Data Protection and

Management
Lab Guide

EMC2 PROVEN PROFESSIONAL

Copyright
Copyright ©2016 EMC Corporation. All Rights Reserved. Published in the USA. EMC believes the information in this publication is
accurate as of its publication date. The information is subject to change without notice.

THE INFORMATION IN THIS PUBLICATION IS PROVIDED “AS IS.” EMC CORPORATION MAKES NO REPRESENTATIONS OR
WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS
IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. The
trademarks, logos, and service marks (collectively "Trademarks") appearing in this publication are the property of EMC Corporation
and other parties. Nothing contained in this publication should be construed as granting any license or right to use any Trademark
without the prior written permission of the party that owns the Trademark.

EMC, EMC², the EMC logo, AccessAnywhere Access Logix, AdvantEdge, AlphaStor, AppSync ApplicationXtender, ArchiveXtender,
Atmos, Authentica, Authentic Problems, Automated Resource Manager, AutoStart, AutoSwap, AVALONidm, Avamar, Aveksa, Bus-
Tech, Captiva, Catalog Solution, C-Clip, Celerra, Celerra Replicator, Centera, CenterStage, CentraStar, EMC CertTracker. CIO
Connect, ClaimPack, ClaimsEditor, Claralert ,CLARiiON, ClientPak, CloudArray, Codebook Correlation Technology, Common
Information Model, Compuset, Compute Anywhere, Configuration Intelligence, Configuresoft, Connectrix, Constellation Computing,
CoprHD, EMC ControlCenter, CopyCross, CopyPoint, CX, DataBridge , Data Protection Suite. Data Protection Advisor, DBClassify,
DD Boost, Dantz, DatabaseXtender, Data Domain, Direct Matrix Architecture, DiskXtender, DiskXtender 2000, DLS ECO,
Document Sciences, Documentum, DR Anywhere, DSSD, ECS, elnput, E-Lab, Elastic Cloud Storage, EmailXaminer, EmailXtender ,
EMC Centera, EMC ControlCenter, EMC LifeLine, EMCTV, Enginuity, EPFM. eRoom, Event Explorer, FAST, FarPoint, FirstPass,
FLARE, FormWare, Geosynchrony, Global File Virtualization, Graphic Visualization, Greenplum, HighRoad, HomeBase, Illuminator ,
InfoArchive, InfoMover, Infoscape, Infra, InputAccel, InputAccel Express, Invista, Ionix, Isilon, ISIS,Kazeon, EMC LifeLine,
Mainframe Appliance for Storage, Mainframe Data Library, Max Retriever, MCx, MediaStor , Metro, MetroPoint, MirrorView, Mozy,
Multi-Band Deduplication,Navisphere, Netstorage, NetWitness, NetWorker, EMC OnCourse, OnRack, OpenScale, Petrocloud,
PixTools, Powerlink, PowerPath, PowerSnap, ProSphere, ProtectEverywhere, ProtectPoint, EMC Proven, EMC Proven Professional,
QuickScan, RAPIDPath, EMC RecoverPoint, Rainfinity, RepliCare, RepliStor, ResourcePak, Retrospect, RSA, the RSA logo, SafeLine,
SAN Advisor, SAN Copy, SAN Manager, ScaleIO Smarts, Silver Trail, EMC Snap, SnapImage, SnapSure, SnapView, SourceOne,
SRDF, EMC Storage Administrator, StorageScope, SupportMate, SymmAPI, SymmEnabler, Symmetrix, Symmetrix DMX,
Symmetrix VMAX, TimeFinder, TwinStrata, UltraFlex, UltraPoint, UltraScale, Unisphere, Universal Data Consistency, Vblock, VCE.
Velocity, Viewlets, ViPR, Virtual Matrix, Virtual Matrix Architecture, Virtual Provisioning, Virtualize Everything, Compromise
Nothing, Virtuent, VMAX, VMAXe, VNX, VNXe, Voyence, VPLEX, VSAM-Assist, VSAM I/O PLUS, VSET, VSPEX, Watch4net,
WebXtender, xPression, xPresso, Xtrem, XtremCache, XtremSF, XtremSW, XtremIO, YottaYotta, Zero-Friction Enterprise Storage.

