Datacastle delivers endpoint data protection with its solution, Datacastle RED, which was built to be deployed on-premises or as a hosted service. The company used an infrastructure-as-a-service model for its hosted cloud-based version, but maintaining the virtual servers was time-consuming and it could not rapidly scale the infrastructure to accommodate capacity needs. Datacastle wanted a platform-as-a-service model and chose the Windows Azure platform. As a result, the company increased the scalability of Datacastle RED and reduced maintenance costs by 61.3 percent. Datacastle relies on Microsoft data centers to continue its tradition of helping customers secure data, as well as Microsoft expertise in cloud computing to extend the capabilities of its own development team. The company now has a cost-effective model that it can use to open new opportunities for its partner resellers.Situation
Based in Seattle, Washington, Datacastle is an independent software vendor that helps customers protect critical data on endpoint assets and mobile devices. Although many companies shore up their corporate local area networks, Datacastle recognizes that employees are increasingly storing corporate data assets on their mobile computing hard drives. The company’s flagship product, Datacastle RED, promotes “resilient endpoint data”—a security-enhanced cloud service that helps organizations back up and recover information from client-side devices, such as desktop and portable computers and mobile phones, so that if a computer or device is lost or damaged, employees can get back to business quickly.
Since its founding, Datacastle wanted a flexible deployment model for its data backup solution—one that was not tied to a specific software model. Thus, the product was developed from the ground up with an architecture that supported both an on-premises or a cloud-based deployment, with only minor configuration changes to the application code. In addition, when deployed to the cloud, Datacastle supports multitenancy and can be deployed with multiple customers sharing one instance or a single customer per instance. Datacastle RED is based on the Microsoft .NET Framework 3.5 and uses both Microsoft SQL Server 2008 data management software and Internet Information Services 7.0 on the Windows Server 2008 operating system.
||If our service is running on a server in a Microsoft data center that is nearing capacity, it is automatically moved to one that can better handle our needs—that is the big benefit of Windows Azure.
Chief Technology Officer, Datacastle
Originally, Datacastle rented its server infrastructure from a cloud-computing provider that enabled Datacastle to use virtual servers, share computing resources, and avoid some server hardware costs. However, using the infrastructure-as-a-service (IaaS) provider still came with other burdens.
By using an IaaS model, Datacastle still had to devote resources to maintain its infrastructure. Though it could avoid much of its server hardware costs, Datacastle had to deploy, monitor, and manage the virtual machines that ran on the rented infrastructure. For instance, it still had to deploy the Active Directory service and implement Microsoft System Center Operations Manager to monitor and manage the infrastructure components, which was an unnecessary drain on personnel and financial resources. “One of the biggest costs you have once you’re up and running with an IaaS model is the operations and maintenance of the system,” explains Gary Sumner, Chief Technology Officer at Datacastle. “The infrastructure we deployed had nothing to do with our service, but it had everything to do with monitoring our service.”
At the same time, the IaaS environment limited the ability of Datacastle to quickly scale up and scale down. Although the environment enabled the company to add virtual servers more quickly than adding on-premises servers, it still had the time-consuming task of configuring the servers. Even after Datacastle configured the servers, it still had the burden of additional management and maintenance tasks with each new server it added. As a result, the scalability it could achieve was not as quick as the company needed for its business needs.
For instance, in the shared environment, when another company that shared the same physical server as Datacastle started to use more computing resources, the Datacastle service did not perform as well. By using the additional software that it deployed to its IaaS environment, Datacastle had to monitor and troubleshoot performance issues and then manually migrate its service to a new virtual server instance—a time-consuming process for the young company.
In addition, although the company operates in a steady state a majority of the time with predictable compute and storage needs, when Datacastle brings new customers and devices onboard, it experiences significant, rapid spikes in computing and storage needs. “If we roll out a company that is going to deploy 10,000 devices, we need an infrastructure that allows us to accommodate that increased capacity during the onboarding process,” says Sumner. At the same time, the need for additional computing power is most often a temporary need and once all of the devices are set up and reach a steady state, Datacastle does not need the additional computing power. Thus, it sought a solution that could just as easily scale down as it could scale up.
