Hitachi Content Platform (HCP)

(1)

Version 1.0

Hitachi Content Platform (HCP)

HCP and HCP Anywhere Features Evaluation

(2)

Version

Version Date Remarks

(4)

2 1. INTRODUCTION | Data Storage Institute

1. INTRODUCTION

According to IDC report [a], the world’s mobile working population will reach 1.3 billion or 37.2% of total workforce by 2015. This increased number of mobile workforce is due to the advancement of mobile technology as well as the increased popularity of public file sync and share (FSS) service. With these 2 technologies, mobile worker can access and share the data anytime, anywhere and from any mobile device. This helps to increase productivity, speed up responsiveness, and as well as improve communication.

Leveraging public FSS service might not be ideal for enterprise as the data is resided outside of the traditional enterprise security perimeter. Security concern means corporate Information Technology (IT) has to consider setting up their own FSS solution that can be hosted on-premise with features similar to public FSS service to support mobile workers. This means multi-platform access, integration with existing authentication and authorization system as well as client device control mechanism could minimize data leaking when mobile is stolen or lost. Besides this, corporate IT also has to ensure the correct usage of storage platform so that/the data can be stored efficiently. Implementing such FSS solution on-premise is not an easy task and corporate IT needs a complete suite of solution that can fulfill all the requirements.

Hitachi Data Systems (HDS) introduces a FSS software called HCP Anywhere for file sharing and content distribution that helps end-users to improve productivity while maintaining corporate control of data, and providing ease of access securely from anywhere via any device at any time. The software uses HCP as backend platform to manage data efficiently. In this paper, tests were conducted to study and evaluate features of HCP Anywhere, a next generation file service for enterprise I.T with HCP as back-end storage platform. We will look into the usability of HCP Anywhere and HCP as well as some other features such as duplication elimination, compression and encryption. The tests conducted will be divided into 5 categories, (1) Multi Platforms Access Test, (2) Admin Features Test, (3) Storage Efficiency Test, (4) Collaboration test and (5) Data Security Test.

(5)

3 2. BACKGROUND | Data Storage Institute

2. BACKGROUND

2. 1 Hitachi Content Platform (HCP) Anywhere

Hitachi Content Platform Anywhere is a next generation file service for enterprise IT. It can improve end-user productivity by file sharing and content distribution while maintaining corporate control of data. HCP Anywhere is easy to deploy and manage by IT. It leverages internal corporate network according to established policies by IT. Besides internal corporate network, content is allowed to share to public network via secure links behind the firewall.

HCP Anywhere allows data to be accessed from anywhere, any time and on any devices. Users can access the application and data using web browsers, Windows, Macintosh, Apple devices (iPhone and iPad) as well as Android devices. Therefore, users do not need to store duplicate contents in different devices as content will be synchronized on all devices which can help to improve work efficiency and productivity. Users are also allowed to make copies of data everywhere. With the version control feature, old versions of content can be recovered easily. Figure 2.1(i) shows the HCP Anywhere implementation together with HCP.

Figure2.1 (i) Typical HCP Anywhere implementation and HCP (Image source: HDS)

2.2 Hitachi Content Platform (HCP)

HCP is an intelligent and multi-purpose distributed object-based storage system design to store large-scale repositories of unstructured data. Unstructured data such as images, documents, and videos are stored as objects which include both file data and metadata. This metadata contain information such as ingestion time, change time, hash, object policy, user defined metadata and is the key ingredient that allows object to be stored, retrieved, protected and preserved easily.

(6)

4 2. BACKGROUND | Data Storage Institute

the recovery site. Features such as multi-tenancy, chargeback, management API and REST interface make HCP an ideal platform to build a private or public cloud.

Some of the key features are described in table 2.2(i).

