News
1/31/2011
12:19 PM
George Crump
George Crump
Commentary
50%
50%

Backup Deduplication 2.0 Needs Better RAID

As we wrap up our series on what is needed in the next generation of backup deduplication devices, one of the key needs is going to be a better drive protection capability. Today most deduplication systems leverage RAID to provide that drive protection, however as capacities increase, RAID rebuild times are going to get worse. Vendors need to provide a better solution.

As we wrap up our series on what is needed in the next generation of backup deduplication devices, one of the key needs is going to be a better drive protection capability. Today most deduplication systems leverage RAID to provide that drive protection, however as capacities increase, RAID rebuild times are going to get worse. Vendors need to provide a better solution.The first part of the problem is that disk backup systems are always going to be one of the first storage platforms in a data center to adopt larger drive capacities so they can continue to narrow the price gap between disk and tape. As these capacities increase so does the time it takes for RAID rebuilds to complete if a drive fails. With RAID 5 this means a longer period of time that your backups are exposed to complete failure. With RAID 6 while you can sustain a second failure without data loss overall backup and recovery performance is still impacted. Of course the longer the rebuild time the greater the chance that there could actually be a second drive failure.

You may ask yourself "why does a total data loss matter?". Fair question, this is after all backup data. First most backup administrators, armed with disk backup, now count on not having to perform as many full backups, instead running higher numbers of incremental, differentials or synthetic full daily backups. The full backup window may now be designed to happen once a quarter. The time saved by eliminating the weekly full backup has probably been absorbed by some other process. Total data loss is especially costly on backup deduplication systems since its efficiency depends on previous generations of files. A total failure means that the entire deduplication process would essentially need to start all over again.

Until drive manufacturers make drives that never fail, the key is for backup deduplication systems to get through this rebuild process sooner or to use a different process all together. RAID is RAID and the larger drives get the more work will be involved in the rebuild process. There are ways around this though. First you can throw more storage horsepower at the problem. While your are limited to drive mechanics the faster the parity calculations can be done the better. Another option is to not fail the entire drive but to use intelligence to mark out the bad section of the drive and keep on going.

Another option is to use a different data protection algorithm than RAID. There are erasure coding or Reed-Solomon techniques that may have better rebuild times. These and other techniques understand what blocks on a drive contain data and only does the rebuild for those blocks, again faster. The other option, probably least attractive in the disk backup space is mirroring since, again, it is trying to compete with tape.

A final option may be to actually use smaller, faster drives and then through backup virtualization, leverage tape to keep the size of the front end disk smaller. As we discussed in our recent article "Breaking The Top Four Myths Of Tape vs. Disk Backup" tape is not susceptible to the cost per GB scrutiny that disk is when it is used as part of the backup process. It may sound a little like turning back the clock. This small disk based cached backed by an increasingly reliable tape library or even as a front end to a deduplicated disk backend may be an ideal solution.

Additional Blogs in this Series:

Deduplication 2.0 - Recovery Performance Backup Deduplication 2.0 - Density Backup Deduplication 2.0 - Power Savings Backup Deduplication 2.0 - Integration

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9676
Published: 2015-02-27
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.

CVE-2014-9682
Published: 2015-02-27
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.

CVE-2015-0655
Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

CVE-2015-0884
Published: 2015-02-27
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CVE-2015-0885
Published: 2015-02-27
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.