Data protection management (DPM) software provides visibility into, and control over, backup-and-recovery operations.
By Brad O’Neill
Taneja Group’s surveys of data-protection professionals across a variety of industries have left us with one frightening insight: Visibility and control over backup-and-restore operations remains consistently poor for a majority of enterprises. Despite a plethora of new technologies, most IT shops still have very poor visibility and control over how and why their data-protection environment behaves the way it does. For example, in most data centers, backup success/failure rates, job durations, and data recoverability are rarely measured or monitored in a granular fashion.
The culprits for these poor data-protection controls are well-known: high growth rates, stressed administrators, heterogeneous deployments, and aging technologies. A data-protection manager at a global marketing services firm who was asked about backup visibility said: “Our team is so busy plugging holes in the dam, we can’t even think about getting a strategic view into the root causes of our problems. It would be comical if it weren’t so scary.”
How can it be that storage professionals still cannot solve their visibility and control issues in backup-and-restore operations? Ultimately, it is because data-protection visibility and control are dependent on a process-level perspective, and to date most end-user interest in data protection has focused on product-level innovations. Unfortunately, it is impossible to solve a process-level problem by focusing on its constituent components. What is needed is a way to overlay process-level intelligence on top of the existing backup-and-restore infrastructure. In short, we need infrastructure-wide, granular visibility and controls over the processes of backup and restore. Without that level of workflow control, many of the challenges will persist because IT teams will have no way of pinpointing problems or planning effectively.
Luckily, a number of vendors have been addressing this problem for the past several years and are now hitting the market with a range of software solutions aimed squarely at addressing the process-level challenges of data protection. The Taneja Group defines this category of advanced backup monitoring/reporting tools as data protection management (DPM). This article provides an overview of DPM solutions, the relative maturity of the functionality, and emerging technologies that are driving this market.
What it does
Fortunately for end users evaluating DPM solutions, there is general agreement among vendors regarding the basic parameters and functionality that define this category. All DPM solutions provide insight into and control over data-protection processes. Their common goal is to give the IT team new information about how their backup-and-recovery operations are functioning, thereby enabling them to build a more strategic infrastructure. DPM solutions share the following:
- Utilize agent-less data capture across all protected hosts;
- Integrate with existing backup infrastructure;
- Generate custom reports for all backup/restore processes;
- Support heterogeneous backup applications and devices; and
- Provide centralized views of all backup/restore processes.
The Taneja Group breaks down the DPM category into functional elements and impact levels within the infrastructure (see figure). By examining the functionality and relative maturity of these elements, users evaluating DPM technologies will have a better sense of how to compare capabilities between various products. DPM functional elements include
Data collection (status: well-established)-All DPM software gathers real-time and historical information about the data-protection environment. This may extend to include direct data collection from logs, applications, server devices, and network elements.
Reporting (status: well-established)-After collecting data, DPM software can generate a range of reports about the current and historical status of data-protection operations. These reports can be configured in a variety of ways, including by device ownership, backup applications, business units, etc. To date, this has been the baseline functionality expected from products in this category. Reporting is the fundamental means of providing insight into the data-protection environment.
Trending and analytics (status: available, still maturing)-After basic reporting on the status of various data-protection operations, it is useful to understand how current behaviors and operations will impact the future. This is the goal of trending and analytics. In its most basic form, trending includes historical analysis with basic algorithms applied to future projections. In more-advanced cases, this analytical capability predicts more-complex requirements in the environment (e.g., potential configuration changes or dangers) based on advanced algorithms. Basic trending is available today from most DPM vendors. The development of advanced analytics engines will receive substantial attention over the next year.
Service levels/policy validation (status: available, still maturing)-Once an organization has basic visibility into its data-protection processes, it is possible to begin granular measurement of those operations against set policies, standards, or goals. In the data-protection world today, Taneja Group has found that almost 70% of companies do not have established service level capabilities vis a vis data protection. This is still an emerging requirement. Some DPM vendors today provide basic SLA management functionality, but the potential for development in this area is still significant. Service level-centric management is the key to optimizing data-protection processes and including data protection within storage utility initiatives. (Chargeback functionality is also included in this bucket, and is already available from many vendors.) The DPM players that develop adaptable frameworks to increase SLA and policy capabilities will be able to create product differentiation.
Process optimizing (status: rudimentary)-This is the ultimate evolution of DPM, which will emerge over the next two years. Process optimization refers to the ability to provide corrective and pre-emptive actions regarding process-level controls over the entire data-protection environment. This means leveraging a range of data collection, analytic, and service level controls to proactively tell what precise deployment, configuration, or methodological actions need to be taken to optimize data protection. Ultimately, process optimization will be based on libraries of actual “best-practice” deployments across many customer installations. While few organizations are ready for this technology today, its emergence is inevitable. Process optimization will be driven by a confluence of new data-protection technologies, compliance pressure, change management challenges, and demand for storage return on investment (ROI). Without the ability to provide proactive insights into data-protection workflow, many organizations will not be able to make the right business or technology decisions. In short, they will be right back where they are today, only with even greater complexity.
DP workflow automation (status: rudimentary)-Unique among the DPM functional elements, data-protection workflow automation spans all of the elements. A workflow-based approach to management software means that users can create and manage events with a built-in knowledge regarding how a given event will impact the entire data-protection cycle. That perspective then enables workflow modeling, where shifts in one part of the lifecycle can be traced through the entire process based on set parameters.
For example, with a workflow-based approach, a DPM solution is not merely reporting or creating policies, but doing so in such a way that administrators can see (and model) how any future failure event within the infrastructure will cascade into “downstream” failures in the areas of compliance SLAs not being met, security issues being violated, media management procedures being threatened, etc. A workflow perspective also allows more-advanced modeling.
