Protecting Data in the Virtual World
Snapshots vs Backups
And why do I even need it?
If my data is already on virtualized machines, and in the cloud, and backed by the latest and greatest in Storage Technology, do I even need to worry about data protection anymore?
The simple answer is absolutely. The need for data protection is as critical now as it ever was before. With more and more companies relaying on mission critical data, the need to protect against data loss is as high as ever. There are alarming statistics from the Chubb Group, that 50% of businesses that suffer a natural or man made disaster, 80% that suffer a major incident, and 70% that suffer major data loss, go out of business within 18 months.
Your mission critical infrastructure is hosted in a datacenter, so you’ve taken major steps to mitigate both natural and man made disasters. That same infrastructure is in Highly Available hypervisor clusters running on the latest blades, and backed by 10 gig storage speeds on the highest performance/reliable SAS drives, and running RAID-6. So once again more steps in curbing a physical breakdown of equipment. However, unfortunately, no latest and greatest in Enterprise Hardware, Datacenters, Cloud Computing or Virtualization can save you from a dreaded Layer 8 issue. Nothing is going to protect you from the admin misconfiguring a server, the bad application or server update, malicious file deletion, file overwrites, or any of the other end user disasters potentially awaiting your data.
My data is all hosted in the cloud, so I’m already protected from data loss by my service provider. Right?
Maybe. You’ll need to check your SLAs and Matrix of Responsibility with your individual service providers. Some providers may keep 14 days of nightly (12 am) SAN snapshots, and 24 hourly snapshots through the current day. Some providers may only keep 2 nights of nightly (12 am) SAN snapshots, and some providers might not keep any snapshots. It really depends, and you will want to get with your service provider to understand the tier of storage you are paying for, what would be the cost for keeping snapshots, and rebuilding a VM from a snapshot if ever needed.
Keep in mind, that how a snapshots works, is that the storage system literally takes a snapshot of those configuration files, in that point of time. Reverting to a snapshot, is rolling back your server or machine to that point in time. Any changes made or data created from the snapshot and when the disaster happened, would have to be redone.
In the real world, in most cases, you will need to restore: files, folders, emails, Active Directory, Exchange, Applications….etc. You can not afford to have end users take the time to roll back a server to a snapshot to restore overwritten financial spreadsheets. To protect yourself from that scenario you will either setup Shadow Copies (in 2012 it is much improved and worthy of a blog by itself) or installing backup agents. Also, no snapshot or VSS can satisfy your companies HIPAA/PCI or litigation requirements for off site backup retention and storage.
How do I know what strategy to use? Is one better than the other?
Both strategies satisfy different needs, and in many cases you will need a snapshot and backup strategy.
In general, snapshots are perfect for protecting an entire VM or server. If the server or system were ever to become unavailable for any reason, you would be able to recover that snapshot back and have your system back up and running. This is a perfect use for development labs, or to snapshot before making major changes. Contact your service provider and request a manual snapshot to safe guard yourself against the Oopsies. In many cases, your new cloud front ends will also have an option to manually snapshot, which is as tough as right clicking and selecting create snapshot.
Snapshots are also a great solution for Replication and Site Recoveries. (which are awesome and I’m fighting every fiber of me being to not go way off topic talking about them. This will definitely be covered in a future blog.)
So, the reverse would be true regarding backups. They are used to protect your core data; your files, folders, Active Directory, emails, Exchange, databases, applications, and so on. Recovery is as easy as clicking the files you want restored, and directing them to that directory. Backup and restore would no longer become a task that would soak up valuable Network Administration time.
Depending on your retention policy, a backup solution could be a much cheaper way to protect data than relying on snapshots. Due to all sorts of backup technologies like; deduplication, compression, and incremental backups, the space on disk could be much smaller, thus saving money. Lastly here, an offsite backup solution will satisfy your much needed HIPAA and PCI requirements.
So in summary, it is more important than ever to backup data and machines. With today's multitude of options and prices, it is easier and more affordable to protect data than ever before. What are end user’s and admins time worth, when considering how much effort to protect, or to redo lost documents. Nobody wants to be that guy that loses data. Lose the wrong persons lab machine or excel document, and that could be an RGE. (resume generating event.)
Hey, I just read through this entire thing, and I’m not a virtualized environment. In fact, my end user’s data is sitting on a server in a coat closet. Am I out of luck? What even applies to me?
Everything above, applies. In today’s SOHO, or small/medium business, end users are required to be so hyper-productive, that losing data could be even worse for them, than a fortune 500 company. Whether you are protecting 900 megabytes of excel files, or half a petabyte of Oracle Databases, that data is just as valuable to the end user.
But yes, you are totally out of luck. Nobody wants to backup a USB flash drive full of office documents, when there are Petabytes of Database backup to potentially go after, man!
OK, no, not really. Like I said above, your data is just as priceless to you as a Fortune 500 Enterprise, as the federal government, and like geeks like us. You can have access to all the same great features as anybody else. 1-Touch backup, deduplication/compression, retention schedules, backup schedules, easy recovery….all available to any CIO/MSP/Network Admin. Just contact a solution/service provider to talk about your needs, and get a demo setup.
OK about that server running in the coat closet. Today’s tools make it easier than ever to virtualize a machine and get it in the cloud. If you are looking to improve the IT experience for end users, then give a service provider a call.