it doesn’t understand your business applications yet.
• Roadmap. The firm is focused on creating a more comprehensive data protection roadmap to support a variety of hypervisors, applications, and platforms. The vendor is building a cloud edition that can be deployed in Amazon Web Services (AWS), Microsoft Azure, and Google Cloud. Cohesity is also expanding its scale-out file and object services including user quotas, security features, automated test/dev, building DR workflows, and deeper analytics.

Reduxio Enables 1-Second RPOs
It is on a path to integrate data protection and copy data management capabilities into a platform that provides primary storage for applications. It has a flash-first architecture, always-on global deduplication, compression, and rapid relocation of data among multiple tiers. Mainstream customers will need time before they trust the radical changes in the product enough to deploy it. Reduxio makes it easy, effective, and efficient for enterprises to integrate the storage landscape for business applications – but acceptance will be an uphill task from both technology and customer confidence perspectives.

Reduxio’s decision factors are:

• Offering. HX series enterprise flash storage array aims to converge primary and secondary storage. NoRestore natively pushes copy data from primary storage to the public cloud. BackDating allows the recovery of data and applications with 1-second granularity, making scheduled snapshots obsolete. NoMigrate allows the instantaneous migration of data and applications from third-party storage systems. NoDup offers in-line global deduplication and compression in real time and continuous fine-grained continuous data movement among multiple tiers, making it suitable for a variety of demanding enterprise applications.
• Scenarios. Solution serves use cases including primary storage for application data, data protection, DR, public cloud archiving, and dev/test copy data management. It can help firms recover from ransomware attacks by using the backdating feature that offers every-second recoverability.
• Maturity. The vendor is basing its go-to-market strategy on building strategic channels of partners in key markets. It has a sales force across the continental US, Western Europe, and Israel and is recruiting channel partners and driving channel-led sales in other regions.
• Challenges. It must demonstrate that converging primary and secondary storage for business-critical applications will not affect the performance that storage decision makers always aim for. A traditional approach – in which technology owners segregate primary and secondary storage from a performance, cost, and security standpoint – is fathomable. While Reduxio enables per-second recovery points, the duration for which a firm needs 1-second recovery may increase the storage pool size. The company would need to establish the use cases for which a 1-second RPO makes business sense.
• Roadmap. It is focusing on enhancing its NoRestore offering with application awareness and use-case-specific workflows. It plans to build an as-a-service capability that allows customers to protect applications regardless of whether the data resides in the public cloud or on-premises infrastructure and seamlessly move data and applications between the two. Reduxio aims to establish operations in territories that it does not yet cover.

Rubrik Offers API-Led Automation to Manage Its Infrastructure
It started in January 2014 with a vision to simplify data management for enterprise hybrid clouds. Since then, it has won many enterprise client deployments.

Rubrik’s decision factors are:

• Offering. Technology is a software-defined platform that unifies backup, instant recovery, replication, search, analytics, archiving, compliance, and copy data management in one secure fabric across the data center and cloud. Its converged approach endeavors to unify operations and deliver them from an appliance, eliminating backup software. In addition to supporting VMs, the company also supports Oracle and SQL databases. It builds a global index that enables quick search of on-premises and public cloud data and uses a space-efficient erasure coding method. It can unify storage from AWS S3 and on-premises S3-compliant stores into its managed domain.
• Scenarios. Solution serves use cases including data protection, backup, replication, and DR. It offers archiving to the public cloud and dev/test copy data management. Firms can use its platform to perform Google-like granular file-level search for speedier recovery. The stack also serves analytics and reporting functions.
• Maturity. The company has a lot of reference customers that speak highly of the solution. This stems from the rapid innovation Rubrik delivers and how it helps backup engineers solve their most painful problems. It sells through a direct sales force and employs a large channel partner network to sell to enterprises and SMBs. It has a presence in North America and is rapidly expanding to Europe and AsiaPac.
• Challenges. The key challenge for the solution is its lack of application awareness. The industry-standard infrastructure is a commodity, so keeping up the pace of software innovation will be key to the vendor’s continued success. Rubrik will face a grueling process change challenge when it positions its solution for use cases beyond backup and recovery.
• Roadmap. Software can be hosted on Amazon EC2; its next steps are to support the backup of EC2 instances and strengthen its offering and automation strategy. Rubrik will apply automatic service-level agreements to protected EC2 instances.

Recommendations
Assess Your Situation Before Investing in an Innovative Solution
Integrated secondary storage and data protection promises to improve data protection operations. However, the success of these solutions depends on your readiness to deploy them in your environment. More established I&O teams with mature processes will get the most benefit.

Before investing in this, Forrester recommends that you:

• Assess, review, document, and refine your processes. Data protection is an easy use case to achieve. But if you seek to use these integrated solutions for DR, you must carefully assess how you currently do it and how the introduction of new technology will change that. While it may appear trivial, as you get into the details you will realize that your teams are accustomed to certain technologies and processes. Ensure that storage-based snapshots, synchronous replication, or application-based replication can support your DR requirements. Changing those means that you must prepare your team for new ways of handling requests, because applying new tools to old processes is often a bad idea.
• Identify the applications where the solution will be a fit. Clearly categorize your current and planned applications as business-critical, mission-critical, or noncritical. Because you likely already protect your business-critical applications well, you may want to pilot these new technologies to improve the resiliency of noncritical applications. Yes, these new solutions are easy to use, but you still need some warm-up time and experience before you bring the whole canvas of applications under its purview.
• Be aware that this technology isn’t a Swiss Army knife. You still have legacy infrastructure in your data center that runs mission- and business-critical applications. The vendors in this report primarily support VM infrastructure; their technology cannot cover 100% of your data center infrastructure. Hence, you will have to qualify which data center infrastructure can benefit from an integrated solution.

What it Means
All Three Are Stable Innovators – And Succulent Acquisition Targets
While Cohesity, Reduxio, and Rubrik are just a few years old, they already boast good presence and growth. Customers always evaluate the viability of such vendors, and for good reason: They want to ensure that they’re not taking unwise risks with a vendor that may be gone tomorrow. If any of these three vendors disappear, it will be likely in name only. That is, established players with rich reserves for mergers and acquisitions need the kinds of capabilities that Cohesity, Reduxio, and Rubrik offer. Larger vendors will almost certainly choose to acquire these capabilities rather than build their own. As the behemoths go shopping for capabilities, these three innovators will be atop their lists.