CN112835535A - Data centralized management platform - Google Patents
Data centralized management platform Download PDFInfo
- Publication number
- CN112835535A CN112835535A CN202110228380.4A CN202110228380A CN112835535A CN 112835535 A CN112835535 A CN 112835535A CN 202110228380 A CN202110228380 A CN 202110228380A CN 112835535 A CN112835535 A CN 112835535A
- Authority
- CN
- China
- Prior art keywords
- module
- data
- cloud
- management platform
- centralized management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003860 storage Methods 0.000 claims abstract description 28
- 238000004519 manufacturing process Methods 0.000 claims abstract description 9
- 241000700605 Viruses Species 0.000 claims description 7
- 238000001514 detection method Methods 0.000 claims description 3
- 230000005012 migration Effects 0.000 claims description 3
- 238000013508 migration Methods 0.000 claims description 3
- 238000011084 recovery Methods 0.000 claims description 2
- 230000008030 elimination Effects 0.000 claims 1
- 238000003379 elimination reaction Methods 0.000 claims 1
- 230000001681 protective effect Effects 0.000 abstract 1
- 238000007726 management method Methods 0.000 description 16
- 238000013523 data management Methods 0.000 description 5
- 238000000034 method Methods 0.000 description 5
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012805 post-processing Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/0625—Power saving in storage systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1448—Management of the data involved in backup or backup restore
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0662—Virtualisation aspects
- G06F3/0665—Virtualisation aspects at area level, e.g. provisioning of virtual or logical volumes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/4557—Distribution of virtual machine instances; Migration and load balancing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45575—Starting, stopping, suspending or resuming virtual machine instances
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Human Computer Interaction (AREA)
- Quality & Reliability (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a data centralized management platform which comprises a unified indexing module, a virtual storage warehouse module, an operation module, a management module, a duplicate removal module, an encryption module and an anti-lasso module, wherein data of a server and a virtual environment production end are snapshot-backed and then stored in the virtual storage warehouse module, the server and the virtual environment production end are stored in the virtual storage warehouse module in a host backup mode or in a copied mode, and data of a terminal user are synchronously stored in the virtual storage warehouse module through terminal data. The invention has flexible and agile basic structure, is easy to implement, manage and support, and only one platform is needed to flexibly add protective measures for new application, sites and basic structure; the management automation strategy saves more manpower, optimizes secondary storage, saves storage resources and cost, spans storage layers and storage positions, and eliminates data islands.
Description
Technical Field
The invention relates to the field of data management, in particular to a data centralized management platform.
Background
In the process of evolving data management, virtualization, cloud computing are inevitable trends, and data growth in the local and cloud will lead to the following problems:
(1) more difficult to meet RPO/RTO;
(2) more storage resources need to be purchased to store data;
(3) the traditional architecture can cause data isolated island and is difficult to expand and manage;
(4) more management personnel and cost are required;
(5) users are urgently in need of reducing the cost of data management.
Disclosure of Invention
The invention aims to provide a data centralized management platform.
The invention realizes the purpose through the following technical scheme: a centralized data management platform comprises a unified index module, a virtual storage warehouse module, an operation module, a management module, a duplicate removal module, an encryption module and an anti-lasso module, wherein data of a server and a virtual environment production end are snapshot-backed and then stored in the virtual storage warehouse module, the server and the virtual environment production end are stored in the virtual storage warehouse module in a host backup mode or in a copied mode, and data of an end user are synchronously stored in the virtual storage warehouse module through terminal data.
Further, the data of the document/mail system is stored in the virtual storage warehouse module through archiving.
Further, the data in the cloud end is stored in the virtual storage warehouse module in a cloud storage/cloud connection/cloud backup/cloud migration/cloud management mode.
Further, data of the data centralized management platform can be shared to the internal/external cloud disks.
Further, the external device can be searched by the unified indexing module.