Revision Date: June 2016

Course Number: MR-1TP-DPM-1310

EMC2 PROVEN PROFFESSIONAL 2

Table of Contents

COPYRIGHT ...................................................................................................................................................................... 2

LAB EXERCISE 1: DATA AVAILABILITY ................................................................................................................................ 4

LAB EXERCISE 2: DATA PROTECTION ARCHITECTURE ........................................................................................................ 6

LAB EXERCISE 3: FAULT TOLERANCE TECHNIQUES ............................................................................................................ 8

LAB EXERCISE 4: DATA BACKUP ...................................................................................................................................... 10

LAB EXERCISE 5: DATA DEDUPLICATION ......................................................................................................................... 12

LAB EXERCISE 6: REPLICATION ........................................................................................................................................ 14

LAB EXERCISE 7: DATA ARCHIVING ................................................................................................................................. 16

LAB EXERCISE 8: DATA MIGRATION ................................................................................................................................ 18

LAB EXERCISE 9: DATA PROTECTION IN SOFTWARE-DEFINED DATA CENTER .................................................................. 20

LAB EXERCISE 10: CLOUD-BASED DATA PROTECTION ..................................................................................................... 22

LAB EXERCISE 11: PROTECTING BIG DATA AND MOBILE DEVICE DATA ........................................................................... 24

LAB EXERCISE 12: SECURING THE DATA PROTECTION ENVIRONMENT............................................................................ 26

LAB EXERCISE 13: MANAGING THE DATA PROTECTION ENVIRONMENT ......................................................................... 28

EMC2 PROVEN PROFESSIONAL 3

 Lab Exercise 1: Data Availability

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Introduction to Data Protection

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 1: Introduction to Data Protection

EMC2 PROVEN PROFESSIONAL 4

Scenario

In an enterprise data center, a single storage system is used to provide a data archiving service to the customers. The
scheduled operating time of the data archiving service is 24×365 hours, so that the customers can archive and retrieve data
anytime. The MTBF and MTTR of the storage system are 10000 hours and 12 hours respectively. Last year the storage system
failed twice which resulted in a total service downtime of three days.

Deliverables:

What is the expected availability of the storage system?

What are the expected annual uptime and downtime of the storage system?

What is the achieved availability of the data archiving service in the last year?

Solution

• Availability is calculated as: MTBF/(MTBF+MTTR)×100

Expected availability of the storage system = (10000/ (10000+12)) ×100

= 0.9988 × 100
= 99.88 %
• Scheduled operating time of the service = 24 × 365 hours = 8760 hours
Expected annual uptime of the storage system =
8760 hours per year × (0.9988) ≈ 8749.5 hours
Expected annual downtime of the storage system =
8760 hours per year × (1 − 0.9988) ≈ 10.5 hours

• Achieved availability of the service in the last year =

((Operating Time − Downtime)/Operating Time)×100
= ((8760 − (24×3))/8760)×100
= 0.9918 × 100
= 99.18 %

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 5

 Lab Exercise 2: Data Protection Architecture

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Data Protection Architecture

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 2: Data Protection Architecture

EMC2 PROVEN PROFESSIONAL 6

Scenario

The IT infrastructure of an organization includes 20 physical computing systems. These compute systems consist of both
Microsoft Windows and UNIX platforms. They host financial, email, and backup applications, and the organization’s website.
Each compute system runs a single application to avoid resource conflict. The utilization of these compute systems is mostly
around 20 percent. These compute systems are connected to six file servers with direct-attached storage (DAS). Three file
servers are used for file sharing among Windows compute systems and the remaining three enable file sharing among UNIX
compute systems. The email application uses a SAN-attached (block-based) storage system as the primary storage and an
aging object-based storage device (OSD) to archive old emails. A SAN-attached tape library is also used to store all backup
data. The backup application is purpose-built for backup-to-tape operations.

