Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

The realities of continuous data protection.

Business Continuity Expo And Conference : 28 November, 2007  (Technical Article)
Ian Masters of Double-Take Software presents the real issues of implementing continuous data protection and cuts through the hype.
For organisations focused on solving real-world problems, understanding the distinction between the buzz and the benefits of continuous data protection will help them make the best choice to safeguard their electronic assets.
There is some uncertainty in the market over what defines CDP. The Storage Networking Industry Association (SNIA) defines CDP as "a methodology that continuously captures or tracks data modifications and stores changes independent of the primary data, enabling recovery from any point in the past. CDP systems can provide fine granularity of restorable objects to infinitely variable recovery points".

The capabilities described by the SNIA definition of CDP are not trivial. They require a technology solution that stores all data changes as they happen and can arbitrarily return to infinite points in time to recover previous versions of data. This makes true CDP a very expensive proposition for customers. This expense may be difficult to justify when an organisation's data isn't perceived as sufficiently valuable and even where the value is recognised, most can't afford these types of CDP solutions. In this sense, true true-CDP products are a solution to a problem that customers cannot afford to solve.

Companies are instead opting for near-CDP solutions or backup and recovery solutions that integrate CDP-like capabilities. While solutions based on the strictest definitions of CDP may eventually gain momentum in the market as the enabling technology comes down in price, the majority of businesses don't have a Recovery Point Objective (RPO) that requires, and justifies, this type of CDP. There is clearly a need for something that provides better recoverability than tape but is simple and affordable enough to deploy across the enterprise, not just on a few systems.

Another issue affecting take up of CDP is that it has traditionally taken a very narrow approach to business continuity. Solutions have mainly focused on file-level recovery and not application data like that created by Microsoft Exchange Server or Microsoft SQL Server. If the first line of defense in a disaster recovery solution is protecting the data, the second is undoubtedly protecting the application. Providing a real-time copy of the data and availability of the application associated with it, enables a Recovery Time Objective (RTO) significantly better than that provided by solutions like tape backup or CDP. CDP provides no provision for RTO and focuses solely on RPO, which is only half of the customer challenge.

While true-CDP solutions have not gained widespread traction, the promise of CDP, despite its problems, thrives. It does so in the form known as near-CDP. Many traditional backup vendors have differentiated themselves from their competitors by integrating CDP capabilities into existing solutions rather than attacking the concept head-on. These solutions provide many, but not infinite, points of recovery. This satisfies most customers' RPO goals far more readily than relying on retrieval from tape-based solutions by providing snapshot copies of important data for recovery purposes.

Though near-CDP promises to be an easy way to augment the backup solutions that customers use today, it still doesn't account for the complete recovery of a company's business critical systems. To the end-user, recovery isn't complete until they are able to resume their work where they left off. This means not only restoring a previous version of the data but also the operating systems and applications and all the other aspects that are required to give users access to that information. Double-Take Software believes the future of CDP lies in hybrid solutions that incorporate an overall recovery management strategy combining data replication and protection, application availability and point-in-time recovery.
Alternatives exist today that provide this unified approach to recovery. In these solutions, asynchronous file-based replication is combined with application availability and snapshot technologies to fulfill at least the spirit, if not the definition, of CDP. In terms of data protection, real-time replication provides for the continuous capture of changes to protected data and the storage of those changes separate from the production data. If needed, a company can recover to this real-time copy of the data in the event of a major disaster. Because these solutions are typically based on byte-level replication, including features such as compression and bandwidth throttling, they are more efficient at moving data across long distances when compared to the data movement technologies employed by purebred CDP solutions.

For recovery from unwanted changes such as those caused by human error, viruses, or corruption, disk-based snapshot capabilities allow rollback to multiple (albeit not infinite) copies of the protected data. Disk-based snapshots are usually difference-based (copy on write technology) and consume less storage space. Their periodic nature also further reduces storage requirements when compared to keeping infinitely accessible copies of data changes. A combination of data replication and disk-based snapshots ensure that the RPO goals for a company's data can be met.

Where these solutions truly exceed the promise of CDP is their ability to ensure RTO goals as well as RPO goals. By continuously monitoring the availability of the production systems and failing over to a secondary system in the event of an outage, they provide an RTO of minutes rather than hours or days. Most true-CDP solutions today do not provide any high availability for the applications creating the data and instead leave recovery to the IT administrator who is most likely using a complex, manual, time consuming process.

No solution is 'one size fits all'. Each company's business is unique so each business continuity recovery plan will be different. However, the high-level approach to business continuity planning is generally the same. The key to business continuity and recovery planning is to first understand the impact an outage, loss or major disaster would have on your ability to provide a product or service and then pick the right procedures and tools to minimise that impact.
The first recommendation we make is to assess and rank each of the business systems within your organisation and assign the appropriate level of protection to them. Not all systems require the same levels of protection; in fact, some may not need protection at all. Successful plans account for this and are able to restore systems defined as business-critical as rapidly as possible while making the most of limited resources. The challenge for most companies in prioritizing these systems and choosing the right solution is simply a matter of quantifying the value of the data the solutions protect and calculating the Return on Investment (ROI).

The reality of CDP is that it has not lived up to the buzz it generated. This is not because the promise of CDP isn't appealing to customers but because CDP, as narrowly defined by industry organisations, was not permitted the opportunity to integrate with other data protection and recovery capabilities. A hybrid solution combines the best of CDP with the best of continuous data replication and application availability while keeping costs down. Successful vendors will continue to build CDP into their products where it is appropriate and successful IT organisations will learn to use the technology in a way that best addresses all of its recovery goals while staying within budget and without sacrificing capabilities.
Double-Take Software will be exhibiting at the Business Continuity Expo and Conference held at Excel Docklands from 2- 3rd April 2008 - the UK's definitive event for managing risk, resilience and recovery. This event will explore the solutions and best practice to ensure operational continuity and protect a company's interests before during and after an incident.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo