Home > Storage > ObjectScale and ECS > Product Documentation > Dell ECS: High Availability Design > Conclusion
ECS provides an enterprise-quality cloud storage solution with integrated resiliency that you can trust. The ECS architecture has been designed to provide both system availability and data durability. ECS allows administrators granularity in how they balance availability requirements with TCO. Features like automatic failure detection and self-healing capabilities minimize IT administrative workloads at the most critical times, when there is an unplanned event such as a site outage.
ECS protects data within a site/VDC against disk failures using a combination of triple mirroring and erasure coding. ECS offers two levels of erasure coding protection—default protection, which is for typical use cases, and cold storage, which is more efficient for infrequently accessed objects. ECS also distributes the data across failure domains to provide protection against the most failure scenarios.
ECS ensures data integrity by calculating and writing checksums as part of a write operation and validating these checksums during a read operation. The checksum validation is also performed proactively in a background task.
ECS is designed to continue to provide system availability, which is accomplished through the distributed architecture design. The design allows client requests to be serviced by any node in a site or VDC.
The ECS design extends the system availability and data durability protection by adding optional protection against a complete site-wide failure. It enables this ability by federating sites and allowing the administrator to configure various replication group policy options. These options, which can be set at the bucket level, determine where to replicate data and how to store the data in remote sites and access the data during outage options.
ECS also offers customers an option of Access During Outage. This option allows read, list, and, optionally, write and update operations to be sent to an online site when the bucket or object is marked as failed.
If an administrator determines that a site is unrecoverable, the administrator can initiate a permanent site outage. This action removes the VDC or site from the replication group and re-creates data as needed to reestablish data durability.