Features Usability

Protection and replication

 Tolerate simultaneous point of failure by maintaining specified number of copies

 Retain multiple version of files Immutability

and retention

 Write-once, read-many file system where content is stored in an immutable format with the ability to set file-level retention

Encryption  Encrypt all contents, metadata, and search indexes Duplication

elimination

 Remove duplicate files to improve storage efficiency but maintain integrity

File

compression

(7)

5 3. TEST ENVIRONMENT | Data Storage Institute

3. TEST ENVIRONMENT

3.1 Test Setup

The testing infrastructure was setup as shown in Figure 3.1. Both HCP anywhere and HCP are Virtual Machines (VM) in a VMware ESX 5.5 server with the storage capacity presented by Hitachi HUS110 storage subsystem. Although VMs were used, the functionality is the same as compared to its physical counterpart.

Test clients include mobile device, laptop, desktop and they were connected to HCP anywhere via either wired network or wireless network. Back-end network was used by HCP Anywhere and HCP only and it is transparent to users.

Figure 3.1 Test Infrastructures

3.2 Test Cases

3.2.1 Test Case 1 – Multi-platform Access Test

(8)

3.2.2 Test Case 2 – Admin Features Test

This test is to validate that HCP Anywhere can be integrated seamlessly with existing Active Directory (AD) environment for authentication and authorization. Also, the ability to control the quota for users is also an important feature to test. Remote wipe feature will also be tested to validate that data can be remotely erased by administrator. This is very useful as it can minimize data leaking due to stolen and lost device.

3.2.3 Test Case 3 – Storage Efficiency Test

The test case was developed to validate the efficiency of the HCP storage in the environment. Two types of tests were conducted:

1. Compression test and 2. Duplication elimination test

3.2.3 (A) Compression Test

For compression test, 1GB of compressible files and 1GB of non-compressible files had been conducted to capture the benefits of the compression feature. Besides that, a case study had also been conducted to showcase the storage gain with compression feature through the use of an actual file server file set in our environment. The file server data profile is shown in table 3.2.2(A)(i) and Table 3.2.2(A)(ii).

File server profiles

File Sets Size (GB) 9.81

No of File Types 199

Total No of Files under test 12161

Table 3.2.2(A)(i) Data profiles under Test

No File Type No of Files Size (MB)

1 Adobe Acrobat Document 3765 2713.09

2 Microsoft Office PowerPoint 97-2003 Presentation 817 1572.12

3 TAR File 3 1362.52

4 Microsoft Office Word 97 - 2003 Document 954 1243.96

5 JPG File 1375 894.49

6 RealAudio / Real Video VBR 2 829.20

7 ZIP File 32 369.13

8 GZ File 6 242.32

9 FLV File 1 212.75

10 Microsoft Visio 2000/XP/2003 Document 104 143.60

(9)

3.2.3 (B) Duplicate Elimination Test

Duplication elimination is used to remove duplicate data stored by single user or by multiple users inside a storage unit. With this feature, it requires only a single copy of data which would save storage capacity. This feature is not limited to files stored by a single user, as it would check across the entire storage subsystem. In this test, several test scenarios were developed to show the duplication elimination feature. Table 3.2.2(b)(i) shows the test scenarios.

Test Scenarios Test description

1 Upload, amend and upload amended file

2 Upload same file to different folders by same user 3 Upload same file by different users

4 Upload files with same content but different file name

5 Upload file with same name but different content in different locations Table 3.2.2(B)(i) Duplication Elimination Test Scenarios

3.2.3 (C) Network Bandwidth Consumption Test

In this test, we would like to test the network bandwidth consumption when similar content was uploaded again. A 2.81GB ISO file set would be used as the test file. Windows Performance monitor would be used to capture the network traffic during the test.

3.2.4 Test Case 4 – Collaboration Test

Collaboration is a feature that can improve the work efficiency of multiple users working on the same documents as well as reduce the need to store multiple versions of the same documents. The collaboration test was divided into 2 types, which were versioning control test and sharing test.

3.2.4 (A) Versioning Control Test

In the versioning control test, a user would upload a file, make some changes in the local copy of this file and upload the modified file to replace the old file. After that, this user would try to retrieve the old version of the file from the activity log. To verify further usage of this feature, 2 users would be involved to modify the file shared between them. Both users would also try to retrieve different versions of the file which could either be changed by themselves or any shared user.

3.2.4 (B) Sharing Test

The test was conducted to showcase the file sharing and team folder features for internal users as well as external users who are not in the corporate network.