Challenges and Requirements

The tape library is aging and is a performance bottleneck during backup operations. Managing different types of storage
systems using multiple management tools creates complexity and delays storage provisioning decisions and troubleshooting.
Management tools can not provide real-time, end-to-end visibility and reporting on the IT infrastructure, and backup and
archiving operations. The SAN-attached storage system has only 10 percent of its storage capacity available for storing new
data. The UNIX users and Microsoft Windows users are unable to share files. Moreover, some of the file servers are overly
utilized and therefore new file servers must be deployed to distribute the workload.

The organization needs to deploy a set of new applications on social networking, eCommerce, and big data analytics as part of
its expanded business objectives. They need to purchase 30 new compute systems to deploy the new applications.

Deliverables

Propose a solution that will optimize utilization of compute resources and eliminate the performance bottleneck caused by the
tape library without changing the existing backup application. The solution should also reduce management complexity,
provide real-time, end-to-end visibility of the infrastructure and operations. It should also allow UNIX and Windows users to
share files, reduce proliferation of file servers, and improve file serving performance.

Solution

• Install a hypervisor on each physical compute system to run multiple VMs/applications and improve its utilization. As
a result, the organization can use fewer physical compute systems to run both the existing and the new applications.
This, in turn, will reduce the acquisition and operational cost of new compute systems.
• The aging tape library can be replaced with a virtual tape library. The virtual tape library will emulate a tape library and
support commands from the existing backup application. However, it will provide better performance than a tape
library for backup and recovery.
• Deploy a unified storage system that will consolidate block-level, file-level, and object-level access. Migrate data from
the tape library and the OSD to the newly deployed unified storage system before these aging systems are
decommissioned. A single management tool can be used for unified management of storage systems.
• The management tool should support the discovery of the IT infrastructure periodically and when a change occurs in
the infrastructure. The unified management tool with the ability to discover the entire IT infrastructure will provide
end-to-end visibility.
• Use the NAS-functionality of the unified storage for file sharing among the compute systems. Organization can
consolidate multiple file servers to a NAS system and thereby avoid proliferation of file servers. NAS is optimized for
file serving and thus provides better performance than a file server. NAS also allows UNIX and Microsoft Windows
users to share files.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 7

 Lab Exercise 3: Fault Tolerance Techniques

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Fault Tolerance Techniques

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 3: Fault Tolerance Techniques

EMC2 PROVEN PROFESSIONAL 8

Scenario

An organization has two availability zones in a geographic region. Each zone has a cluster of 10 physical compute systems
running 50 VMs and two block-based storage systems that contain over 100 TB of RAID-protected critical data. Each physical
compute system has two HBAs. Business applications running on these VMs are used to provide eCommerce services. In each
zone, four Ethernet switches (switch 1, 2, 3, and 4) are used to provide compute-to-storage connectivity. Three of the four
Ethernet switches (switch 1, 2, and 4) are active and the remaining one switch (switch 3) is on standby.

Challenges and Requirements

There are a number of challenges impacting the performance and availability of services. In particular, some of the interswitch
links (ISLs) often become over-utilized causing degradation of service performance. Service performance is also impacted
during peak workload hours due to limited bandwidth of switch 2. In addition, failure of a VM, a physical compute system, or
an HBA causes a brief interruption of the services and data loss for in-progress transactions. The organization recently
experienced a service outage due to a fault in the eCommerce payment gateway. Until the payment gateway system was
repaired, customers were not even able to view the product catalog, shopping cart, and order status. Recently a failure of the
power supply system caused outage of an entire zone. Although this event resulted in a service failover to another zone, it
caused a loss of in-progress transactional data.

The service level guarantee committed by the organization covers both high availability and high performance of services.
Therefore, even a brief interruption of service or loss of transactional data is unacceptable to them.

Deliverables

Propose the fault tolerance techniques to address the organization’s challenges and requirements.

Solution

• Organization should aggregate the ISLs between Ethernet switches to create link aggregation groups. As a result,
network traffic will be distributed across the shared bandwidth of all the ISLs in a link aggregation group. This will
improve service performance.

• The organization should also aggregate switch 2 and switch 3. This will allow ports in both the switches to be active
and to forward network traffic simultaneously. Therefore, it will provide more active paths and throughput than a
single switch which will improve service performance during peak workload hours.

• In addition, use VM live shadow copy to provide continuous availability of services running on VMs and to prevent
data loss for in-progress transactions.

• Organization should also implement multipathing solution to enable automated path failover. Multipathing
eliminates the possibility of disrupting a service due to failure of a component on the path, such as an HBA. It
automatically isolates a faulty path and reroutes the pending I/Os to alternative paths. It also provides load balancing
across the available paths.

• Organization should also ensure that the application or service design supports graceful degradation. The graceful
degradation of application functionality will make the product catalog, shopping cart, and order status available to
the customers even when a fault causes the payment gateway outage. Moreover, configure redundant power supplies
in each zone to avoid the transactional data loss due to a power supply failure.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 9

 Lab Exercise 4: Data Backup

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Data Backup

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 4: Data Backup

EMC2 PROVEN PROFESSIONAL 10

Scenario

A financial organization runs business-critical applications in a virtualized data center. The organization currently uses tape as
their primary backup storage media for backing up application data. It uses an agent-based backup solution for backing up
data. These agents run inside the VMs to perform backup. The organization currently performs a full backup every Sunday and
an incremental backup on other days. It also has a file-sharing environment in which multiple NAS systems serve all the
clients including application servers. During NAS backup, the data is backed up from application servers to the backup device.

Challenges and Requirements

The backup operations consume resources on the compute systems that are running multiple VMs. This is significantly
impacting the applications deployed on the VMs. During NAS backup, the application servers are impacted because the data
is backed up from these servers to the backup device. Both backup and recovery of data take more time to complete the
operations.

The organization is looking for a backup and recovery solution that will help to meet the SLAs. It is identified that the backup
workload on the compute system impacts the performance of the applications running on the system. The organization needs
a solution to avoid performance impact to applications. The organization is also looking for a solution to avoid performing
regular full backup and to overcome the challenges in their NAS backup environment.

Deliverables

Propose a solution to address the organization’s challenges and requirements.

Solution

The organization can implement disk-based backup solution to improve the backup and recovery performance for meeting the
SLAs. It also needs to implement recovery-in-place to speed up the recovery operations. The organization should implement
image-based backup solution to offloaded the backup operation from VMs to a proxy server. To avoid regular full backup, the
organization can implement incremental forever backup. To overcome the challenges in the NAS environment, the
organization can implement NDMP-based backup that sends data directly from the NAS head to the backup device without
impacting the application servers.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 11

 Lab Exercise 5: Data Deduplication

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Data Deduplication

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 5: Data Deduplication

EMC2 PROVEN PROFESSIONAL 12

Scenario

An organization runs business applications in a data center. It has multiple remote/branch offices (ROBO) across different
locations. These remote offices have their local IT infrastructure. The application data are stored on SAN-based storage
systems in the data center. The organization currently uses disk as their backup storage media for backing up application data
in their data center. The tapes are used for protecting data at the remote site for DR purpose.

Challenges and Requirements

The organization’s backup and production environments have huge amount of redundant data. This has led to an increase in
the infrastructure cost and is also impacting the backup window. The branch offices also have limited IT resources for
managing backup. Organization wants to backup all the data from the branch offices to the centralized data center. But
backing up of data from branch offices to a centralized data center is restricted due to the time and cost involved in sending
huge volumes of data over the WAN. The organization is also facing the risk of sending tapes to offsite locations as this might
lead to the loss or theft of sensitive data.

The organization is looking for a solution to eliminate redundant copies of data. The solution should not impact the business
critical applications during backup and should also address the backup challenges of remote and branch offices. The
organization also needs an effective solution to address the challenges of remote site backup using tapes for DR purpose.

Deliverables

Propose a solution to address the organization’s challenges and requirements.

Solution

• The organization can implement deduplication solution to eliminate redundant data. By implementing target-based
deduplication solution for business critical applications, the performance of these applications does not get
impacted. This is because it does not require any deduplication agent on the application servers.

• The organization can implement source-based deduplication at branch offices. Since the data is deduplicated at the
source (branch offices), only deduplicated data is backed up. This eliminates the challenges associated with centrally
backing up branch office data to the data center. This considerably reduces the required network bandwidth.