Perhaps most importantly, no matter the cloud provider, Datacastle needed a solution that would continue its tradition of helping keep customer data secure. The company prides itself on knowing that, with Datacastle RED, companies can store high-visibility, high-impact data both on-premises and in the cloud with high levels of security. Datacastle wanted to ensure that any cloud provider it used would support, if not further enhance, its security-enhanced data backup solution.Solution
Instead of an infrastructure as a service, Datacastle needed a platform as a service (PaaS) to run the cloud-based version of its security-enhanced data backup solution—one that could deliver full service and high levels of scalability, but without significant maintenance efforts. Datacastle decided to implement the Windows Azure platform, which includes the Windows Azure cloud operating system. Windows Azure is the development, service hosting, and service management environment for the Windows Azure platform. It provides developers with on-demand compute, storage, and bandwidth, and a content distribution network to host, scale, and manage web applications through Microsoft data centers.
||Scalability in Windows Azure and SQL Azure is inherent and simple to achieve.
Chief Technology Officer, Datacastle
Using the Microsoft Visual Studio Professional 2010 development system, one senior developer spent less than one month to convert the existing Datacastle cloud-based solution for deployment to Windows Azure. “The deployment and development process was very quick and easy because we are already familiar with the Microsoft technology stack,” says Sumner. “We were able to use our existing skills and there was almost no ramp-up time with Windows Azure.”Stateless, Scalable Web Application
To use Datacastle RED, customers install an agent that runs as a service and exposes a stateless web application that runs on a set of Web roles in Windows Azure. Core elements of a file are broken down into blocks—or “Data DNA”—and sequenced in a specific order and indexed. The data is queried against existing data that has been backed up to ensure that data is not unnecessarily duplicated.
Datacastle takes advantage of the fact that Microsoft supports key cloud standards, such as REST, which provide the building blocks for open, interoperable cloud services. Specifically, Datacastle uses web services over Secure Socket Layer to communicate between the client-side web application and the server-side infrastructure in Windows Azure.
After the data deduplication process, the Data DNA blocks are stored in Table storage in Windows Azure, while the indexed metadata is stored in a Microsoft SQL Azure database. SQL Azure is a fully-relational cloud database based on SQL Server 2008 technologies and is also hosted at Microsoft data centers. Because of the indexed data structure, Datacastle did not have to use new data patterns or database schemas when migrating from SQL Server 2008 to SQL Azure. Datacastle uses a single instance of a 50 gigabyte (GB) SQL Azure database and, with automatic partitioning in SQL Azure, can quickly scale up to store two petabytes of data.
Finally, Datacastle uses Worker roles in Windows Azure to clean up data and to perform other administrative tasks in the background. The Worker roles only run on an as-needed basis for cleanup services and Datacastle only pays for the computing power it uses.Security-Enhanced Data Backup in the Cloud
The cloud-based version of Datacastle RED is equally as secure as its on-premises version. When a customer uses the solution, data is first encrypted before it is sent to an on-premises server or to Windows Azure. Datacastle RED assigns each device a cryptographically-generated random key and also assigns every Data DNA block a unique key as well. “By the time data reaches Windows Azure, it is encrypted with multiple keys, which are not available on the back end,” says Sumner. Although there are millions of encryption keys generated for a typical customer deployment, the customer’s IT department only has to manage one key, which is generated during set up.
In addition to the strong encryption policies with keys for every device and every block of data within a single file that can only be retrieved by customers, all of the encrypted data and metadata is stored in Windows Azure at Microsoft data centers, which are ISO 27001:2005 accredited with SAS 70 Type I and Type II attestations.
Datacastle uses SQL Azure to store user accounts and logon information for the Datacastle RED management dashboard. However, in the future, the company plans to implement Windows Azure AppFabric Access Control, which will provide federated, claims-based access control for the web services the solution uses to communicate between the client-side installation on devices and the server-side installation in Windows Azure, even further enhancing data security. Benefits
As a result of using the Windows Azure platform, Datacastle achieved the highly-scalable infrastructure that it needed, but without the hassle of costly, time-consuming infrastructure maintenance. By relying on Microsoft expertise and the cost-effective model offered by Windows Azure, the company opens opportunities for partner resellers to offer cloud solutions to its customers, and also extends its own engineering and development teams.