Further, the duplication removing module can remove duplication from the data, the encryption module can encrypt the data, and the duplication removing data are transmitted to the cloud storage after being encrypted.
Furthermore, the lasso prevention module can detect whether the client is infected with the lasso virus, after a Ransomware detection function is started, the client software regularly checks the honeypot file, the honeypot file is checked once within 4 hours in a default mode, and when the honeypot file is found to be tampered, an attack warning is immediately sent out.
Compared with the prior art, the data centralized management platform has the beneficial effects that:
(1) flexible and agile infrastructure, easy to implement, manage and support.
(2) And only one platform is needed, protection measures are flexibly added to new applications, sites and infrastructures, and the system can be covered in most public clouds, private clouds, virtual machine environments and storage devices.
(3) The management automation strategy saves more manpower, optimizes secondary storage, saves storage resources and cost, spans storage layers and storage positions, and eliminates data islands.
Drawings
Fig. 1 is a system logic block diagram of a data centralized management platform.
Detailed Description
Referring to fig. 1, a centralized data management platform includes a unified indexing module, a virtual storage warehouse module, an operation module, a management module, a deduplication module, an encryption module, and an anti-lasso module.
The data of the server and the virtual environment production end are snapshot backed up and then stored in the virtual storage warehouse module, and the local storage snapshot is protected, so that the hourly data protection is realized, and 33 mainstream storage and corresponding snapshots are supported.
The server and the virtual environment production end are stored in the virtual storage warehouse module in a host backup mode or stored in the server and the virtual environment DR end in a copy mode, and minute or second-level protection is achieved.
And the data of the end user is synchronously stored in the virtual storage warehouse module through the terminal data.
The data of the document/mail system is stored in the virtual storage library module by filing, and the virtual machine files, so that the resources are saved and the data are reserved for a long time. And the virtual machine is automatically powered off by setting conditions, so that the CPU/Mem resources are released, the virtual machine is automatically migrated from the high-performance DataStore to the low-performance DataStore by setting the conditions, the setting conditions of the disk resources are optimized, the virtual machine is migrated from the VMWare environment, the entry information is reserved in the VMWare environment, and the disk resources are released.
And the data in the cloud end is stored in the virtual storage warehouse module in a cloud storage/cloud connection/cloud disaster recovery/cloud migration/cloud management mode, and the disaster at different places is restored and backed up, so that an accidental disaster is prevented. The cloud storage is that backup media server MA utilizes REST protocol, and is directly connected with the cloud storage without any gateway equipment and reset equipment.
The data of the data centralized management platform can be shared to an internal/external cloud disk, the backup/filing data is supported to be shared to internal/external personnel in a cloud disk/network disk mode, the shared user authority control and multi-version control are supported, the AD/LDAP can be combined, and the user authority management is simplified.
The external device can search through the unified indexing module.
The operation module and the management module can operate and manage the interaction process of the external equipment and the internal module.
The duplication removing module can remove duplication from data, the encryption module can encrypt the data, the duplication removing data are transmitted to the cloud storage after being encrypted, bandwidth can be saved, and data safety is guaranteed. The method supports source-end deduplication/target-end deduplication/post-processing deduplication, supports parallel deduplication, global deduplication and deduplication copy (DashCopy), and the deduplication device supports disk/cloud storage/object storage, and the DDB: the deduplication comparison of the deduplication database and the platform is mainly performed on a DDB (data distribution bus) at an MA (machine access network) end, so that the pressure on a production host is low, the DDB must be placed on a special high-speed hard disk (the DDB cannot be placed on the same disk group with backup data), parallel deduplication libraries (at most 4 nodes) are supported, and a global deduplication library (a plurality of storage strategies share one deduplication library, and the deduplication rate is better).
