This paper looks at applicable threats and exposure risks helping to safeguard your business data including best practices to create a secure, fast, dependable data protection strategy using various technologies and services to streamline data protection management.
It should be no surprise that the amount of data being generated and stored continues to grow. Furthermore, more of that data is now stored or accessed outside of the traditional data center, and more of it is stored for longer periods of time. This data needs to be protected and stored away from where it is used (e.g. off-site) and needs to be available for timely restoration, recovery of deleted files, or complete system recovery.
So the problem is how to make sure that all data, including data in remote offices and branch offices is being backed up to a separate location in a timely and efficient manner. This is not a problem unique to large enterprises with distributed remote offices and branch offices (or “ROBOs”). Small and medium sized businesses (“SMBs”) increasingly experience the same issue.
The StorageIO Group Information Technology Analysts and Consultants Three Ways to Ensure Trouble-free Remote Backups Copyright 2006 StorageIO All Rights Reserved. 12/8/2006 Page 1 of 7 www.storageio.com P.O. Box 2026 Stillwater, MN 55082 651-275-1563 firstname.lastname@example.org Industry Trends and Technology Perspective White Paper Three Ways to Ensure Trouble-free Remote Backup: Tips for Better Data Protection at Remote and Branch Offices By Greg Schulz Founder and Senior Analyst, the StorageIO Group WP.1013.v061207 More and more data continues to be accessed, generated, and stored from remote and branch offices of various sized businesses including small business (SMB). Given the increasing number and diversity of threats to information and privacy concerns, data protection needs to be understood and managed. The first step to a data protection management strategy is to understand your applicable threat risks, followed by knowing your options to protect and secure your information. This paper looks at the threats, the options to guard and protect your data, and how to identify solutions to meet your particular business needs. Untitled DocumentThe StorageIO Group Information Technology Analysts and Consultants Three Ways to Ensure Trouble-free Remote Backups Copyright 2006 StorageIO All Rights Reserved. 12/8/2006 Page 2 of 7 www.storageio.com P.O. Box 2026 Stillwater, MN 55082 651-275-1563 email@example.com Introduction Is the data at your remote sites regularly backed up? Not just your servers but your desktops and laptops? Are you confident you can restore reliably from your remote backups? Remote site data management can be a headache, but there are simple solutions. This paper looks at applicable threats and exposure risks helping to safeguard your business data including best practices to create a secure, fast, dependable data protection strategy using various technologies and services to streamline data protection management. The Problem It should be no surprise that the amount of data being generated and stored continues to grow. Furthermore, more of that data is now stored or accessed outside of the traditional data center, and more of it is stored for longer periods of time. This data needs to be protected and stored away from where it is used (e.g. off-site) and needs to be available for timely restoration, recovery of deleted files, or complete system recovery. So the problem is how to make sure that all data, including data in remote offices and branch offices is being backed up to a separate location in a timely and efficient manner. This is not a problem unique to large enterprises with distributed remote offices and branch offices (or ROBOs ). Small and medium sized businesses ( SMBs ) increasingly experience the same issue. ROBO backup pain points include: " Maintaining a regular backup schedule at remote sites " Leveraging traditional backup software designed for back up to tape " Cost and complexity of automated technologies or lack of network bandwidth " Limited amount of time to complete a comprehensive backup " Disruptive nature of backups and impact on productivity " Lack of trained personnel to make sure the backups function as planned " Limited scalability in terms of performance and flexibility " Incomplete backups lacking data for complete restoration and recovery Backup and restoration in general are not just about protecting against disasters, local copies of backups can also be used in conjunction with snapshots for rapid recovery of accidentally deleted or corrupted files. There are a couple of pieces to this. First, there is the classic remote office, branch office (ROBO) also known as a satellite or perhaps a departmental, division or workgroup, where data needs to be protected with regular backup. Then there are regular offices of various sizes that need to have their data backed up to a remote site, perhaps to a secondary site or to a managed service provide (MSP). There are many different techniques and technologies