Wasabi hot cloud storage system architecture
Executive Overview
Wasabi is fundamentally transforming cloud storage with the industry’s most affordable and highest-performing cloud storage service. You can use Wasabi hot cloud storage for a variety of purposes including primary storage for on-premises or cloud-based workloads, secondary storage for backup and recovery, or archival storage for long-term data retention.
Wasabi provides a highly durable storage infrastructure, designed to protect the integrity and reliability of business-critical and mission-critical data. The Wasabi service is engineered to provide 99.999999999% of object durability and 99.99% system availability.
This white paper provides details on the Wasabi hot cloud storage system architecture and reviews its data protection and resiliency features.
Wasabi Hot Cloud Storage Provides Extreme Data Protection
Wasabi hot cloud storage was specifically conceived to make storage a commonplace utility like electricity. Unlike legacy cloud storage services with confusing storage tiers and complex pricing schemes, Wasabi hot cloud storage is extremely easy to understand and incredibly economical to scale. Wasabi's simplified cloud products have predictable and straightforward pricing, and support virtually every cloud storage application.
Wasabi provides a highly durable and reliable storage infrastructure, engineered to safeguard business-critical and mission-critical data. The service is architected to withstand disk failures and media errors, and to ensure continuous availability in the event of equipment problems, network issues, power outages or catastrophes.
Backed by a comprehensive SLA, Wasabi hot cloud storage is designed to provide:
Eleven 9s of object durability
Three 9s service availability for a single data center deployment
Four 9s service availability for a dual data center deployment
Wasabi System Architecture
The Wasabi hot cloud storage system architecture utilizes a purpose-built file system that leverages leading-edge disk drive technology. This approach ensures significant cost reduction and performance improvements relative to other object storage services, including AWS S3. The diagram below provides a high-level overview of the Wasabi System Architecture that is deployed in each of Wasabi’s data centers.
&w=1200&q=75)
Wasabi uses a highly scalable and distributed architecture with no single point of failure. All system elements are protected using 1:1, 1+1, or N:M redundancy to ensure high availability. The Wasabi service consists of Wasabi’s purpose-built software deployed on commercially-available hardware that includes servers, disk drives and networking equipment.
For users that require additional redundancy beyond what a single data center can provide, Wasabi supports Wasabi Bucket Replication for cross-region replication. When this capability is used, customer data is automatically replicated to a distant Wasabi data center for maximum service availability.
Erasure Coding for High Object Durability
Wasabi uses erasure coding algorithms to protect data against disk failures and media errors, without fully replicating data across disks. Each data object is transformed into a series of codes, which are distributed across independent disks for resiliency. In the event of individual or multiple disk failures, data loss, or corruption, the original data object can be reconstructed using only a subset of the codes.
Wasabi customer data is stored in Wasabi storage pods that are composed of 20 distinct disk drives. The encoding algorithm converts each customer data object into a series of data and parity fragments, and stores each fragment on a different disk. When you access an object from storage it is reassembled using the fragments. You can fully reconstruct an object using any 16 of the 20 fragments. In other words, Wasabi can withstand the failure of up to any four disks within a storage pod, without losing data.
Erasure coding provides extremely high data durability while making optimal use of storage capacity. It also makes it easy for Wasabi to perform in-service upgrades and maintenance; disks can be swapped out without disrupting service.
Additional Security And Data Protection Capabilities
Wasabi’s employs a variety of additional security and data protection systems and practices to ensure the privacy and integrity of customer data. Wasabi takes a “defense-in-depth” approach to security, employing multiple layers of security for ultimate protection. Wasabi ensures the physical security of its data centers; institutes strong authentication and authorization controls for all itscloud compute, storage and networking infrastructure; and encrypts data at rest and in transit to safeguard confidential customer information.
Physical Security
The Wasabi service is hosted in premier Tier IV data center facilities that are highly secure, fully redundant, and certified for SOC 2 and ISO 27001 compliance. Each site is staffed 24/7/365 with on-site security personnel to protect against unauthorized entry. Security cameras continuously monitor the entire facility—both indoors and outdoors. Biometric readers and two-factor or greater authentication mechanisms secure access to the building. Each facility is unmarked so as not to draw attention from the outside.
Secure Network Architecture
Wasabi employs advanced network security elements, including firewalls and other boundary protection devices to monitor and control communications at internal and external network borders. These border security devices segregate customers and regulate the flow of communications between networks to prevent unauthorized access to Wasabi infrastructure and services.
Data Privacy and Security
Wasabi supports a comprehensive set of data privacy and security capabilities to prevent unauthorized data disclosure. Strong user authentication features tightly control access to stored data. Access control lists and administratively defined policies selectively grant read/write and administrative permissions to users, groups of users, and roles.
Wasabi encrypts data at rest and data in transit to prevent leakage and ensure privacy. All data stored on Wasabi is encrypted by default to protect data at rest. And all communications with Wasabi are transmitted using HTTPS to protect data in transit.
Data Immutability
Wasabi supports an optional data immutability capability that protects data against administrative mishaps or malicious attacks. An immutable object cannot be deleted or modified by anyone—including Wasabi. Wasabi data immutability protects against the most common causes of data loss and tampering including accidental file deletions, viruses and ransomware.
Active Integrity Checking
Wasabi uses checksums to verify the integrity of all stored objects every 90 days.
Next Steps
CONTACT WASABI TODAY. Learn more about how Wasabi can help you eliminate the cost and complexity of traditional on-site storage solutions.
TRY WASABI FOR FREE. Get up to 1 TB for 30 days.
Related article
&w=1200&q=75)
This guide shows why cloud object storage, in particular, is rising to become a strategic pillar in many organizations’ cybersecurity plans.