News
11/26/2008
09:33 AM
George Crump
George Crump
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Solving The DR Testing Problem

It seems like almost every time I see a report on disaster recovery plan (DRP) testing, there are typically 50% of the respondents that either don't test their DR plan or don't test it frequently enough for the plan to be worthwhile. How can we solve this?

It seems like almost every time I see a report on disaster recovery plan (DRP) testing, there are typically 50% of the respondents that either don't test their DR plan or don't test it frequently enough for the plan to be worthwhile. How can we solve this?Most IT professionals will readily admit that they know they should test their DR plans, so it's not a matter of convincing. Most IT professionals are stretched too thin and the day-to-day responsibilities of the job don't allow for time away to adequately test the plan. Finally, on the list of things you can't wait to do today, testing your DR Plan typically lands near the bottom. As is always the case when you're asked to do more with less, it's software that should come to the rescue.

The first step is to make the DR testing process easier to start and complete. Most storage systems today can replicate data to a similar system at a remote site. Some, like NetApp, 3PAR, and Compellent, will allow you to leverage writeable snapshots in those DR locations. When the time comes to test the DR readiness, a snapshot of the storage at the replicated site can be taken, and that snapshot can then be mounted to a series of test servers so the tests can begin almost instantly. All the while real replication continues, ensuring the DR site is kept up to date in case a real disaster occurs during testing.

Server virtualization has a role to play as well. Server virtualization lowers the hard costs associated with equipping the DR site and makes it easier to spin up additional servers during the DR function. Products like VMware SRM take this a step further by automating the failover process and reserving resource allocation at the DR site.

Finally, companies like Continuity Software provide real-time auditing of the validity of your DR Infrastructure including storage, databases, servers, and replication configurations. It can warn you of replication inconsistencies, mixed storage types or RAID levels, etc.

An out-of-date DR plan is like having no DR plan at all. Leveraging tools to make sure the right data is being replicated and leveraging systems that speed up the DR testing process are critical components in making sure your DR plan will actually work when you need it.

Join us for our upcoming Webcast on Improving IT Efficiency.

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0607
Published: 2014-07-24
Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.

CVE-2014-1419
Published: 2014-07-24
Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

CVE-2014-2360
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage.

CVE-2014-2361
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

CVE-2014-2362
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by predicting the time of project creation.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.