to support data protection including backup, replication and mirroring and snapshots. Backup makes a copy of the data as of a particular point in time to provide data protection against loss or destruction of data and is complimentary to other data protection techniques including mirroring, replication, RAID, snapshots and continuous data protection. Replication also known as mirroring (not to be confused with RAID-1 disk drive mirroring) maintains a real-time (synchronous) or near-real-time, time delayed (asynchronous) copy of data from one location to another providing sustained accessibility to data. Replication should be combined with some other form of data protection including backup to protect against loss or destruction of data. Snapshot also know as point-in-time (pit) copy take a picture or copy of the data as of a particular point in time however unlike backup where changed data is actually copied to some other medium, snapshots (which can be full or partial) make a copy of the pointers that point to changed data which is much faster Untitled DocumentThe StorageIO Group Information Technology Analysts and Consultants Three Ways to Ensure Trouble-free Remote Backups Copyright 2006 StorageIO All Rights Reserved. 12/8/2006 Page 3 of 7 www.storageio.com P.O. Box 2026 Stillwater, MN 55082 651-275-1563 firstname.lastname@example.org than performing a backup and data copy. Snapshots can be combined with replication to make a high-speed copy of data as of a particular point in time that can than be backed-up or copied off-line. Solution Options ROBO and SMB environments have many options for data backup to guard against accidental file deletion, infected or corrupted files, support business continuance (BC) and disaster recovery (DR). Your data backup strategy may involve multiple technologies and techniques including periodic backup and mirroring or replication of data to insure applications are protected and remain accessible. An effective ROBO backup strategy addresses rapid restoration, recovery and restart of applications with as much transparency as possible. Depending on recovery time objectives (RTO) and recovery point objectives (RPO) requirements, various options and permutations of technology combinations can be deployed. On-site Tape A common starting point for businesses is to leverage an automated tape loader, stacker or mini-library or small optical jukebox at remote sites. These backup devices are coupled with either entry level backup or modified enterprise tape centric backup software to perform daily or weekly backups. This approach often leads to problems with media or tape handling, manual trouble shooting as to why the backups did not complete on time or why they failed to backup all required data. On-site tape unless stored in a fire and water proof vault does not protect a site in case of a local disaster where tapes may be damaged. Consequently best practice has been to manually ship tapes to an off-site facility and introducing the risk of lost or misplaced tapes. Today IT managers looking for solutions to alleviate pain associated with ROBO backup have three new options. Remote Backup Remote backup software is employed when data and servers need to be maintained at remote locations to support various business requirements. Remote servers, desktops and laptops are backed up over a network to a central location or to a managed service provider (MSP). This approach is often combined with disk to disk (D2D) and other variations of disk to disk data protection (3DP) techniques including continuous data protection (CDP). The benefit of agent-less remote backup is that it enables rapid restoration of data, whether from accidental file deletion, corruption or infection, and also supports recovery and restart for BC and DR purposes. Various topologies and configurations can meet different business and geographic location needs, including one-to-one and many-to-one for backup consolidation. This option makes sense in the following circumstances: " Distributed servers, desktops, and laptops with storage are required to support business functions. This may be the case if you need to protect against loss of network access for localized processing and application support. " You benefit from centralizing management and control of distributed backups, either by your own organization or by using an MSP to off-load your backup functions. " You require timely access to data for restoration purposes, and you require that regular and timely backups are performed. " Your business is regulated or if you have other requirements that dictate offsite storage of data Remote backup solutions usually employ a client and server model where the client sends (pushes) data to a server over a network, or a server requests (pulls) data from a client based upon a schedule time or event trigger to meet various RTO and RPO objectives. A feature to look for in remote backup software is agent-less support to reduce ongoing management associated with maintaining different versions of Untitled DocumentThe StorageIO Group Information Technology Analysts and Consultants Three Ways to Ensure Trouble-free Remote Backups Copyright 2006 StorageIO All Rights Reserved. 