The anti-lasso module can detect whether a client is infected with lasso virus (Ranomware), after a Ranomware detection function is started, client software regularly checks a Honeypot File (Honeypot File), the Honeypot File is checked once by default for 4 hours, when the Honeypot File is found to be tampered, an attack warning is immediately sent, and a user can perform the following processing: the network is disconnected, and viruses are prevented from attacking other computers; stopping backup to prevent the backup of files with virus; after the virus is eliminated, the correct backup data is restored; the method can prevent virus from attacking the backup data, start the anti-Ransomware protection function on the MA, and prevent any non-Comvoult process from modifying the data on the backup disk.
The invention has the following advantages:
(1) flexible and agile infrastructure, easy to implement, manage and support.
(2) And only one platform is needed, protection measures are flexibly added to new applications, sites and infrastructures, and the system can be covered in most public clouds, private clouds, virtual machine environments and storage devices.
(3) The management automation strategy saves more manpower, optimizes secondary storage, saves storage resources and cost, spans storage layers and storage positions, and eliminates data islands.
While there have been shown and described what are at present considered the fundamental principles and essential features of the invention and its advantages, it will be apparent to those skilled in the art that the invention is not limited to the details of the foregoing exemplary embodiments, but is capable of other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Furthermore, it should be understood that although the present description refers to embodiments, not every embodiment may contain only a single embodiment, and such description is for clarity only, and those skilled in the art should integrate the description, and the embodiments may be combined as appropriate to form other embodiments understood by those skilled in the art.
Claims (7)
1. A data centralized management platform is characterized in that: the system comprises a unified indexing module, a virtual storage warehouse module, an operation module, a management module, a duplication elimination module, an encryption module and an anti-lasso module, wherein data of a server and a virtual environment production end are snapshot-backed and then stored in the virtual storage warehouse module, the server and the virtual environment production end are stored in the virtual storage warehouse module in a host backup mode or in a copied mode, and data of an end user are synchronously stored in the virtual storage warehouse module through terminal data.
2. The data centralized management platform of claim 1, wherein: data of the document/mail system is stored into the virtual storage library module through archiving.
3. The data centralized management platform of claim 1, wherein: and the data of the cloud end is stored in the virtual storage warehouse module in a cloud storage/cloud connection/cloud disaster recovery/cloud migration/cloud management mode.
4. The data centralized management platform of claim 1, wherein: data of the data centralized management platform can be shared to the internal/external cloud disks.
5. The data centralized management platform of claim 1, wherein: the external device can search through the unified indexing module.
6. The data centralized management platform of claim 1, wherein: the duplication removing module can remove duplication from the data, the encryption module can encrypt the data, and the duplication removing data are transmitted to the cloud storage after being encrypted.
7. The data centralized management platform of claim 1, wherein: the anti-lasso module can detect whether the client is infected with lasso virus, after a Rancomware detection function is started, the client software regularly checks the honeypot file, the honeypot file is checked once within 4 hours by default, and when the honeypot file is found to be tampered, an attack warning is sent out immediately.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110228380.4A CN112835535A (en) | 2021-03-02 | 2021-03-02 | Data centralized management platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110228380.4A CN112835535A (en) | 2021-03-02 | 2021-03-02 | Data centralized management platform |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112835535A true CN112835535A (en) | 2021-05-25 |
Family
ID=75934292