• After implementing deduplication in the data center, the organization can now transfer only the deduplicated data
over WAN to the remote site. This eliminates the need for shipping the tape to the remote site and also requires less
network bandwidth.

• The organization can also utilize the deduplication capability of their SAN storage. This reduces the redundant data in
their production environment and also reduces their primary storage cost.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 13

 Lab Exercise 6: Replication

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Replication

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 6: Replication

EMC2 PROVEN PROFESSIONAL 14

Scenario

A multinational bank runs a business-critical application that stores data in a LUN with RAID 1 configuration. Application is
write-intensive with about 75 percent write operations. Every month-end the bank runs billing and reporting applications to
generate bills and statement of customer’s account. The bank has two data centers which are 100 miles apart.

Challenges and Requirements

The backup window is too long and is negatively impacting the application performance. These billing and reporting
applications have huge impact on the source volume; therefore the bank is looking for a better solution. In the past year, the
top management has become extremely concerned about DR because they do not have DR plans.

During billing and reporting, the source volume should not have any impact on the source volume. During backup the
business critical applications should not get impacted. Bank cannot afford any data loss; therefore need a disaster recovery
solution with near zero RPO.

Deliverables

Propose a storage system-based local replication solution to address the organization’s concern

Propose a solution to address the organization’s DR requirements

Solution

• Deploying a full volume technology enables all the data to be available on replica devices. The backup application
can read the data from the backup devices. If a pointer-based replica is used, most of the read operations will be from
the source volume which could degrade the application performance. Creating one more replica will allow the
organization to run billing and reporting applications on this replica that will avoid the performance impact on the
source volume.
• To meet the DR requirement, the organization can implement synchronous remote replication. This solution provides
near zero RPO.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 15

 Lab Exercise 7: Data Archiving

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Data Archiving

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 7: Data Archiving

EMC2 PROVEN PROFESSIONAL 16

Scenario

The IT infrastructure of a health care organization includes a cluster of six physical computing systems that are running
hypervisors. The clustered compute systems host a total of 24 virtual machines (VMs). These VMs host the organization’s
health care application, email application, backup application, and file servers. The physical compute systems are connected
to two disk-based, high-performance storage systems. They are also connected to a tape library that is used as backup storage
system. One of the disk-based storage systems has mostly SSDs while another storage system has only HDDs.

The disk-based storage systems have about 20 percent frequently accessed data, 40 percent moderately accessed data, and
40 percent fixed data. According to government regulations, each patient record is preserved for seven years even after a
patient’s death. In addition, old records are needed when patients revisit the health care organization. The organization
performs daily backup of all patient records. Each backup copy is retained in the tape library for one month and then the tapes
containing the backups are moved and maintained in a vault.

Challenges and Requirements

Both the disk-based storage systems have only 10 percent of their storage capacity available for storing new data. Budget
constraints restrict the organization’s ability to buy another high-performance and high-cost storage system. Last year, some
of the old records were altered due to human error. The old records were retrieved by bringing the old tapes from the vault and
making them online. As a result, the treatment of a few revisiting patients was delayed.

Further, the backup operation takes a long time to complete, which impacts the application performance during peak hours. In
addition, the cost of purchasing and maintaining a large number of tapes often exceeds the budgeted cost. Maintaining a
large number of tapes also poses risks of labeling errors and lost tapes.

The organization needs to purchase another storage system immediately to meet the storage capacity requirements. The
organization needs to ensure that old records are authentic and are not altered. They also require faster retrieval of old records
in case a patient revisits the health care organization. The organization wants to reduce the backup window and the
associated costs and risks. They also want to optimize the application performance.

Deliverables

Propose a solution that will address the organization’s challenges and requirements.

Solution

• Deploy a CAS in the environment and move fixed data to the CAS. CAS will provide content authenticity and integrity.
CAS is a disk-based online archive storage system, which will enable faster retrieval of patient records compared to
tapes. Moving the fixed data to a CAS system will reduce the backup window, backup storage and tape maintenance
costs, and associated risks. A reduced backup window will mitigate the impact on application performance during
backup.

• If budget permits, replace the tape library with a disk-based storage system or virtual tape library. A disk-based
backup storage system will further reduce the backup window and eliminate costs and risks associated with tape
maintenance.

• Implement storage tiering to optimize application performance and eliminate the need to buy a high-performance and
high-cost storage system. Create a hierarchy of storage tiers considering the storage system with mostly SSDs as tier
0, the storage system with only HDDs as tier 1, and CAS system as tier 2. Deploy a policy engine and configure
policies to automatically move frequently accessed data to tier 0, moderately accessed data to tier 1, and fixed data
to tier 2.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 17

 Lab Exercise 8: Data Migration

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Data Migration

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 8: Data Migration

EMC2 PROVEN PROFESSIONAL 18

Scenario

An organization runs business-critical applications in a traditional data center. The organization currently runs applications on
physical compute systems. Each compute system runs a single application. It uses block-based storage system to provision
storage capacity for the applications. The organization has another block-based storage system from a different vendor that
supports internal applications. It also has a file-sharing environment in which multiple NAS systems serve all the clients
including application servers. The organization has a plan to deploy more applications to expand their business portfolio.

Challenges and Requirements

The compute systems are running at 15 to 20 percent utilization that leads to poor utilization of physical machines in the data
center. The organization has limited budget to buy compute systems to run business applications. The applications are
impacted during the maintenance of the storage system since it is down during the maintenance period. The storage system
does not have any migration capability. It is also identified that some of the NAS systems are over utilized and some of the
NAS systems are underutilized. The clients accessing the NAS system are impacted when the NAS system is over utilized.

The organization wants to virtualize their compute infrastructure and run multiple applications on each physical compute
system. Because running multiple applications on each physical compute system reduces the need to invest on purchasing
new compute systems.

The organization needs a solution that should not impact the applications during the maintenance of block-based storage
system. The organization also needs an effective solution to address the challenges in the NAS environment.

Deliverables

Propose a solution to address the organization’s challenges and requirements.

Solution

• The organization can perform online application migration by converting their physical compute systems to virtual
machines. This does not impact the availability of the application during migration. This also improves the overall
utilization of compute infrastructure and reduces the need to invest on purchasing new compute systems.

• To avoid downtime during storage system maintenance, the organization can implement SAN-based data migration
through virtualization appliance. This solution provides non-disruptive data migration from one storage system to
another.

• To overcome the challenges in the NAS environment, the organization can implement NAS-based data migration that
allows moving files from over utilized NAS system to underutilized NAS system without impacting the clients.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 19

 Lab Exercise 9: Data Protection in SDDC

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Data Protection in Software-Defined Data Center

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 9: Data Protection in Software-Defined Data Center

EMC2 PROVEN PROFESSIONAL 20

Scenario

An organization uses its data center to provide email service to its customers globally. A cluster of 20 VMs is used to provide
the email service. The data center storage infrastructure is controlled and managed by a software-defined storage (SDS)
controller. The SDS controller provides a single virtual storage pool for all the VMs to store email data.

Requirements

The organization wants to use another data center in a separate geographic region to provide the email service. Both the data
centers must be active and should have the capability to failover services automatically in the event of a disaster. VMs located
at both the data centers must be able to perform OSI Layer-2 communication with each other.

The organization wants to use another data center in a separate geographic region to provide the email service. Both the data
centers must be active and should have the capability to failover services automatically in the event of a disaster. VMs located
at both the data centers must be able to perform OSI Layer-2 communication with each other.

Deliverables

Propose a solution that will address the organization’s requirements.

Solution

The organization needs to deploy and connect SDS controllers at both the sites. In addition, the VM cluster must span across
both the data centers. The organization also needs to configure SDS controllers to support active/active configuration with
automated service failover. Further, it needs to create a VXLAN tunnel between the data centers to enable OSI Layer-2
communication between VMs. Moreover, the organization needs to create three virtual pools and associate a data protection
service (Gold, Silver, or Bronze) with each of them.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 21

 Lab Exercise 10: Cloud-based Data Protection

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Cloud-based Data Protection

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 10: Cloud-based Data Protection

EMC2 PROVEN PROFESSIONAL 22

Scenario

A product-based company uses its own IT resources. The company has multiple remote offices/branch offices (ROBO) across
the globe. The company runs its business applications on more than 100 physical compute systems in its data center. It is
repurposing its existing infrastructure to build the cloud infrastructure for providing IT services to its users. The infrastructure
components (compute systems, network devices, and storage devices) are heterogeneous in nature. Currently the company
does not have remote site for DR purpose. It performs data archiving within its data center.

Challenges and Requirements

Too often, business-critical data at remote offices is inadequately protected, exposing the business to the risk of losing data
and productivity. Some of the challenges with the ROBO data protection are the lack of skilled onsite technical resources to
manage backups and the risk of sending tapes to the data center. Also, branch offices have less IT infrastructure to manage
backup copies, and huge volume of redundant data available across remote offices. The company does not have adequate
resources to manage peak workload that occurs from time to time. Due to budget constraint the company does not want to
build and manage its own DR site. Managing huge volume of inactive data has increased the complexity of current
infrastructure and cost.

The company needs to reduce the risk of data loss in production environment at remote sites using OPEX cost model. It needs
a solution to manage the peak workload that occurs from time to time and protect the data at DR site without involving CAPEX.
The company also needs to find a solution to reduce the complexity and cost in managing archiving data.

Deliverables

Propose a solution that will address the organization’s challenges and requirements

Solution

• Implement ROBO cloud backup solution to back up data to a centralized location, which is the cloud, to address the
data backup and recovery challenges of remote and branch offices.
• Deploy Hybrid cloud model to enable accommodating increased peak workload that occurs regularly by sharing the
data in both public and private clouds.
• Adopt Disaster Recovery-as-a-Service (DRaaS) which offers resources to enable the consumers to run their IT services
in the event of a disaster, by using DR site in the cloud. This reduces the need for data center space and IT
infrastructure and eliminates the need for upfront capital expenditure.
• Implement Cloud-based archiving to reduce the complexity of managing archiving infrastructure and enabling capital
cost savings.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 23

 Lab Exercise 11: Data Protection in Big Data and Mobile Device Environment

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Protecting Big Data and Mobile Device Data

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 11: Protecting Big Data and Mobile Device Data

EMC2 PROVEN PROFESSIONAL 24

Scenario

A multinational banking organization has several branches and has nearly 10 million customers across the globe. The
organization runs business applications and internal applications across data centers. It has plan to implement big data
analytics in its environment to gain insights and derive business value. It provides mobile banking applications to its
customers and employees to access the data from anywhere. The organization also started supporting bring your own device
(BYOD). Business critical data also resides in these mobile devices used by employees.

Challenges and Requirements

Currently, the organization does not have the required infrastructure to support big data analytics and its protection solutions.
It does not have the required budget to implement the infrastructure for big data solutions and skilled IT professionals to
manage the big data analytics infrastructure. It has been facing challenges in sharing the documents among employees that
impact the collaborative work culture in their environment. It is also facing challenges in protecting business data that resides
in their employee’s mobile device. Mobile device theft causes the organization to lose critical data.

The organization needs a solution to implement big data analytics but looking for OPEX cost model due to budget constraint. It
also needs a solution to effectively share the documents among employees to improve the collaborative work and also need a
solution to effectively protect the data on mobile devices.

Deliverables

Propose a solution that will address the organization’s challenges and requirements

Solution

Organization can adopt cloud-based big data analytics solution that does not require any CAPEX; and the big data can be
protected in the cloud itself. It deploys file sync-and-share application that improves collaborative work and also improves
productivity by allowing employees to access and share documents (files) from any device, anywhere, at any time. To protect
the data from mobile devices, the organization can back up the data from mobile devices to organization’s data center or to
the cloud.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 25

 Lab Exercise 12: Securing the Data Protection Environment

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Securing the Data Protection Environment

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 12: Securing the Data Protection Environment

EMC2 PROVEN PROFESSIONAL 26

Scenario

A large multinational bank is providing a full range of banking services and is currently supporting mobile banking. This
enables their customers to access the applications and data from any location. The bank also enables their employees to
access internal banking applications using mobile devices. Bank has multiple remote/branch offices (ROBO) across different
locations. Single factor authentication solution is deployed for securing the access to banking applications and data. To
ensure business continuity, the bank’s IT department performs remote replication to DR site. Bank archives data on tape and
sends it to offsite to meet compliance requirement.

