News
11/26/2008
09:33 AM
George Crump
George Crump
Commentary
50%
50%

Solving The DR Testing Problem

It seems like almost every time I see a report on disaster recovery plan (DRP) testing, there are typically 50% of the respondents that either don't test their DR plan or don't test it frequently enough for the plan to be worthwhile. How can we solve this?

It seems like almost every time I see a report on disaster recovery plan (DRP) testing, there are typically 50% of the respondents that either don't test their DR plan or don't test it frequently enough for the plan to be worthwhile. How can we solve this?Most IT professionals will readily admit that they know they should test their DR plans, so it's not a matter of convincing. Most IT professionals are stretched too thin and the day-to-day responsibilities of the job don't allow for time away to adequately test the plan. Finally, on the list of things you can't wait to do today, testing your DR Plan typically lands near the bottom. As is always the case when you're asked to do more with less, it's software that should come to the rescue.

The first step is to make the DR testing process easier to start and complete. Most storage systems today can replicate data to a similar system at a remote site. Some, like NetApp, 3PAR, and Compellent, will allow you to leverage writeable snapshots in those DR locations. When the time comes to test the DR readiness, a snapshot of the storage at the replicated site can be taken, and that snapshot can then be mounted to a series of test servers so the tests can begin almost instantly. All the while real replication continues, ensuring the DR site is kept up to date in case a real disaster occurs during testing.

Server virtualization has a role to play as well. Server virtualization lowers the hard costs associated with equipping the DR site and makes it easier to spin up additional servers during the DR function. Products like VMware SRM take this a step further by automating the failover process and reserving resource allocation at the DR site.

Finally, companies like Continuity Software provide real-time auditing of the validity of your DR Infrastructure including storage, databases, servers, and replication configurations. It can warn you of replication inconsistencies, mixed storage types or RAID levels, etc.

An out-of-date DR plan is like having no DR plan at all. Leveraging tools to make sure the right data is being replicated and leveraging systems that speed up the DR testing process are critical components in making sure your DR plan will actually work when you need it.

Join us for our upcoming Webcast on Improving IT Efficiency.

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-3308
Published: 2015-09-02
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.

CVE-2015-4330
Published: 2015-09-02
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556.

CVE-2015-6274
Published: 2015-09-02
The IPv4 implementation on Cisco ASR 1000 devices with software 15.5(3)S allows remote attackers to cause a denial of service (ESP QFP CPU consumption) by triggering packet fragmentation and reassembly, aka Bug ID CSCuv71273.

CVE-2015-6277
Published: 2015-09-02
The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote...

CVE-2015-6587
Published: 2015-09-02
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.