News
11/26/2008
09:33 AM
George Crump
George Crump
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Solving The DR Testing Problem

It seems like almost every time I see a report on disaster recovery plan (DRP) testing, there are typically 50% of the respondents that either don't test their DR plan or don't test it frequently enough for the plan to be worthwhile. How can we solve this?

It seems like almost every time I see a report on disaster recovery plan (DRP) testing, there are typically 50% of the respondents that either don't test their DR plan or don't test it frequently enough for the plan to be worthwhile. How can we solve this?Most IT professionals will readily admit that they know they should test their DR plans, so it's not a matter of convincing. Most IT professionals are stretched too thin and the day-to-day responsibilities of the job don't allow for time away to adequately test the plan. Finally, on the list of things you can't wait to do today, testing your DR Plan typically lands near the bottom. As is always the case when you're asked to do more with less, it's software that should come to the rescue.

The first step is to make the DR testing process easier to start and complete. Most storage systems today can replicate data to a similar system at a remote site. Some, like NetApp, 3PAR, and Compellent, will allow you to leverage writeable snapshots in those DR locations. When the time comes to test the DR readiness, a snapshot of the storage at the replicated site can be taken, and that snapshot can then be mounted to a series of test servers so the tests can begin almost instantly. All the while real replication continues, ensuring the DR site is kept up to date in case a real disaster occurs during testing.

Server virtualization has a role to play as well. Server virtualization lowers the hard costs associated with equipping the DR site and makes it easier to spin up additional servers during the DR function. Products like VMware SRM take this a step further by automating the failover process and reserving resource allocation at the DR site.

Finally, companies like Continuity Software provide real-time auditing of the validity of your DR Infrastructure including storage, databases, servers, and replication configurations. It can warn you of replication inconsistencies, mixed storage types or RAID levels, etc.

An out-of-date DR plan is like having no DR plan at all. Leveraging tools to make sure the right data is being replicated and leveraging systems that speed up the DR testing process are critical components in making sure your DR plan will actually work when you need it.

Join us for our upcoming Webcast on Improving IT Efficiency.

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7392
Published: 2014-07-22
Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.

CVE-2014-2385
Published: 2014-07-22
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter t...

CVE-2014-3518
Published: 2014-07-22
jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote attackers to exec...

CVE-2014-3530
Published: 2014-07-22
The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method in PicketLink, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 5.2.0 and 6.2.4, expands entity references, which allows remote attackers to read arbitrary code and possibly have other unspecified impact via...

CVE-2014-4326
Published: 2014-07-22
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.