Risk
11/5/2012
02:06 PM
George Crump
George Crump
Commentary
50%
50%

Consolidation At The Disk Backup Appliance

With a few enhancements, such as tape support and improved reporting capabilities, backup appliances could become the perfect solution for consolidating data protection.

I spoke at several sessions at SNW Europe last week, and one session was about next-generation data protection. Attendees asked an interesting question, which ties into my last column on challenges with backup software consolidation: How do we consolidate the data protection process?

Most agree they can't get data protection done with one backup application. It may turn out that the most viable option is for consolidation to occur at the backup appliance.

As discussed in my last column, there are three basic ways to consolidate data protection. First, you can centralize on a single enterprise backup application, which might not give the best protection possible for every application but provides a single point of backup management. Second, you can purchase a management application that provides management and monitoring of multiple backup applications. Third, you can have multiple applications back up to a single device. In this column, I'll discuss the idea of consolidating backups to a single appliance.

[ Patchwork backup systems are all too common in many enterprises, making data protection more expensive and time-consuming than it should be. Read more at One Backup App For Enterprise: Not Here Yet. ]

Most backup appliances today are disk-focused systems. Historically, the value of these systems has been to provide deduplication and drive down the cost of disk-based backup, striving to offer parity with tape. They also allowed multiple backup applications to write to them at the same time. Now they are expanding their value by including integration to specific backup applications.

This gives the backup application greater control over the disk backup appliance. For example, the backup application can control the deduplication appliance's replication function. This allows it to trigger which backup jobs are replicated to the remote site and when they are triggered. In some cases it can also pre-seed the indexes at the DR site so that a preconfigured backup server is instantly ready to begin restoring data.

Another valuable feature is the ability to distribute the deduplication function, as discussed in my recent article, Beyond The Backup Window. This allows the backup application to perform a pre-flight check of data before sending it over the network to the disk backup appliance. In most cases, the backup application does a lightweight redundancy check prior to sending the data. Essentially it eliminates the obvious duplicates and lets the disk appliance do the lower-level redundancy check. This makes the backup server work a little harder but lightens the load on the network and on the disk backup appliance.

An increasing number of enterprise backup applications and product-specific backup products support these capabilities. This allows them to leverage the technology that disk backup appliances already have so they can focus their development resources elsewhere. For the data center, it means that the disk backup appliance can become the consolidation point, allowing each group to select its own backup application.

An important step for these disk backup appliances is to support tape. This would allow the disk backup appliance to directly move data to tape for offsite vaulting. While this may seem like an odd move for disk backup appliance vendors who have lived by the "tape is dead" mantra, it is actually the more pragmatic strategy. As I discussed in a recent blog post, large enterprises have continued to use tape alongside disk, while smaller data centers are returning to tape in order to curtail the growth of their disk backup appliances. I discussed this concept some time ago in my article, Backup Virtualization, and now we are seeing tape support become a common item on the disk backup appliance vendor's roadmap.

The final key step is for disk backup appliances to improve their reporting capabilities, reaching out to backup applications in order to correlate what the appliance has stored and what the backup application says it sent. It could then present a single "success/fail" report for the enterprise. While some disk backup appliances have basic reporting now, most need significant improvement.

If backup appliance vendors embrace these concepts, they could end up developing the backup consolidation solution so many users are looking for.

Faster networks are coming, but security and monitoring systems aren't necessarily keeping up. Also in the new, all-digital Data Security At Full Speed special issue of InformationWeek: A look at what lawmakers around the world are doing to add to companies' security worries. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
edahl@tsi
50%
50%
edahl@tsi,
User Rank: Apprentice
11/6/2012 | 2:40:20 PM
re: Consolidation At The Disk Backup Appliance
This is an issue that we constantly run into in pretty much every customer we talk with. The sprawl in the datacenter is becoming more of an issue to the staff that is required to manage the companies backup and DR needs. To many different systems and multiple data storage needs makes it an extremely difficult task.
Backup Virtualization is a means to make that task much easier. Most appliances on the market today provide disk or deduplication support, but have dismissed tape because of the fantasy of unreliability. LTO tape is one of the most reliable and cost efficient technologies on the market. If you put all your eggs in one basket, it better be one heck of a basket.
When you buy clothes, you would never consider one size fits all, so why do we do that with our data storage, backup and DR needs?
Data has different characteristics and needs based on the different applications and compliance requirements.
Ask companies like Google and Amazon about backup and DR. They have some of the largest mirrored disk environments in the world and will tell you that 7 to 14% of their disk drives fail each year. That doesn't mean they stop using them, but they blend technologies with them, like tape, to provide a broader solution that provides the best of all worlds.
With Backup Virtualization solutions, a company by individual data policies, can store the data on the technology that best suits it and inherent in the solution is the ability to have multiple copies in different places on different technologies to provide much needed redundancy.
I totally agree with George, that blending the best of all technologies in a backup virtualization technology is the best thing companies companies can look into for their backup virtualization needs. www.tributary.com.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2037
Published: 2014-11-26
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466.

CVE-2014-6609
Published: 2014-11-26
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

CVE-2014-6610
Published: 2014-11-26
Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dia...

CVE-2014-7141
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

CVE-2014-7142
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?