02:06 PM
George Crump
George Crump

Consolidation At The Disk Backup Appliance

With a few enhancements, such as tape support and improved reporting capabilities, backup appliances could become the perfect solution for consolidating data protection.

I spoke at several sessions at SNW Europe last week, and one session was about next-generation data protection. Attendees asked an interesting question, which ties into my last column on challenges with backup software consolidation: How do we consolidate the data protection process?

Most agree they can't get data protection done with one backup application. It may turn out that the most viable option is for consolidation to occur at the backup appliance.

As discussed in my last column, there are three basic ways to consolidate data protection. First, you can centralize on a single enterprise backup application, which might not give the best protection possible for every application but provides a single point of backup management. Second, you can purchase a management application that provides management and monitoring of multiple backup applications. Third, you can have multiple applications back up to a single device. In this column, I'll discuss the idea of consolidating backups to a single appliance.

[ Patchwork backup systems are all too common in many enterprises, making data protection more expensive and time-consuming than it should be. Read more at One Backup App For Enterprise: Not Here Yet. ]

Most backup appliances today are disk-focused systems. Historically, the value of these systems has been to provide deduplication and drive down the cost of disk-based backup, striving to offer parity with tape. They also allowed multiple backup applications to write to them at the same time. Now they are expanding their value by including integration to specific backup applications.

This gives the backup application greater control over the disk backup appliance. For example, the backup application can control the deduplication appliance's replication function. This allows it to trigger which backup jobs are replicated to the remote site and when they are triggered. In some cases it can also pre-seed the indexes at the DR site so that a preconfigured backup server is instantly ready to begin restoring data.

Another valuable feature is the ability to distribute the deduplication function, as discussed in my recent article, Beyond The Backup Window. This allows the backup application to perform a pre-flight check of data before sending it over the network to the disk backup appliance. In most cases, the backup application does a lightweight redundancy check prior to sending the data. Essentially it eliminates the obvious duplicates and lets the disk appliance do the lower-level redundancy check. This makes the backup server work a little harder but lightens the load on the network and on the disk backup appliance.

An increasing number of enterprise backup applications and product-specific backup products support these capabilities. This allows them to leverage the technology that disk backup appliances already have so they can focus their development resources elsewhere. For the data center, it means that the disk backup appliance can become the consolidation point, allowing each group to select its own backup application.

An important step for these disk backup appliances is to support tape. This would allow the disk backup appliance to directly move data to tape for offsite vaulting. While this may seem like an odd move for disk backup appliance vendors who have lived by the "tape is dead" mantra, it is actually the more pragmatic strategy. As I discussed in a recent blog post, large enterprises have continued to use tape alongside disk, while smaller data centers are returning to tape in order to curtail the growth of their disk backup appliances. I discussed this concept some time ago in my article, Backup Virtualization, and now we are seeing tape support become a common item on the disk backup appliance vendor's roadmap.

The final key step is for disk backup appliances to improve their reporting capabilities, reaching out to backup applications in order to correlate what the appliance has stored and what the backup application says it sent. It could then present a single "success/fail" report for the enterprise. While some disk backup appliances have basic reporting now, most need significant improvement.

If backup appliance vendors embrace these concepts, they could end up developing the backup consolidation solution so many users are looking for.

Faster networks are coming, but security and monitoring systems aren't necessarily keeping up. Also in the new, all-digital Data Security At Full Speed special issue of InformationWeek: A look at what lawmakers around the world are doing to add to companies' security worries. (Free registration required.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
[email protected],
User Rank: Apprentice
11/6/2012 | 2:40:20 PM
re: Consolidation At The Disk Backup Appliance
This is an issue that we constantly run into in pretty much every customer we talk with. The sprawl in the datacenter is becoming more of an issue to the staff that is required to manage the companies backup and DR needs. To many different systems and multiple data storage needs makes it an extremely difficult task.
Backup Virtualization is a means to make that task much easier. Most appliances on the market today provide disk or deduplication support, but have dismissed tape because of the fantasy of unreliability. LTO tape is one of the most reliable and cost efficient technologies on the market. If you put all your eggs in one basket, it better be one heck of a basket.
When you buy clothes, you would never consider one size fits all, so why do we do that with our data storage, backup and DR needs?
Data has different characteristics and needs based on the different applications and compliance requirements.
Ask companies like Google and Amazon about backup and DR. They have some of the largest mirrored disk environments in the world and will tell you that 7 to 14% of their disk drives fail each year. That doesn't mean they stop using them, but they blend technologies with them, like tape, to provide a broader solution that provides the best of all worlds.
With Backup Virtualization solutions, a company by individual data policies, can store the data on the technology that best suits it and inherent in the solution is the ability to have multiple copies in different places on different technologies to provide much needed redundancy.
I totally agree with George, that blending the best of all technologies in a backup virtualization technology is the best thing companies companies can look into for their backup virtualization needs. www.tributary.com.
8 Ways Hackers Monetize Stolen Data
Steve Zurier, Freelance Writer,  4/17/2018
Securing Social Media: National Safety, Privacy Concerns
Kelly Sheridan, Staff Editor, Dark Reading,  4/19/2018
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Sara Peters, Senior Editor at Dark Reading,  4/19/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.