(10)

For scenario 2, the team folder feature would be enabled to simulate a group of 2 users working on the project under the same environment.

3.2.5 Test Case 5 – Data Security Test

The purpose of this test case is to evaluate the importance of using the data security feature (data-in-flight and data-at-rest encryption) in the HCP. For Data-at-rest encryption, 2 HCPs were setup with HCP1 configured with encryption while HCP 2 configured without encryption. Both HCPs would be boot up using Ubuntu Live CD so that examination could be done to validate whether data stored in HCP could be read out. Figure 3.2.5(i) shows the detailed setup of the test.

Figure 3.2.5(i) Encrypting Test Setup

(11)

9 4. TEST RESULTS AND ANALYSIS | Data Storage Institute

4. TEST RESULTS AND ANALYSIS

4.1 Test Case 1 – Multi-platform Access Test

Figure 4.1(i) Multi device/platform authentication and sharing

(12)

4.2 Test Case 2 – Admin Features Test

4.2.1 Microsoft Active Directory integration, group quota management

Figure 4.2.1(i) HCP Anywhere joins the Microsoft Active Directory

Once Active Directory (AD) was configured successfully, the domain name will appear in the HCP Anywhere web GUI as shown in the Figure 4.2.1(i) and the status will mention that DNS is configured correctly. The HCP Anywhere would also inherit the security attributes configured for users in AD. Besides that, this deployment would be seamless as it could work directly in the existing environment.

HCP Anywhere also has storage quota configuration for group users or single user. Figure 4.2.1 (ii) shows the quota configuration for group while Figure 4.2.1(iii) shows the quota configuration for single user. This configuration could be easily done with a few clicks and it can limit the storage quota for different group of users to improve the storage management.

(13)

(14)

4.2.2 Remote Wipe

Figure 4.2.2(i) Remote Wipe Feature

Deregister Devices

Data Deleted

(15)

Figure 4.2.2(i) shows the remote wipe feature in HCP Anywhere. De-registering a device from HCP Anywhere wipes out all of the data from the device remotely and instantly. Test result shows that when it is triggered, data in the device will be permanently deleted. For Windows system, the deleted data will not appear in the trash bin. Therefore this feature provides a good assurance to company where there will be minimum data leaking in the event where mobile devices are lost or stolen. There is also a credential-reset feature that can be used when account login information is compromised.

4.3 Test Case 3 – Storage Efficiency Test

4.3.1 Compression

The test objective is to showcase the compression feature in the HCP. Table 4.3.1(i) shows the files used for compression test and their test result.

Type File Set Size Number of

File Type

Bytes Saved Storage Saved Microsoft Office

Document Only File from File Server

1GB - 410.25MB 40%

JPEG Only File from File

Server 1GB - 1.2MB 0.11%

All the Files from File

Server 9.81 GB 199 2.46GB 27%

Table 4.3.1(i) Compression Test Statistics

Table 4.3.1(i) clearly shows that compression can play a part in reducing your storage consumption when it is used on compressible file type such as Microsoft Office Document. JPEG file type doesn’t see any benefit with compression and this is an expected result as JPEG is already a compressed format.

By using 10GB of files from real-life file server in our environment, the compression feature provides 27% saving of storage space. This is actually a very good result considering there are some file types which are already in compressed format. Please refer to Table 3.2.2(A)(ii) for our file server profile.

4.3.2 Duplicate Elimination

The test objective is to evaluate the duplication elimination feature in different scenarios. Table 4.3.2(i) shows the test scenarios and de-dup status to highlight the HCP Anywhere duplicate elimination feature.

Test Scenario Test Description De-dup Status

1 Upload, amend and upload No

2 Upload same file to different folder by same user Yes

(16)

Test Scenario Test Description De-dup Status

4 Upload different file name same contents Yes

5 Upload same file name, different contents in different

location No

Table 4.3.2(i) Duplicate Elimination Test Scenarios and Results

The results show that files with duplicate content, regardless of whether it is uploaded by a different user, stored under different file name or different folders will be du-duped. This feature can help to improve the storage usage efficiency.

4.3.3 Network Bandwidth Consumption Test

The test objective is to observe the network bandwidth consumption when users upload a file that is already stored in HCP using Windows application. Table 4.3.3(i) shows the network traffic comparison for the two tests in uploading the same file to different locations.

Upload with HCP Anywhere App First time upload Second time upload

Total (Bytes Sent/sec) in GB 2.99 0.057

Table 4.3.3(i) Network Bandwidth Consumption For first time upload and second time upload using the same file

As shown in the Table 4.3.3(i), the result shows very low network activities during the second upload. This shows that the same file/object will not be uploaded again if it exists in the HCP storage. This is a very good feature as the network bandwidth consumption can be reduced and the upload time will be faster too.

4.4 Test Case 4 – Collaboration Test

4.4.1 Versioning Control

(17)

Figure 4.4.1(i) Version Control Feature

Activity Tab shows all the file activity

(18)

4.4.2 Sharing

Figure 4.4.2(i) File sharing features for internal shared and public shared

(19)

Figure 4.4.2(ii) Team Folder Features for user1 and user2

(20)

Test Scenario Test Description Internal Share Publicly Share

1 File Sharing Successful Successful

2 Team Folder Successful

Table 4.4.2(i) File Sharing using HCP Anywhere

With this feature, a group of users can share their files on a single platform which improves their work efficiency and gain time savings without the need to pass data around via a portable drive or email. This feature eliminates having multiple copies of the same file by keeping a single copy in HCP Anywhere.

4.5 Test Case 5 – Data Security Test

HCP Anywhere leverages HCP to provide data-at-rest encryption. Table 4.5(i) shows the encryption test scenarios.

Test Scenario Test Case Results

1 Encryption feature disabled at HCP Successful to locate, open and read the contents of the file uploaded

2 Encryption feature enabled at HCP Partition disk was encrypted. Figure 4.5(i) Encryption test scenarios and results

(21)

Figure 4.5(ii) Encryption test screen captured Detail

For data-in-flight encryption test, we had validated that HTTPS/TLS protocol were used and is the only option allowed for the client to communicate to HCP Anywhere. Using network analyzer software, Windump, we noticed that no traffic communicated via port 80 (HTTP) and all the data traffic flow through port 443 (HTTPS). No clear text data was observed too. This can be seen in Figure 4.5(iii), 4.5(iv), 4.5(v) and 4.5(vi).

able to open the file from HCP

_{Volume is}

encrypted

Plain Text upload from HCP

(22)

Figure 4.5(iii) File upload operation and Windump capturing network packet. The upper right hand corner console window shows port 80 traffic while the lower right hand console shows

port 443 traffic

(23)

Figure 4.5(v) Console window capturing port 80 traffic, no network packets were captured

(24)

22 5. SUMMARY | Data Storage Institute

5. SUMMARY

In this test, we had evaluated HCP Anywhere in terms of usability for users and administrator, storage efficiency as well as data security. For usability, we validated that HCP Anywhere provides native application for different OS that really brings convenience to users when they can access their file from any mobile devices. The ability to do file versioning and also folder sharing allows users to easily keep track of the file version as well as collaborate easily with other users by sharing their file.

We also validated that HCP Anywhere can be integrated easily with existing AD. This integration makes it easy for administrator to maintain and manage the system. Testing on quota management shows that it is easy to configure and this feature provides a good way for administrator to control usage of storage. For the remote wipe feature test, results shows that data can be remotely wiped successfully and this help to minimize data leaking for lost mobile devices.

With the back-end object storage platform, it can further enhance this environment by providing some other features such as compression and duplication elimination. A test was conducted using our file server showed that compression could provide savings of up to 27%. This is a good figure considering that our file server contains files that are not compressible. Test on duplication elimination validated that file with similar content will be de-duped and this further improved storage efficiency.

The test on encryption shows that data-at-rest encryption and data-in-flight encryption work as expected and these are essential features that ensure data is protected accordingly. Overall, test results show that HCP Anywhere is a FSS solution that can address usability, security and storage efficiency. It can be deployed as 100% on-premise private cloud where not only data is stored on-premise but both authentication and management are performed locally without any interaction with public cloud.

(25)

Hitachi Content Platform (HCP)