12/8/2006 Page 4 of 7 www.storageio.com P.O. Box 2026 Stillwater, MN 55082 651-275-1563 email@example.com agents or drivers on remote servers. Look for solutions that provide easy to use, timely and complete data protection capabilities using different network topologies that are designed for remote backup. A feature to look for in remote backup software is the ability to determine and distinguish between changed data and what has already been backed-up. This capability of determining and only backing up changed data results in improved network bandwidth utilization as well as reducing the time required to backup a given amount of data. For example, if there are 100 files to be backed up, and only ten of those 100 files have changed, only the ten changed files would get backed-up. Backup software that keeps track of which files have been backed up, as well as keeping track of what data in files have been backed up using commonality factoring, data differencing, single instancing, de-duplication and other techniques can further optimize backups over WAN networks to improve performance and reduce data storage needs. NAS Replication NAS replication is employed when it makes sense to deploy a standalone NAS device at the remote site. The NAS device is replicated on an ongoing basis to another NAS device centrally located or at a peer location, creating an exact copy of all files, files systems, and snapshot copies. This replication may be one-to-one, or many-to-one in the case of multiple remote locations; that is, multiple remote sites can all be backed up to one central NAS. This option makes sense in the following circumstances: " Significant amount of data is required at the remote site. If several terabytes or more of shared storage are needed at a remote site, a NAS solution is often justified. " Throughput at the remote site is a priority. For example, engineering applications, data collection or other high performance applications may benefit from use of localized NAS-based storage. " Shared data access is required; with multiple users at the remote site require accessing to a common data set. A local NAS device is ideal for this as it provides shared access to data and locally-managed access privileges. NAS replication usually employs a snapshot-based, asynchronous approach. Snapshots are created at the remote site, and then replicated to the central site on a scheduled basis. That schedule may be set as frequently as required; for data sets that change slowly, a nightly update is often sufficient. For rapidly changing information, updates may be every few minutes. This approach creates snapshots at the remote location that are handy in themselves. They allow a remote user to roll-back in time to access an earlier version of a corrupted or accidentally deleted file, without involving the administrator at the central site. A feature to look for in NAS replication is differential block based replication. This means that when an existing file is changed, only the changes are sent to the central location. If you have a large multi-megabyte files, and you only change a few kilobytes of it, with differential block based replication only those kilobytes are re-sent, thus minimizing network traffic. 3) Wide area file services (WAFS) Also known or referred to as wide area data services (WADS), wide area data management (WADM), or wide area application services (WAAS), among others acronyms. In general, WAFS as well as other related technologies can address network, protocol, application and bandwidth latency problems associated with moving and accessing data over wide area networks. Solutions typically employ compression and other optimization techniques that vary by vendor and implementation. WAFS as a Untitled DocumentThe StorageIO Group Information Technology Analysts and Consultants Three Ways to Ensure Trouble-free Remote Backups Copyright 2006 StorageIO All Rights Reserved. 12/8/2006 Page 5 of 7 www.storageio.com P.O. Box 2026 Stillwater, MN 55082 651-275-1563 firstname.lastname@example.org technology enabler however needs to be paired with some other technology, for example remote backup, or centralized NAS, or some combination of different techniques. This method makes sense in the following circumstances: " Some amount of data needs to be kept local at the remote site yet accessed from a central or peer location elsewhere on your network " Improve data movement including bandwidth and latency over wide area networks to complement remote backup software capabilities " Access of centralized data from remote locations in a timely manner Look for a WAFS, WADS, WADM or WAAS solution that integrates with your existing network, server and application environment for security, transparency and ease of management. In addition, look for solutions that address your particular pain point for example bandwidth acceleration, latency improvement, and application optimization (HTTP, HTML, NFS, CIFS, FTP