The Storage Networking Industry Association’s CDP group defines continuous data protection and explains the potential benefits.
By David Hill and Dan Tanner
Your cell phone rings or you get urgent e-mail. A crucial application is no longer working. Your IT response team springs into action. The problem turns out not to be hardware-related (e.g., servers, network, or storage). Instead, it’s a data-corruption problem. That logical operational problem may have many root causes, such as database corruption, virus, or human error (accidental deletion of files), among others.
How do you get the application back online quickly and minimize the loss of data? Mirroring will not help because the mirror copy will also be corrupted. Snapshots may help, but they have limitations. The answer typically is to attempt to restore from tape. However, that process could take hours or days, and there is always a risk that the restoration process will not succeed.
An alternative is continuous data protection (CDP), an emerging data-protection technology.
Get to the point (in time)
CDP meets the need to respond to unauthorized or unintended changes to data (i.e., logical data-protection problems). This is in contrast to data-protection technologies, such as RAID, that protect the physical storage from loss of data. The goals of a CDP implementation (such as an appliance combining CDP software with a disk storage system) as compared to alternatives are the following:
- Higher availability of the data for an application through faster restoration;
- Reduction in the amount of data that is at risk; and
- Reduction in the risk of restoration process failure.
The Storage Networking Industry Association’s (SNIA’s) CDP Special Interest Group’s (SIG) working definition for continuous data protection is “a methodology that continuously captures or tracks data modifications and stores changes independent of the primary data, enabling recovery points from any point in the past. CDP systems may be block-, file-, or application-based and can provide fine granularities of restorable objects to infinitely variable recovery points.”
The key to CDP is the ability to recover to Any Point In Time (APIT), which “refers to the ability to access or re-create the exact data state as it existed at any previous point in time,” according to the SNIA’s CDP SIG definition. CDP software is able to do that by capturing the latest transaction or journal log results on a continuous basis. Thus, the ability to determine the exact restoration point does not require a priori or pre-determined knowledge, but rather the ability to create a consistent copy of data at any post hoc time.
Do not confuse with…
Although mirroring provides continuous protection from physical storage-related problems, mirroring does not provide logical data protection. Although physical data protection is not its primary purpose, a CDP appliance also provides physical and as well as logical data protection.
Snapshots are a way to create a copy of data at a single point in time. A snapshot is a useful way to instantly restore to a pre-determined point in time. The problem is that a pre-determined point in time may still have the data-corruption problem. A way around this is to take a lot of snapshots at frequent intervals. However, the problem with this approach lies in finding the exact snapshot just before the corruption took place. Snapshots are like looking at a series of photographs and trying to pick out the right one; in contrast, CDP is like rewinding a video to find an exact point.
Similarly, disk-based backup is not an alternative to CDP. A disk-based virtual tape library (VTL), for example, can improve the restoration process compared to tape-based restoration. A VTL might halve the restoration time, but that time is still measured in hours or days whereas with CDP restoration is measured in seconds or minutes.
One thing that is good about synchronous remote mirroring is that it not only provides continuous physical data protection, but it also provides continuous physical data availability. CDP provides continuous data protection, but does not guarantee continuous data availability. A physical hardware problem can be detected electronically and a fail-over initiated nearly instantaneously. However, for a logical problem the time between when the problem is detected and the time that it occurred may be separated in time by minutes, hours, or even longer.
A logical data problem is a mystery that needs to be solved. The mystery is not only about whodunit (i.e., the cause of the problem), but also when did the problem occur, what is the correct time to restore to, and what are the consequences of taking any corrective actions. An IT administrator does not need a crime laboratory, but a CDP tool should provide the software technology to ease and speed up this process by presenting the options in a way that is easily interpretable.
As noted in the SNIA CDP SIG definition, a CDP system can be either block-, file-, or application-based. All three CDP flavors are available today from a number of vendors.
According to the CDP SIG, block-based CDP operates at the block level of logical devices. As data blocks are written to primary storage, copies of the writes are stored and managed by the CDP system. Conversely, file-based CDP operates at the file level. All changes to files and file metadata are stored and managed by the CDP system. Finally, application-based CDP captures changes to application objects (such as e-mails or contacts) directly, recording all details about their creation, modification, or deletion.
CDP systems can be general-purpose (e.g., they can provide protection to both database and file-based applications) or they can be more application-focused (e.g., e-mail).
A few examples can illustrate the importance of CDP. For instance, a large healthcare provider uses CDP for patient record data (including life-critical hospital admission information) as well as financial data. The existing backup/restore process simply did not work; a fundamental change-not just improvement-was needed and CDP filled the bill.
In another case, an insurance company found out that it could not recover data from a tape restore after a data-corruption problem occurred. The price to correct the problem was $50,000, but that and the operational pain to bring temporaries in to re-create the data are only what the company saw. What about the customer dissatisfaction and potential loss of future business as well? A CDP system would have eliminated the cost, the operational pain, and any potential customer dissatisfaction.
Whether CDP is something that an IT organization should consider today depends on the balance of problem risk (how much pain the organization is currently experiencing) with product risk (how much tolerance the organization has for newer software products). But even if CDP is not a methodology that an IT organization needs to adopt today, most would be well-served by evaluating the potential benefits of CDP, as well as the various options.
David Hill and Dan Tanner are members of the Storage Networking Industry Association’s CDP SIG. For more information, visit www.snia.org.
SNIA CDP SIG founding members
|Hitachi Data Systems||InMage|
Additional members of the SNIA CDP SIG include Computer Associates, Diligent Technologies, Hewlett-Packard, IBM, PowerQuest, Quantum, STORServer, and StorageTek.