Improved Ability to Quickly Scale Up and Down
Although Datacastle can predict most of its compute and storage capacity needs during day-to-day operations, the company requires rapid scalability when it acquires new customers who have thousands—or tens of thousands—of devices that need to be brought into the service. Unlike with its previous IaaS solution that required manual processes to scale, which took up to four hours, Datacastle can quickly scale up with Windows Azure in a matter of minutes. Whereas previously, Datacastle had to configure and deploy a new virtual server, with Windows Azure, the company simply edits a configuration value to deploy additional instances. “By using Windows Azure, we can scale up by spinning up new instances with a couple of clicks, instead of configuring additional virtual servers on our own,” says Sumner. “Scalability in Windows Azure and SQL Azure is inherent and simple to achieve.”
At the same time, once all of a customer’s devices are set up and Datacastle no longer needs the additional compute and storage, it can scale down equally as fast and avoid paying for unused server resources. Reduced Infrastructure Maintenance with Cloud Platform
Not only can Datacastle achieve high levels of scalability, it can do so without investing significant resources for maintaining the infrastructure. “When our performance was impacted by someone else using up our server resources, we would have to do a lot of work to detect the problem and correct it by spinning up a new virtual server instance,” explains Sumner.
|Table 1. Windows Azure Platform Savings Over a Three-Year Analysis Period (U.S.$)|
Instead, by using Windows Azure, Datacastle can quickly scale up without manual intervention by support personnel. “With Windows Azure, that support and maintenance rests with Microsoft and the burden is taken off of us,” continues Sumner. “If our service is running on a server in a Microsoft data center that is nearing capacity, it is automatically moved to one that can better handle our needs—that is the big benefit of Windows Azure.” In fact, over a three-year period, the cost to maintain Datacastle RED running on Windows Azure is 61.3 percent less expensive than running an on-premises virtualized infrastructure—U.S.$154,552 compared to $399,684 (Table 1). Achieved a Cost-Effective Solution for Partners
To sell its solution, Datacastle relies on partner resellers that offer the solution to customers. In many cases, partners offer on-premises software instead of cloud-computing solutions because they do not have the server infrastructure to support a hosted solution. However, by using Windows Azure, Datacastle opens the opportunity for partner resellers to sell the cloud version of the solution with minimal startup costs—partners can sell Datacastle RED to customers who simply consume the service from Datacastle.
In addition, Datacastle has a lower cost of ownership with the Windows Azure platform compared to other providers that require the company to manage its own virtual servers, and also compared to maintaining its own on-premises, virtualized infrastructure. In fact, the savings over a three-year period versus a comparable on-premises solution is 77.4 percent (Table 1).Freed Existing Development Resources
Summer trusts the experience, commitment to, and leadership that Microsoft has with cloud computing and feels that by using Windows Azure and relying on Microsoft data centers, Datacastle has virtually extended its own engineering and development teams and freed internal developer resources. “Microsoft knows how to scale a cloud environment and has designed Windows Azure with an inherently scalable framework,” explains Sumner. “By relying on Microsoft to do the heavy lifting, we are taking advantage of all the hard work it has done and inherited the billions of dollars of investment it’s already made in an efficient, reliable cloud computing platform that we could never build ourselves.”
Windows Azure Platform
The Windows Azure platform provides an excellent foundation for expanding online product and service offerings. The main components include:
Windows Azure. Windows Azure is the development, service hosting, and service management environment for the Windows Azure platform. It provides developers with on-demand compute, storage, and bandwidth, and a content distribution network to host, scale, and manage web applications through Microsoft data centers.
Microsoft SQL Azure. Microsoft SQL Azure offers the first cloud-based relational and self-managed database service built on Microsoft SQL Server 2008 technologies.
Windows Azure AppFabric. With Windows Azure AppFabric, developers can build and manage applications more easily both on-premises and in the cloud.
AppFabric Service Bus connects services and applications across network boundaries to help developers build distributed applications.
AppFabric Access Control provides federated, claims-based access control for REST web services.
Microsoft "Dallas." Developers and information workers can use the new service code-named Dallas to easily discover, purchase, and manage premium data subscriptions in the Windows Azure platform.
To learn more about the Windows Azure platform, visit: For More Information
For more information about Microsoft products and services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada Information Centre at (877) 568-2495. Customers in the United States and Canada who are deaf or hard-of-hearing can reach Microsoft text telephone (TTY/TDD) services at (800) 892-5234. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information using the World Wide Web, go to:
For more information about Datacastle products and services, call 425-996-9684 or visit the website at: