Risk
11/5/2012
02:06 PM
George Crump
George Crump
Commentary
50%
50%

Consolidation At The Disk Backup Appliance

With a few enhancements, such as tape support and improved reporting capabilities, backup appliances could become the perfect solution for consolidating data protection.

I spoke at several sessions at SNW Europe last week, and one session was about next-generation data protection. Attendees asked an interesting question, which ties into my last column on challenges with backup software consolidation: How do we consolidate the data protection process?

Most agree they can't get data protection done with one backup application. It may turn out that the most viable option is for consolidation to occur at the backup appliance.

As discussed in my last column, there are three basic ways to consolidate data protection. First, you can centralize on a single enterprise backup application, which might not give the best protection possible for every application but provides a single point of backup management. Second, you can purchase a management application that provides management and monitoring of multiple backup applications. Third, you can have multiple applications back up to a single device. In this column, I'll discuss the idea of consolidating backups to a single appliance.

[ Patchwork backup systems are all too common in many enterprises, making data protection more expensive and time-consuming than it should be. Read more at One Backup App For Enterprise: Not Here Yet. ]

Most backup appliances today are disk-focused systems. Historically, the value of these systems has been to provide deduplication and drive down the cost of disk-based backup, striving to offer parity with tape. They also allowed multiple backup applications to write to them at the same time. Now they are expanding their value by including integration to specific backup applications.

This gives the backup application greater control over the disk backup appliance. For example, the backup application can control the deduplication appliance's replication function. This allows it to trigger which backup jobs are replicated to the remote site and when they are triggered. In some cases it can also pre-seed the indexes at the DR site so that a preconfigured backup server is instantly ready to begin restoring data.

Another valuable feature is the ability to distribute the deduplication function, as discussed in my recent article, Beyond The Backup Window. This allows the backup application to perform a pre-flight check of data before sending it over the network to the disk backup appliance. In most cases, the backup application does a lightweight redundancy check prior to sending the data. Essentially it eliminates the obvious duplicates and lets the disk appliance do the lower-level redundancy check. This makes the backup server work a little harder but lightens the load on the network and on the disk backup appliance.

An increasing number of enterprise backup applications and product-specific backup products support these capabilities. This allows them to leverage the technology that disk backup appliances already have so they can focus their development resources elsewhere. For the data center, it means that the disk backup appliance can become the consolidation point, allowing each group to select its own backup application.

An important step for these disk backup appliances is to support tape. This would allow the disk backup appliance to directly move data to tape for offsite vaulting. While this may seem like an odd move for disk backup appliance vendors who have lived by the "tape is dead" mantra, it is actually the more pragmatic strategy. As I discussed in a recent blog post, large enterprises have continued to use tape alongside disk, while smaller data centers are returning to tape in order to curtail the growth of their disk backup appliances. I discussed this concept some time ago in my article, Backup Virtualization, and now we are seeing tape support become a common item on the disk backup appliance vendor's roadmap.

The final key step is for disk backup appliances to improve their reporting capabilities, reaching out to backup applications in order to correlate what the appliance has stored and what the backup application says it sent. It could then present a single "success/fail" report for the enterprise. While some disk backup appliances have basic reporting now, most need significant improvement.

If backup appliance vendors embrace these concepts, they could end up developing the backup consolidation solution so many users are looking for.

Faster networks are coming, but security and monitoring systems aren't necessarily keeping up. Also in the new, all-digital Data Security At Full Speed special issue of InformationWeek: A look at what lawmakers around the world are doing to add to companies' security worries. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
edahl@tsi
50%
50%
edahl@tsi,
User Rank: Apprentice
11/6/2012 | 2:40:20 PM
re: Consolidation At The Disk Backup Appliance
This is an issue that we constantly run into in pretty much every customer we talk with. The sprawl in the datacenter is becoming more of an issue to the staff that is required to manage the companies backup and DR needs. To many different systems and multiple data storage needs makes it an extremely difficult task.
Backup Virtualization is a means to make that task much easier. Most appliances on the market today provide disk or deduplication support, but have dismissed tape because of the fantasy of unreliability. LTO tape is one of the most reliable and cost efficient technologies on the market. If you put all your eggs in one basket, it better be one heck of a basket.
When you buy clothes, you would never consider one size fits all, so why do we do that with our data storage, backup and DR needs?
Data has different characteristics and needs based on the different applications and compliance requirements.
Ask companies like Google and Amazon about backup and DR. They have some of the largest mirrored disk environments in the world and will tell you that 7 to 14% of their disk drives fail each year. That doesn't mean they stop using them, but they blend technologies with them, like tape, to provide a broader solution that provides the best of all worlds.
With Backup Virtualization solutions, a company by individual data policies, can store the data on the technology that best suits it and inherent in the solution is the ability to have multiple copies in different places on different technologies to provide much needed redundancy.
I totally agree with George, that blending the best of all technologies in a backup virtualization technology is the best thing companies companies can look into for their backup virtualization needs. www.tributary.com.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.