News
4/29/2009
09:24 AM
George Crump
George Crump
Commentary
50%
50%

Application Aware Storage and Protection

In storage, its easy to forget that it is all about the application, especially when it comes to protection and more importantly recovery of that application. There is a wide variety of storage data protection from basic RAID to snapshots. There is an even wider variety of data protection software that provides multiple levels of protection, but between the two there is only rudimentary understanding of the application.

In storage, its easy to forget that it is all about the application, especially when it comes to protection and more importantly recovery of that application. There is a wide variety of storage data protection from basic RAID to snapshots. There is an even wider variety of data protection software that provides multiple levels of protection, but between the two there is only rudimentary understanding of the application.Companies like NetApp, SyncSort and AppAssure are all now offering solutions that have a more intimate, application aware understanding of specific applications that are critical to the enterprise; Exchange being the most common, but some are including support for SQL and SharePoint as well.

Application aware data protection and/or storage moves well beyond the capability of knowing how to quiesce the application so that the changes of a consistent copy of the environment is made. Protection of applications like Exchange, SQL and Oracle are almost useless when the last known good copy is last nights backup. The replay of transaction logs alone, if they survived the data failure, could take a very long time, let alone how long the base restore would take.

A more granular approach that either thins out the amount of data moved, as is the case with block level incremental (BLI) backups or utilizes on-board snapshots is preferable here, so the frequent capture of the data can be made. If an Exchange environment can be protected every 15 minutes with minimal data movement, the work to reapply transaction logs will be minimal. With these techniques, snapshots or BLI data growth is minimal.

As we discuss in an earlier entry "The Problem with Snapshots", the advantage of the off-primary storage solutions, i.e. not snapshots, is that if there is a failure on your primary storage, your protected copy does not fail along with it. In many cases these off-primary solutions can even allow you to start operating immediately off the protected copy while you rebuild and recover the fallen host or storage. The ability to recover in place, without having to move data in these key applications becomes more critical as capacities increase and recovery windows decrease.

Going further these solutions need to understand what application they are protecting at a very granular level; messages within Exchange or objects within SQL or Sharepoint. For example you should be able to use one of these tools on Exchange to mount the backup image of the environment for the ability to search for the data needed and instantly restore mailboxes or individual messages directly from the snapshot or disk backup that the tool created.

They should also provide the ability to quickly determine if the backup set itself is valid by doing some sort of corruption detection. We've all seen the studies indicating that almost 50% of recovery attempts initially fail. The wrong time to learn that your backup copy of your Exchange environment is corrupt is when you attempt to recover it. Having that knowledge prior to you actually needing that backup copy can allow you to either take another backup, again with these tools there is little impact, or at least you know not to waste time recovering bad data.

Optimal performance of these mission critical applications is always going to grab headlines but when the server is down, the storage has failed or a user's mailbox is corrupted, all the talk of optimal is quickly traded for "just get me back to work at any speed".

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3971
Published: 2014-12-25
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

CVE-2014-7193
Published: 2014-12-25
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site ...

CVE-2004-2771
Published: 2014-12-24
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

CVE-2014-3569
Published: 2014-12-24
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshak...

CVE-2014-4322
Published: 2014-12-24
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or c...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.