Challenges and Requirements

Bank is concerned about customer’s data being exposed to an attacker due to the theft of their employee’s mobile devices.
The bank’s IT department has identified anomalous activities happening in the data center. The bank is also concerned about
the confidentiality of data that is being replicated to the DR site and the tapes that are shipped to offsite. After security audit is
performed, it was identified that an attack was attempted by exploiting loophole in the hypervisor management system.

The organization’s needs to protect the confidentiality of data if employee’s mobile device theft occurs. It requires security
controls to identify anomalous activity and protect data on tapes while sending tapes to offsite location. It also needs to
protect data while performing replication between sites and to have security controls to protect the hypervisor management
system.

Deliverables

Propose a solution that will address the organization’s challenges and requirements.

Solution

• Implement Mobile Device Management (MDM) solution that enforces banks security policies on the enrolled
employees mobile devices. In the event of device theft or lost occurs MDM solution wipes off the data on the
employees mobile device to ensure the confidentiality of data.

• Implement intrusion detection and prevention system (IDPS) that will detect anomalous activities and stop the events
after they have been detected.

• Deploy data encryption at rest and in flight. Data on tape should be encrypted before shipping to the offsite. Also data
needs to be encrypted while performing remote replications between sites.

• Implement hypervisor management security controls such as performing hypervisor hardening based on CIS and DISA
best practices, security-critical hypervisor management updates, and implementing separate firewall with strong
filtering rules.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 27

 Lab Exercise 13: Managing Data Protection

Purpose: To reinforce the concepts presented in the lecture portion of

the module, Managing the Data Protection Environment

Participants are required to provide a solution for the

Tasks:
deliverables based on the given scenario and requirements.

References: Module 13: Managing the Data Protection Environment

EMC2 PROVEN PROFESSIONAL 28

Scenario

An organization maintaining multiple data centers provides data protection services to its customers. The enterprise provides
the protection services both at local site as well as at remote site protection for disaster recovery. The enterprise virtualizes all
its components and allows its customer’s data to be stored, protected, and accessed from worldwide location. They have also
deployed various backup, replication, and archiving solutions along with the monitoring and reporting tools. Also most of the
management operations are performed manually in the data center.

Challenges and Requirements

There are many challenges in managing the data protection environment; in particular, difficulty in locating and resolving
errors in infrastructure components and data protection operations. Also, the organization is facing difficulty in allocating
resources to meet dynamic resource consumption and seasonal spikes in resource demand. In addition, the organization
sometime experiences degraded performance during replication operation. Moreover, the organization also faces difficulty in
creating the inventory of various infrastructure components, including their configuration, connectivity, functions,
performance, etc.

In order to meet the organizational requirements, to manage the data protection environment, the organization needs to
ensure adequate availability of IT resources to provide data protection services. Also, organization needs to gather and
maintain information about all the infrastructure components in a centralized database so that the information can be used by
various management processes.

Furthermore, administrators should get proactive alerts about potential performance issues on data protection operations and
ensure all the services and SLAs are delivered as committed. In addition, the organization needs to reduce manual errors and
administration cost related to common, repetitive management tasks. Organization is planning to deploy a new multi-site data
protection service. It needs to implement a management process for architecting the new multi-site data protection solution.

Deliverables

Propose a solution that will address the organization’s requirements.

Solution

• Implement a capacity management process that will help in planning for current and future resource requirement,
including dynamic resource consumption and seasonal spikes in resource demand.
• Deploy discovery tool that gathers and stores data in a configuration management system.
• Deploy performance management tool that can proactively alert administrators about potential performance issues.
• Orchestrate management operations that are common and repetitive to reduce manual errors and administration
cost.
• Implement an availability management process that will help in architecting the new multi-site data protection
solution.

End of Lab Exercise

EMC2 PROVEN PROFESSIONAL 29

 END OF LAB

EMC2 PROVEN PROFESSIONAL 30