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110228380.4A Pending CN112835535A (en) | 2021-03-02 | 2021-03-02 | Data centralized management platform |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112835535A (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102629224A (en) * | 2012-04-26 | 2012-08-08 | 广东电子工业研究院有限公司 | Method and device of integrated data disaster recovery based on cloud platform |
CN104932956A (en) * | 2015-06-19 | 2015-09-23 | 华南理工大学 | Big-data-oriented cloud disaster tolerant backup method |
CN109495443A (en) * | 2018-09-13 | 2019-03-19 | 中国科学院信息工程研究所 | The method and system of software attacks is extorted in a kind of Intrusion Detection based on host honey jar confrontation |
CN109582443A (en) * | 2018-12-06 | 2019-04-05 | 国网江西省电力有限公司信息通信分公司 | Virtual machine standby system based on distributed storage technology |
CN109947507A (en) * | 2019-01-24 | 2019-06-28 | 江苏中云科技有限公司 | A kind of cloud desktop system of more service convergences |
CN110442427A (en) * | 2019-07-29 | 2019-11-12 | 腾讯科技(深圳)有限公司 | A kind of virtual machine snapshot management method, device, equipment and storage medium |
CN111277539A (en) * | 2018-11-16 | 2020-06-12 | 慧盾信息安全科技(苏州)股份有限公司 | Server Lesox virus protection system and method |
-
2021
- 2021-03-02 CN CN202110228380.4A patent/CN112835535A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102629224A (en) * | 2012-04-26 | 2012-08-08 | 广东电子工业研究院有限公司 | Method and device of integrated data disaster recovery based on cloud platform |
CN104932956A (en) * | 2015-06-19 | 2015-09-23 | 华南理工大学 | Big-data-oriented cloud disaster tolerant backup method |
CN109495443A (en) * | 2018-09-13 | 2019-03-19 | 中国科学院信息工程研究所 | The method and system of software attacks is extorted in a kind of Intrusion Detection based on host honey jar confrontation |
CN111277539A (en) * | 2018-11-16 | 2020-06-12 | 慧盾信息安全科技(苏州)股份有限公司 | Server Lesox virus protection system and method |
CN109582443A (en) * | 2018-12-06 | 2019-04-05 | 国网江西省电力有限公司信息通信分公司 | Virtual machine standby system based on distributed storage technology |
CN109947507A (en) * | 2019-01-24 | 2019-06-28 | 江苏中云科技有限公司 | A kind of cloud desktop system of more service convergences |
CN110442427A (en) * | 2019-07-29 | 2019-11-12 | 腾讯科技(深圳)有限公司 | A kind of virtual machine snapshot management method, device, equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11500751B2 (en) | Log monitoring | |
US11928229B2 (en) | Automatic file encryption | |
EP3374922B1 (en) | Systems and methods for protecting backed-up data from ransomware attacks | |
US9298724B1 (en) | Systems and methods for preserving deduplication efforts after backup-job failures | |
US9424136B1 (en) | Systems and methods for creating optimized synthetic backup images | |
EP3356941B1 (en) | Systems and methods for restoring data from opaque data backup streams | |
US9256612B1 (en) | Systems and methods for managing references in deduplicating data systems | |
US9785643B1 (en) | Systems and methods for reclaiming storage space in deduplicating data systems | |
US10127119B1 (en) | Systems and methods for modifying track logs during restore processes | |
EP3380921B1 (en) | Systems and methods for taking snapshots in a deduplicated virtual file system | |
US9524215B1 (en) | Systems and methods for managing virtual machine backups | |
US9734156B1 (en) | Systems and methods for leveraging data-deduplication capabilities of file systems | |
US8707107B1 (en) | Systems and methods for proactively facilitating restoration of potential data failures | |
US9342550B1 (en) | Systems and methods for preventing data loss via temporary-file generating applications | |
US20230144069A1 (en) | Indicating infected snapshots in a snapshot chain | |
CN112835535A (en) | Data centralized management platform | |
US20230315503A1 (en) | Snapshot-based virtual machine transfer across hypervisors | |
US10372607B2 (en) | Systems and methods for improving the efficiency of point-in-time representations of databases | |
US10437683B1 (en) | Systems and methods for protecting data affected by system changes | |
US20230376605A1 (en) | Efficient vulnerability analysis over backups | |
US20230306129A1 (en) | Sensitive data discovery for databases | |
US20230376608A1 (en) | Security risk assessment system for a data management platform | |
US11966362B1 (en) | Immutable storage of snapshot data in a public cloud environment | |
US20240160605A1 (en) | Immutable storage of snapshot data in a public cloud environment | |
US20240143759A1 (en) | Analysis of backup copies to identify malware-encrypted primary data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |