News
2/13/2009
12:04 PM
George Crump
George Crump
Commentary
Connect Directly
RSS
E-Mail
50%
50%

The Problem With Snapshots

Storage solutions have come a long way, but there are areas that need improvement. The next two entries I am going to focus on two of those areas; snapshots and high availability. This entry we will pick on snapshots.

Storage solutions have come a long way, but there are areas that need improvement. The next two entries I am going to focus on two of those areas; snapshots and high availability. This entry we will pick on snapshots.Snapshots sound like the 'be all and end all' for covering yourself from some sort of data disaster but it is an overused term and sometimes can mean different things to different suppliers. For our purposes the file or volume being 'snapped' is comprised of blocks of data. These blocks are organized by an index of pointers or links to the actual blocks on disk. When an application requests data it does not try to find the blocks itself, it is routed to the index for the location. When a snapshot is "taken" you are actually only copying this primary index. This is very small and takes less than a few seconds, if that, to complete. The blocks that are referenced by the snapshot are then put into a read-only mode and can't be changed or deleted.

Typically upon the initial snapshot almost no additional storage is consumed. As the volume is written after the snapshot, new blocks representing those changes are written to the original file or volume and the older blocks that are still under the lock of the snapshot are written to a new area of disk. This is also where data growth begins. The snapshot is not updated and still references the static read-only blocks, allowing you to view that data at a point in time.

OK here is where it get's interesting. Snapshots typically have to reside on the same storage as the original data. That means that if you are using expensive 15k RPM drives for the actual data you are also using expensive 15k RPM drives to store what amounts to a backup of that data. This creates a cost imbalance.

Also in a real world data center there is not just one storage system or SAN, there are multiple. Each one of these require a different snapshot interface with a different set of snapshot scripts, all of which decreases IT efficiency.

Probably most important these snapshots are totally dependent on the primary storage not failing. If you have a corruption on your primary volume, it is destroyed and all your snapshots are destroyed with it.

Finally with many storage systems each successive snapshot you take may take a performance hit on the system. This limits the number of snapshots you can have and lowers your granularity of recovery.

There are solutions. You can leverage a independent virtualization appliance like DataCore's SANsymphony that will bring all your storage under one storage software umbrella or you can use products from companies like InMage and SyncSort that move the snapshot data off of the primary storage platform and onto a secondary storage device as we discussed in our recent article on Driving a Backup ROI.

For more information register for our upcoming presentation on "The State of Backup", getting more from your backup process.

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3352
Published: 2014-08-30
Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh...

CVE-2014-3908
Published: 2014-08-30
The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2010-5110
Published: 2014-08-29
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

CVE-2012-1503
Published: 2014-08-29
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.

CVE-2013-5467
Published: 2014-08-29
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM)...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.