Workflow forces a systemic management approach to all of the technologies and components involved in a data-protection infrastructure. This capability already exists in some DPM products today in a very basic sense (e.g., linking alerts and SLA thresholds to basic policies), but workflow automation will become an increasingly critical element of DPM reporting tools in the next 24 months.
DPM impact levels
The following are brief descriptions of the levels of the infrastructure that DPM either impacts today or will impact in the future as functionality expands:
Physical and device actions (status: well-established)-This is the most basic level of functionality for DPM products. The software must have direct insight into heterogeneous media servers, backup software, target devices, network resources, protected hosts, and in some cases, their applications. There are varying levels that DPM software drills down to when interacting with, controlling, or reporting on physical devices (e.g., specific drive-level information or application data).
Discrete data-protection operations (status: well-established)-Above the level of interacting with physical devices, DPM solutions look at how groups of devices interact to provide a complete, discrete operation (e.g., a backup job or restore). This is the first level of complexity that distinguishes DPM from product-specific backup reporting tools. The ability to look across heterogeneous devices at multiple levels within the infrastructure is the defining element of current DPM capabilities. It is the foundation of being able to report on multiple backup job successes, failures, and potential problem areas.
Data-protection infrastructure operations and processes (status: established)-A key for any future DPM solution is the ability to scale discrete data-protection operations across an enterprise (in other words, to become a true infrastructure-wide tool). DPM must encompass all elements in the data-protection environment, and in so doing provide intelligence to a range of other infrastructure processes and operations in the application and network spaces. Without an infrastructure-wide view, the software will not be able to achieve the next impact level, which is focused on business processes.
Business processes (status: still forming)-Over the next 24 months, vendors will integrate directly with various business processes within the enterprise. This includes areas such as compliance, corporate governance, advanced change management, and seamless support for various business operations such as consolidation, M&A, and outsourcing. For data protection to participate at this level with business processes, it requires high levels of abstraction from the IT infrastructure itself. In turn, abstraction requires templates, policies, and service levels, as well as selective automation. The first area where this will occur is in compliance management. The learning that takes place as a result of compliance will then feed into ongoing business process integration across a range of areas. Once business processes are aligned with DPM, views of the entire organization through a data-protection lens are possible. For example, a CEO may simply want to see that data-protection processes “happen or do not happen” according to set goals.
The field of competitors in the DPM space is growing rapidly. Over the past 12 months, the market has exploded as new vendors have identified niches. While all of the vendors generally approach DPM category as described above, each vendor has unique market positioning and approaches. Examples of DPM vendors, most of which focus on medium/large enterprises, include the following:
Aptare-Provides comprehensive, real-time DPM tools targeting Veritas NetBackup environments. A strategic relationship with Hitachi Data Systems lends global reach and credibility.
Bocada-First mover in the DPM space. Well-developed SLA management and a focus on deep process integration. High scalability validated by a strategic relationship with IBM Global Services.
Crosswalk-A relatively new entrant focused on bringing easy-to-use, low-cost, scalable DPM solutions to the untapped SMB market. DPM is integrated into the company’s SRM suite.
Illuminator-A uniquely positioned entrant pioneering advanced application recoverability in addition to traditional DPM capabilities. Enables enterprises to measure and manage the precise recoverability of applications.
ServerGraph-Early DPM vendor, acquired by Rocket Software in 2004. A new emphasis on compliance modules in addition to traditional DPM.
Tek-Tools-Longtime SRM vendor now expanding product-level backup management into cost-effective DPM solutions.
WysDM Software-Emerging vendor with unique cross-domain analysis and predictive capabilities. OEM relationship with EMC signals future growth prospects.
Trends for 2006
The status of DPM in 2006 will leave much work yet to be accomplished. It is important to note that while each of the competitors is trying to identify a market niche, most end-user interest in DPM products still stems from the “well-established” functionality elements of success/failure reporting, basic SLAs, and trending analysis. This addresses the basic needs of enterprises today, but we expect the sophistication and requirements for DPM to rapidly expand in 2006. To that end, recent announcements regarding various vendors’ compliance modules, as well as application integration for databases, bode well for the category’s maturation. In 2006, we expect to see the following developments:
- Application recovery management-One of the more exciting areas for DPM in 2006 will be tighter, more seamless integration with the top-level application tier. Within 12 months, DPM software will be able to define, visualize, and manage the recovery status of any application in the infrastructure;
- Better trending and analytical tools-While current products rely primarily on historical data to create trending reports, in 2006 some vendors will add more “intelligence” to their trending and analysis functionality. This advance will require cross-domain integration for data protection, encompassing storage devices, backup applications, network elements, and top-level applications. As a result, users will be able to model basic changes to their environment and monitor potential implications to the data-protection infrastructure up and down the stack; and
- More sophisticated SLA and policy authoring-While many vendors support complex policy customization today, these services will become much more detailed and automated in 2006. Most of the vendors are creating automated SLA or policy management tools that bring business-level management intelligence directly into the data-protection infrastructure.
If the past 12 months of developments are any indication, 2006 should be the “coming-of-age” year for DPM. As a result, we expect most major tier-one storage providers to partner, resell, or acquire in this market. We’ve reached the point in the evolution of data protection where insight and visibility are no longer a luxury, but a necessity.
Brad O’Neill is a senior analyst and consultant with the Taneja Group research and consulting firm (www.tanejagroup.com).
Representative DPM vendors
WysDM Software (www.wysdm.com)