among others). Technology Remote Backup WAFS NAS Replication Category Remote or distributed backup over network Remote access of centralized data Peer based processing for availability Characteristics Backup to disk or tape over a network in a WAN friendly manner Optimize data movement including bandwidth, or latency over distance Move data to secondary location for restart and rapid recovery Other Buzzwords Removable media (disk, tape), MSP, distributed network backup WAFS, WADM, WAAS, caching, deduplication, bandwidth acceleration NAS replication, snapshots, cdp, mirroring, pit copy Benefits Low cost, fast restoration from comprehensive backup of all critical data files on servers Shifts backup function from remote site to central location Transparency to applications in the event of a NAS or site failure, scalability Caveats Reliance on local personnel or software agents, lack of adequate network bandwidth WAFS needs to be pared with some other technology such as remote backup software NAS required at two locations along with adequate network bandwidth Look for Automation, network friendly, ease of use and management including fast file restore Many different variations and functionality by WAFS solutions Server replication across sites for shortest possible recovery time. Table-1: Remote office branch office (ROBO) backup options Is a Managed Service Provider Right for You? Backup as a service via managed service providers (MSP) is another growing trend with the market sweet spot being mid-sized distributed enterprises with ROBOs, SMB (and even SOHO moving forward). In fact the direct real threat to removable media (disk, tape, optical) is and will be backup as a service done in house, using an external service provider or some combination of technologies. Outsourcing backup makes good sense for smaller business that only have one location as you do not need another location to back up to, or do not have the manpower required to manage data at the second location. This is important because current best practices often involve backup to disk, then creating a 2nd Untitled DocumentThe StorageIO Group Information Technology Analysts and Consultants Three Ways to Ensure Trouble-free Remote Backups Copyright 2006 StorageIO All Rights Reserved. 12/8/2006 Page 6 of 7 www.storageio.com P.O. Box 2026 Stillwater, MN 55082 651-275-1563 email@example.com copy on tape. When leveraging a MSP as part of your backup and data protection strategy, keep in mind the amount of data that needs to be backed up and the available network bandwidth to ensure that data is protected on a timely basis. Depending on your needs, a multi-tier backup could involve disk to disk for local fast recovery and an off-site copy for DR and BC purposes to another media. Bare Metal Restore Depending upon your data protection objectives, you may need to leverage a desktop backup solution that enables complete protection of operating system, application and configuration information to facilitate bare metal restore. Simply relying on users to save key data files to a server or shared file system that is being regularly backed does not guarantee a complete backup. For example if users forget or neglect to save critical files to file servers, key data may be missed and not backed-up. Similarly if you are using a desktop based backup product that only looks at certain folders or directories, for example My Documents on a Windows environment you may not be protecting data stored elsewhere on that system. Look for backup products that are flexible and extensible to enable you to tailor the technology to meet your specific needs and requirements on an application, server or even desktop basis. For example, to reduce costs, longer RTO and RPO can be combined with backup to local tape or available disk storage and irregular backups requiring complete system restoration, recovery or reconstruction and restart. Distributed backup technology can be leveraged to perform regular comprehensive backups for more timely RTO and RPO requirements. For environments that can not tolerate applications distortion or loss of data, in other words, RTO and RPO of zero or near zero, NAS with replication can provide transparent failover. Table-1 outlines various approaches to backing up and protecting ROBO data including benefits and caveats of the different techniques. Recommendations and Best Practices Best practices and recommendations for backing up data in ROBO environments include: 1. Seek out solutions designed specifically for distributed and ROBO environments. These will provide the simplest, most efficient operation. 2. Leverage LAN and WAN-friendly optimized solutions for safe and secure data movement 3. Implement multiple tiers of protection to address various RTO and RPO needs 4. Replicate entire filers including operating systems and meta data for failover 5. Solutions should scale in terms of performance, flexibility and reliability 6. NAS systems should support large files systems to protect multiple generations of files 7. Consider a managed service provider (MSP) to out-source your backups to 8. Look for ease of use including rapid restoration and informative reporting tools 9. Focus on complete and comprehensive data protection to enable timely restoration (support of servers, desktops and laptops and all necessary operating systems) 10. Pair WAFS with other technologies for example distributed backup for timely data protection The Future Even with faster networks, faster backup devices, compaction, compression, global single instancing, differencing, de-duplication and other buzz terms and technologies, there will still be challenges with getting data backed up in a timely manner to achieve complete and comprehensive data protection. Some current and future trends include continued shift to using magnetic hard disk drives as a target for local and remote backup with less dependence upon tape and other removable media. Untitled DocumentThe StorageIO Group Information Technology Analysts and Consultants Three Ways to Ensure Trouble-free Remote Backups Copyright 2006 StorageIO All Rights Reserved. 12/8/2006 Page 7 of 7 www.storageio.com P.O. Box 2026 Stillwater, MN 55082 651-275-1563 firstname.lastname@example.org This is not to say that tape is going away, however tape continues to shift to being used for what it is well suited for and that is for storing data for periods of time vs. frequent re-use. Another trend that ties into the previous one is the continued use of NAS as a target or staging area to support disk to disk (D2D) based backups locally and over distance. Remote backup is no longer out of reach for most environments due to improvements in network bandwidth, availability and pricing coupled with software optimized to support remote and distributed backup. Asigra Remote Backup Solution With over 18 years of experience and technology development, Asigra Televaulting is optimized to support the unique needs of distributed SMB, SME, ROBO and MSP environments. Industry leading features of Asigra include: integrated agent-less software and continuous data protection (CDP) including support for Email and other applications, bare metal restore capabilities, AES 256 in-flight and at-rest data encryption, wide area network friendly to optimize network bandwidth using compression and file differencing. When choosing solutions for disk to disk based backup, look for technologies like Asigra Televaulting that are agent-less to remove complexity and simply your management of clients. Also, look for solutions that are designed to scale from a performance, reliability and capacity capability. For example, to support consolidation of backup data from multiple remote locations, a backup solution should be able to ease management and include robust performance. As important as it is to get a good price on your up front investment, your recurring costs can add up to significant dollars so take a look at how technologies are priced for recurring licensing and maintenance fees. For example, will you be paying based on the total physical capacity, the usable or the compressed storage capacity under management vs. paying by how many licenses you have installed? Unless your environment consist of one operating system, look for multi-platform and desktop support including Windows, Linux, Apple Mac, Unix and others along with bare metal recovery support. Data protection management (DPM) capabilities provided by Asigra center around service oriented architecture (SOA) for backup service providers and corporations requiring greater accountability and awareness of backup processes and effectiveness. Conclusion Data from remote sites can be efficiently backed up and made accessible in a timely manner to meet various RTO and RPO requirements using a couple of different techniques. Backup of local and remote data needs to be comprehensive to ensure a complete and transparent restoration, recovery and restart of applications. Headaches associated with remote data protection can be alleviated using techniques such as agent-less remote backup, NAS replication and complemented by enabling technologies like WAFS or managed service providers to off-load backups and enable ROBO environments to address their data protection requirements. About the author: Greg Schulz is founder and Sr. Analyst of the StorageIO group as well as the author of the book Resilient Storage Networks - Designing Flexible Scalable Data Infrastructures (Elsevier). All trademarks are the property of their respective companies and owners. The StorageIO group makes no expressed or implied warranties in this document relating to the use or operation of the products and techniques described herein. The StorageIO group in no event shall be liable for any indirect, inconsequential, special, incidental or other damages arising out of or associated with any aspect of this document, its use, reliance upon the information, recommendations, or inadvertent errors contained herein. Information and recommendations made by the StorageIO group are based upon public information believed to be accurate, reliable, and subject to change.